diff --git a/src/plugins/aorai/tests/Aorai_test.ml b/src/plugins/aorai/tests/Aorai_test.ml
index d1983c67d2f88f51b97462724abe4b3b9e3d6bcf..1b2243f3b54ac8ccb28c8e6a772d59e5448745d0 100644
--- a/src/plugins/aorai/tests/Aorai_test.ml
+++ b/src/plugins/aorai/tests/Aorai_test.ml
@@ -91,8 +91,10 @@ let extend () =
Wp.Wp_parameters.Share.set (InternalWpShare.get());
Wp.Wp_parameters.Verbose.set 0;
Globals.Functions.iter check_auto_func;
+ Report.Register.print ();
+ end else begin
+ File.pretty_ast ();
end;
- File.pretty_ast ();
ok:=true (* no error, we can erase the file *)
in
Db.Toplevel.run := myrun
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/assigns.0.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/assigns.0.res.oracle
index 0df1f87a75a68d878c491ed2b6f6d445365d6caf..bf0900f85f91d188a9b51f3b85a8f8cbc4398425 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/assigns.0.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/assigns.0.res.oracle
@@ -1,354 +1,167 @@
[kernel] Parsing tests/aorai/assigns.c (with preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_assigns0.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_f_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_f_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_f_post_func_post : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_in_main_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_in_main_in_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_S_in_f_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_f_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_f_pre_func_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_S_in_f_in_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_in_main_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_S_in_f_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S2_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_in_main_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S_in_f_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S_in_f_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_in_main_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_Sf_in_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_f = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-int X;
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int S1 = 1; */
-/*@ ghost int S2 = 0; */
-/*@ ghost int S_in_f = 0; */
-/*@ ghost int Sf = 0; */
-/*@ ghost int in_main = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_f;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, S_in_f, Sf,
- in_main;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_out:
- ensures 0 ≡ S2;
-
- behavior buch_state_S_in_f_in:
- assumes 1 ≡ Sf;
- ensures 1 ≡ S_in_f;
-
- behavior buch_state_S_in_f_out:
- assumes 0 ≡ Sf;
- ensures 0 ≡ S_in_f;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_in_main_out:
- ensures 0 ≡ in_main;
- */
-void f_pre_func(void)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int S_in_f_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int in_main_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_f;
- S1_tmp = S1;
- S2_tmp = S2;
- S_in_f_tmp = S_in_f;
- Sf_tmp = Sf;
- in_main_tmp = in_main;
- in_main_tmp = 0;
- Sf_tmp = 0;
- if (Sf == 1) S_in_f_tmp = 1; else S_in_f_tmp = 0;
- S2_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- S_in_f = S_in_f_tmp;
- Sf = Sf_tmp;
- in_main = in_main_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_assigns_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires
- 1 ≡ S_in_f ∧ 0 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ Sf ∧ 0 ≡ in_main;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_f;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, S_in_f, Sf,
- in_main;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_out:
- ensures 0 ≡ S2;
-
- behavior buch_state_S_in_f_out:
- ensures 0 ≡ S_in_f;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_in_main_in:
- assumes 1 ≡ S_in_f;
- ensures 1 ≡ in_main;
-
- behavior buch_state_in_main_out:
- assumes 0 ≡ S_in_f;
- ensures 0 ≡ in_main;
- */
-void f_post_func(void)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int S_in_f_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int in_main_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_f;
- S1_tmp = S1;
- S2_tmp = S2;
- S_in_f_tmp = S_in_f;
- Sf_tmp = Sf;
- in_main_tmp = in_main;
- if (S_in_f == 1) in_main_tmp = 1; else in_main_tmp = 0;
- Sf_tmp = 0;
- S_in_f_tmp = 0;
- S2_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- S_in_f = S_in_f_tmp;
- Sf = Sf_tmp;
- in_main = in_main_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ Sf ∧ 0 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ S_in_f ∧ 0 ≡ in_main;
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ S_in_f ∧ 0 ≡ Sf;
- ensures 1 ≡ in_main;
- */
-void f(void)
-{
- f_pre_func();
- X ++;
- f_post_func();
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_assigns_0.i, line 35)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_assigns_0.i, line 36)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_assigns_0.i, line 41)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_assigns_0.i, line 44)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_in_f_in' (file /tmp/aorai_assigns_0.i, line 48)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_in_f_out' (file /tmp/aorai_assigns_0.i, line 52)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_assigns_0.i, line 55)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_in_main_out' (file /tmp/aorai_assigns_0.i, line 58)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_assigns_0.i, line 37)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S_in_f_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S_in_f_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_in_main_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, S_in_f, Sf,
- in_main;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_out:
- ensures 0 ≡ S2;
-
- behavior buch_state_S_in_f_out:
- ensures 0 ≡ S_in_f;
-
- behavior buch_state_Sf_in:
- assumes 1 ≡ S1;
- ensures 1 ≡ Sf;
-
- behavior buch_state_Sf_out:
- assumes 0 ≡ S1;
- ensures 0 ≡ Sf;
-
- behavior buch_state_in_main_out:
- ensures 0 ≡ in_main;
- */
-void main_pre_func(void)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int S_in_f_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int in_main_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- S1_tmp = S1;
- S2_tmp = S2;
- S_in_f_tmp = S_in_f;
- Sf_tmp = Sf;
- in_main_tmp = in_main;
- in_main_tmp = 0;
- if (S1 == 1) Sf_tmp = 1; else Sf_tmp = 0;
- S_in_f_tmp = 0;
- S2_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- S_in_f = S_in_f_tmp;
- Sf = Sf_tmp;
- in_main = in_main_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ in_main ∧ 0 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ S_in_f ∧ 0 ≡ Sf;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, S_in_f, Sf,
- in_main;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_in:
- assumes 1 ≡ in_main;
- ensures 1 ≡ S2;
-
- behavior buch_state_S2_out:
- assumes 0 ≡ in_main;
- ensures 0 ≡ S2;
-
- behavior buch_state_S_in_f_out:
- ensures 0 ≡ S_in_f;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_in_main_out:
- ensures 0 ≡ in_main;
- */
-void main_post_func(int res)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int S_in_f_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int in_main_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- S1_tmp = S1;
- S2_tmp = S2;
- S_in_f_tmp = S_in_f;
- Sf_tmp = Sf;
- in_main_tmp = in_main;
- in_main_tmp = 0;
- Sf_tmp = 0;
- S_in_f_tmp = 0;
- if (in_main == 1) S2_tmp = 1; else S2_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- S_in_f = S_in_f_tmp;
- Sf = Sf_tmp;
- in_main = in_main_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_assigns_0.i, line 92)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_assigns_0.i, line 93)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_assigns_0.i, line 98)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_assigns_0.i, line 101)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_in_f_out' (file /tmp/aorai_assigns_0.i, line 104)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_assigns_0.i, line 107)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_in_main_in' (file /tmp/aorai_assigns_0.i, line 111)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_in_main_out' (file /tmp/aorai_assigns_0.i, line 115)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_assigns_0.i, line 94)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S_in_f_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_in_main_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_in_main_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ S_in_f ∧ 0 ≡ Sf ∧ 0 ≡ in_main;
- assigns X, aorai_CurOpStatus, aorai_CurOperation, S1, S2, S_in_f, Sf,
- in_main;
-
- behavior foo:
- assigns X, aorai_CurOpStatus, aorai_CurOperation, S1, S2, S_in_f, Sf,
- in_main;
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ S1 ∧ 0 ≡ S_in_f ∧ 0 ≡ Sf ∧ 0 ≡ in_main;
- ensures 1 ≡ S2;
- */
-int main(void)
-{
- main_pre_func();
- /*@ assigns X; */
- X ++;
- /*@ assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, S_in_f, Sf,
- in_main, X;
- */
- f();
- main_post_func(X);
- return X;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f'
+--------------------------------------------------------------------------------
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_assigns_0.i, line 162)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_assigns_0.i, line 163)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_assigns_0.i, line 168)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_assigns_0.i, line 171)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_in_f_out' (file /tmp/aorai_assigns_0.i, line 174)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_in' (file /tmp/aorai_assigns_0.i, line 178)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_assigns_0.i, line 182)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_in_main_out' (file /tmp/aorai_assigns_0.i, line 185)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_assigns_0.i, line 164)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S_in_f_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_in_main_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_assigns_0.i, line 219)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_assigns_0.i, line 220)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_assigns_0.i, line 225)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_in' (file /tmp/aorai_assigns_0.i, line 229)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_assigns_0.i, line 233)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_in_f_out' (file /tmp/aorai_assigns_0.i, line 236)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_assigns_0.i, line 239)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_in_main_out' (file /tmp/aorai_assigns_0.i, line 242)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_assigns_0.i, line 221)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S_in_f_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_in_main_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 65 Completely validated
+ 65 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/assigns.1.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/assigns.1.res.oracle
index 41e6f16bbda7da4b391df70936a88a0c36a6d7aa..2fa5ba8ad6eda99ada4e3d66ab973a74fde93e36 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/assigns.1.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/assigns.1.res.oracle
@@ -1,242 +1,168 @@
[kernel] Parsing tests/aorai/assigns.c (with preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_assigns1.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_f_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_f_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_f_post_func_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_in_main_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_f_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_f_pre_func_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S_in_f_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part3 : Valid
-/* Generated by Frama-C */
-enum aorai_States {
- aorai_reject_state = -2,
- S1 = 0,
- S2 = 1,
- S_in_f = 2,
- Sf = 3,
- in_main = 4
-};
-enum aorai_ListOper {
- op_f = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@ lemma in_main_deterministic_trans{L}: \true;
- */
-/*@ lemma Sf_deterministic_trans{L}: \true;
- */
-/*@ lemma S_in_f_deterministic_trans{L}: \true;
- */
-/*@ lemma S2_deterministic_trans{L}: \true;
- */
-/*@ lemma S1_deterministic_trans{L}: \true;
- */
-int X;
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int aorai_CurStates = S1; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_f;
- assigns aorai_CurOpStatus, aorai_CurOperation, aorai_CurStates;
-
- behavior buch_state_S1_out:
- ensures aorai_CurStates ≢ S1;
-
- behavior buch_state_S2_out:
- ensures aorai_CurStates ≢ S2;
-
- behavior buch_state_S_in_f_in:
- assumes aorai_CurStates ≡ Sf;
- ensures aorai_CurStates ≡ S_in_f;
-
- behavior buch_state_S_in_f_out:
- assumes aorai_CurStates ≢ Sf;
- ensures aorai_CurStates ≢ S_in_f;
-
- behavior buch_state_Sf_out:
- ensures aorai_CurStates ≢ Sf;
-
- behavior buch_state_in_main_out:
- ensures aorai_CurStates ≢ in_main;
- */
-void f_pre_func(void)
-{
- /*@ ghost int aorai_CurStates_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_f;
- aorai_CurStates_tmp = aorai_CurStates;
- if (3 == aorai_CurStates) aorai_CurStates_tmp = S_in_f;
- aorai_CurStates_tmp = aorai_CurStates;
- return;
-}
+[kernel] Parsing /tmp/aorai_assigns_1.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires aorai_CurStates ≡ S_in_f;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_f;
- assigns aorai_CurOpStatus, aorai_CurOperation, aorai_CurStates;
-
- behavior buch_state_S1_out:
- ensures aorai_CurStates ≢ S1;
-
- behavior buch_state_S2_out:
- ensures aorai_CurStates ≢ S2;
-
- behavior buch_state_S_in_f_out:
- ensures aorai_CurStates ≢ S_in_f;
-
- behavior buch_state_Sf_out:
- ensures aorai_CurStates ≢ Sf;
-
- behavior buch_state_in_main_in:
- assumes aorai_CurStates ≡ S_in_f;
- ensures aorai_CurStates ≡ in_main;
-
- behavior buch_state_in_main_out:
- assumes aorai_CurStates ≢ S_in_f;
- ensures aorai_CurStates ≢ in_main;
- */
-void f_post_func(void)
-{
- /*@ ghost int aorai_CurStates_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_f;
- aorai_CurStates_tmp = aorai_CurStates;
- if (2 == aorai_CurStates) aorai_CurStates_tmp = in_main;
- aorai_CurStates_tmp = aorai_CurStates;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires aorai_CurStates ≡ Sf;
-
- behavior Buchi_property_behavior:
- ensures aorai_CurStates ≡ in_main;
- */
-void f(void)
-{
- f_pre_func();
- X ++;
- f_post_func();
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_assigns_1.i, line 49)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_assigns_1.i, line 50)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_assigns_1.i, line 54)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_assigns_1.i, line 57)
+ tried with Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_in_f_in' (file /tmp/aorai_assigns_1.i, line 61)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_S_in_f_out' (file /tmp/aorai_assigns_1.i, line 65)
+ tried with Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_assigns_1.i, line 68)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_in_main_out' (file /tmp/aorai_assigns_1.i, line 71)
+ tried with Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_assigns_1.i, line 51)
+ by Wp.typed.
+[ - ] Behavior 'buch_state_S1_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_S2_out'
+ tried with Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S_in_f_in'
+ by Frama-C kernel.
+[ - ] Behavior 'buch_state_S_in_f_out'
+ tried with Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ - ] Behavior 'buch_state_in_main_out'
+ tried with Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, aorai_CurStates;
-
- behavior buch_state_S1_out:
- ensures aorai_CurStates ≢ S1;
-
- behavior buch_state_S2_out:
- ensures aorai_CurStates ≢ S2;
-
- behavior buch_state_S_in_f_out:
- ensures aorai_CurStates ≢ S_in_f;
-
- behavior buch_state_Sf_in:
- assumes aorai_CurStates ≡ S1;
- ensures aorai_CurStates ≡ Sf;
-
- behavior buch_state_Sf_out:
- assumes aorai_CurStates ≢ S1;
- ensures aorai_CurStates ≢ Sf;
-
- behavior buch_state_in_main_out:
- ensures aorai_CurStates ≢ in_main;
- */
-void main_pre_func(void)
-{
- /*@ ghost int aorai_CurStates_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- aorai_CurStates_tmp = aorai_CurStates;
- if (0 == aorai_CurStates) aorai_CurStates_tmp = Sf;
- aorai_CurStates_tmp = aorai_CurStates;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f_post_func'
+--------------------------------------------------------------------------------
-/*@ requires aorai_CurStates ≡ in_main;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, aorai_CurStates;
-
- behavior buch_state_S1_out:
- ensures aorai_CurStates ≢ S1;
-
- behavior buch_state_S2_in:
- assumes aorai_CurStates ≡ in_main;
- ensures aorai_CurStates ≡ S2;
-
- behavior buch_state_S2_out:
- assumes aorai_CurStates ≢ in_main;
- ensures aorai_CurStates ≢ S2;
-
- behavior buch_state_S_in_f_out:
- ensures aorai_CurStates ≢ S_in_f;
-
- behavior buch_state_Sf_out:
- ensures aorai_CurStates ≢ Sf;
-
- behavior buch_state_in_main_out:
- ensures aorai_CurStates ≢ in_main;
- */
-void main_post_func(int res)
-{
- /*@ ghost int aorai_CurStates_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- aorai_CurStates_tmp = aorai_CurStates;
- if (4 == aorai_CurStates) aorai_CurStates_tmp = S2;
- aorai_CurStates_tmp = aorai_CurStates;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_assigns_1.i, line 88)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_assigns_1.i, line 89)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_assigns_1.i, line 93)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_assigns_1.i, line 96)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_in_f_out' (file /tmp/aorai_assigns_1.i, line 99)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_assigns_1.i, line 102)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_in_main_in' (file /tmp/aorai_assigns_1.i, line 106)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_in_main_out' (file /tmp/aorai_assigns_1.i, line 110)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_assigns_1.i, line 90)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S_in_f_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_in_main_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_in_main_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires aorai_CurStates ≡ S1;
- assigns X, aorai_CurOpStatus, aorai_CurOperation, aorai_CurStates;
-
- behavior foo:
- assigns X, aorai_CurOpStatus, aorai_CurOperation, aorai_CurStates;
-
- behavior Buchi_property_behavior:
- ensures aorai_CurStates ≡ S2;
- */
-int main(void)
-{
- main_pre_func();
- /*@ assigns X; */
- X ++;
- /*@ assigns aorai_CurOpStatus, aorai_CurOperation, aorai_CurStates, X; */
- f();
- main_post_func(X);
- return X;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f'
+--------------------------------------------------------------------------------
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_assigns_1.i, line 139)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_assigns_1.i, line 140)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_assigns_1.i, line 144)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_assigns_1.i, line 147)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_S_in_f_out' (file /tmp/aorai_assigns_1.i, line 150)
+ tried with Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_in' (file /tmp/aorai_assigns_1.i, line 154)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_assigns_1.i, line 158)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_in_main_out' (file /tmp/aorai_assigns_1.i, line 161)
+ tried with Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_assigns_1.i, line 141)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ - ] Behavior 'buch_state_S2_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_S_in_f_out'
+ tried with Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_in'
+ by Frama-C kernel.
+[ - ] Behavior 'buch_state_Sf_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_in_main_out'
+ tried with Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_assigns_1.i, line 178)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_assigns_1.i, line 179)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_assigns_1.i, line 183)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_in' (file /tmp/aorai_assigns_1.i, line 187)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_assigns_1.i, line 191)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_in_f_out' (file /tmp/aorai_assigns_1.i, line 194)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_assigns_1.i, line 197)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_in_main_out' (file /tmp/aorai_assigns_1.i, line 200)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_assigns_1.i, line 180)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S_in_f_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_in_main_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 49 Completely validated
+ 16 To be validated
+ 65 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/bts1289.0.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/bts1289.0.res.oracle
index 726f606bd8df59676839c74e39ef89ab6853eec4..5597a758be24131d4a67d208914a8965356e9e4f 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/bts1289.0.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/bts1289.0.res.oracle
@@ -1,108 +1,95 @@
[kernel] Parsing tests/aorai/bts1289.i (no preprocessing)
[aorai] Welcome to the Aorai plugin
-[aorai] warning: Call to main does not follow automaton's specification. This path is assumed to be dead
-[kernel] Parsing /tmp/aorai_bts12890.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_a_post_func_assign : Valid
-[wp] [Qed] Goal typed_a_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_a_post_func_post : Valid
-[wp] [Qed] Goal typed_a_pre_func_assign : Valid
-[wp] [Qed] Goal typed_a_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_a_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_a = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_a;
- assigns aorai_CurOpStatus, aorai_CurOperation;
- */
-void a_pre_func(void)
-{
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_a;
- return;
-}
+[aorai] Warning: Call to main does not follow automaton's specification. This path is assumed to be dead
+[kernel] Parsing /tmp/aorai_bts1289_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires \false;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_a;
- assigns aorai_CurOpStatus, aorai_CurOperation;
- */
-void a_post_func(void)
-{
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_a;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'a_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires \false; */
-void a(void)
-{
- a_pre_func();
- a_post_func();
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_bts1289_0.i, line 30)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_bts1289_0.i, line 31)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_out' (file /tmp/aorai_bts1289_0.i, line 35)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_bts1289_0.i, line 32)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation;
- */
-void main_pre_func(void)
-{
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'a_post_func'
+--------------------------------------------------------------------------------
-/*@ requires \false;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation;
- */
-void main_post_func(void)
-{
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_bts1289_0.i, line 52)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_bts1289_0.i, line 53)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_out' (file /tmp/aorai_bts1289_0.i, line 57)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_bts1289_0.i, line 54)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires \false; */
-void main(void)
-{
- int aorai_Loop_Init_16;
- int i;
- main_pre_func();
- i = 0;
- /*@ ghost aorai_Loop_Init_16 = 1; */
- aorai_loop_16:
- /*@ loop assigns i, aorai_Loop_Init_16, aorai_CurOpStatus,
- aorai_CurOperation;
- loop assigns aorai_Loop_Init_16 \from \nothing;
- */
- while (1) {
- if (! (i < 10)) goto while_0_break;
- /*@ ghost aorai_Loop_Init_16 = 0; */
- a();
- i ++;
- }
- while_0_break: ;
- main_post_func();
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'a'
+--------------------------------------------------------------------------------
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_bts1289_0.i, line 84)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_bts1289_0.i, line 85)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_out' (file /tmp/aorai_bts1289_0.i, line 89)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_bts1289_0.i, line 86)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_bts1289_0.i, line 106)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_bts1289_0.i, line 107)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_out' (file /tmp/aorai_bts1289_0.i, line 111)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_bts1289_0.i, line 108)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 26 Completely validated
+ 26 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/bts1289.1.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/bts1289.1.res.oracle
index fa9585a7fef59bf3913169f46ec40af9d92912ec..514afab4c5fb7faeb2cf870bc42a31866dbb959b 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/bts1289.1.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/bts1289.1.res.oracle
@@ -1,410 +1,182 @@
[kernel] Parsing tests/aorai/bts1289.i (no preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_bts12891.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_a_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_a_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_a_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_a_post_func_post : Valid
-[wp] [Qed] Goal typed_a_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_a_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_a_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_a_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_a_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_a_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_a_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_a_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_a_post_func_buch_state_S_in_post : Valid
-[wp] [Qed] Goal typed_a_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_a_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_a_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_a_post_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_a_post_func_buch_state_T_out_post : Valid
-[wp] [Qed] Goal typed_a_post_func_buch_state_T_in_post : Valid
-[wp] [Qed] Goal typed_a_post_func_buch_state_S_out_post : Valid
-[wp] [Qed] Goal typed_a_post_func_buch_state_init_out_post : Valid
-[wp] [Qed] Goal typed_a_post_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_a_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_a_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_a_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_a_pre_func_post : Valid
-[wp] [Qed] Goal typed_a_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_a_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_a_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_a_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_a_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_a_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_a_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_a_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_a_pre_func_buch_state_T_out_post : Valid
-[wp] [Qed] Goal typed_a_pre_func_buch_state_S_out_post : Valid
-[wp] [Qed] Goal typed_a_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_a_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_a_pre_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_a_pre_func_buch_state_aorai_intermediate_state_0_in_post : Valid
-[wp] [Qed] Goal typed_a_pre_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_a_pre_func_buch_state_aorai_intermediate_state_in_post : Valid
-[wp] [Qed] Goal typed_a_pre_func_buch_state_init_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_init_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_0_out____ : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_init_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_a = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int S = 0; */
-/*@ ghost int T = 0; */
-/*@ ghost int aorai_intermediate_state = 0; */
-/*@ ghost int aorai_intermediate_state_0 = 0; */
-/*@ ghost int init = 1; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_a;
- assigns aorai_CurOpStatus, aorai_CurOperation, S, T,
- aorai_intermediate_state, aorai_intermediate_state_0, init;
-
- behavior buch_state_S_out:
- ensures 0 ≡ S;
-
- behavior buch_state_T_out:
- ensures 0 ≡ T;
-
- behavior buch_state_aorai_intermediate_state_in:
- assumes 1 ≡ S;
- ensures 1 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_out:
- assumes 0 ≡ S;
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_in:
- assumes 1 ≡ T;
- ensures 1 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- assumes 0 ≡ T;
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_init_out:
- ensures 0 ≡ init;
- */
-void a_pre_func(void)
-{
- /*@ ghost int S_tmp; */
- /*@ ghost int T_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int init_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_a;
- S_tmp = S;
- T_tmp = T;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- init_tmp = init;
- init_tmp = 0;
- if (T == 1) aorai_intermediate_state_0_tmp = 1;
- else aorai_intermediate_state_0_tmp = 0;
- if (S == 1) aorai_intermediate_state_tmp = 1;
- else aorai_intermediate_state_tmp = 0;
- T_tmp = 0;
- S_tmp = 0;
- S = S_tmp;
- T = T_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- init = init_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_bts1289_1.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires
- (1 ≡ aorai_intermediate_state ∨ 1 ≡ aorai_intermediate_state_0) ∧
- 0 ≡ S ∧ 0 ≡ T ∧ 0 ≡ init;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_a;
- assigns aorai_CurOpStatus, aorai_CurOperation, S, T,
- aorai_intermediate_state, aorai_intermediate_state_0, init;
-
- behavior buch_state_S_in:
- assumes 1 ≡ aorai_intermediate_state_0;
- ensures 1 ≡ S;
-
- behavior buch_state_S_out:
- assumes 0 ≡ aorai_intermediate_state_0;
- ensures 0 ≡ S;
-
- behavior buch_state_T_in:
- assumes 1 ≡ aorai_intermediate_state;
- ensures 1 ≡ T;
-
- behavior buch_state_T_out:
- assumes 0 ≡ aorai_intermediate_state;
- ensures 0 ≡ T;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_init_out:
- ensures 0 ≡ init;
- */
-void a_post_func(void)
-{
- /*@ ghost int S_tmp; */
- /*@ ghost int T_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int init_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_a;
- S_tmp = S;
- T_tmp = T;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- init_tmp = init;
- init_tmp = 0;
- aorai_intermediate_state_0_tmp = 0;
- aorai_intermediate_state_tmp = 0;
- if (aorai_intermediate_state == 1) T_tmp = 1; else T_tmp = 0;
- if (aorai_intermediate_state_0 == 1) S_tmp = 1; else S_tmp = 0;
- S = S_tmp;
- T = T_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- init = init_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'a_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- (1 ≡ S ∨ 1 ≡ T) ∧ 0 ≡ aorai_intermediate_state ∧
- 0 ≡ aorai_intermediate_state_0 ∧ 0 ≡ init;
- requires 1 ≡ T ∨ 0 ≡ T;
- requires 1 ≡ S ∨ 0 ≡ S;
-
- behavior Buchi_behavior_in_0:
- assumes 1 ≡ S;
- ensures 1 ≡ T;
-
- behavior Buchi_behavior_in_1:
- assumes 1 ≡ T;
- ensures 1 ≡ S;
-
- behavior Buchi_behavior_out_0:
- assumes 0 ≡ T;
- ensures 0 ≡ S;
-
- behavior Buchi_behavior_out_1:
- assumes 0 ≡ S;
- ensures 0 ≡ T;
-
- behavior Buchi_behavior_out_2:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior Buchi_behavior_out_3:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior Buchi_behavior_out_4:
- ensures 0 ≡ init;
- */
-void a(void)
-{
- a_pre_func();
- a_post_func();
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_bts1289_1.i, line 34)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_bts1289_1.i, line 35)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_out' (file /tmp/aorai_bts1289_1.i, line 40)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T_out' (file /tmp/aorai_bts1289_1.i, line 43)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_in' (file /tmp/aorai_bts1289_1.i, line 47)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_bts1289_1.i, line 51)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_in' (file /tmp/aorai_bts1289_1.i, line 55)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_bts1289_1.i, line 59)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_init_out' (file /tmp/aorai_bts1289_1.i, line 62)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_bts1289_1.i, line 36)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S, T,
- aorai_intermediate_state, aorai_intermediate_state_0, init;
-
- behavior buch_state_S_in:
- assumes 1 ≡ init;
- ensures 1 ≡ S;
-
- behavior buch_state_S_out:
- assumes 0 ≡ init;
- ensures 0 ≡ S;
-
- behavior buch_state_T_out:
- ensures 0 ≡ T;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_init_out:
- ensures 0 ≡ init;
- */
-void main_pre_func(void)
-{
- /*@ ghost int S_tmp; */
- /*@ ghost int T_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int init_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- S_tmp = S;
- T_tmp = T;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- init_tmp = init;
- init_tmp = 0;
- aorai_intermediate_state_0_tmp = 0;
- aorai_intermediate_state_tmp = 0;
- T_tmp = 0;
- if (init == 1) S_tmp = 1; else S_tmp = 0;
- S = S_tmp;
- T = T_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- init = init_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'a_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ S ∧ 0 ≡ T ∧ 0 ≡ aorai_intermediate_state ∧
- 0 ≡ aorai_intermediate_state_0 ∧ 0 ≡ init;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S, T,
- aorai_intermediate_state, aorai_intermediate_state_0, init;
-
- behavior buch_state_S_in:
- assumes 1 ≡ S;
- ensures 1 ≡ S;
-
- behavior buch_state_S_out:
- assumes 0 ≡ S;
- ensures 0 ≡ S;
-
- behavior buch_state_T_out:
- ensures 0 ≡ T;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_init_out:
- ensures 0 ≡ init;
- */
-void main_post_func(void)
-{
- /*@ ghost int S_tmp; */
- /*@ ghost int T_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int init_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- S_tmp = S;
- T_tmp = T;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- init_tmp = init;
- init_tmp = 0;
- aorai_intermediate_state_0_tmp = 0;
- aorai_intermediate_state_tmp = 0;
- T_tmp = 0;
- if (S == 1) S_tmp = 1; else S_tmp = 0;
- S = S_tmp;
- T = T_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- init = init_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_bts1289_1.i, line 99)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_bts1289_1.i, line 100)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_in' (file /tmp/aorai_bts1289_1.i, line 106)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_out' (file /tmp/aorai_bts1289_1.i, line 110)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T_in' (file /tmp/aorai_bts1289_1.i, line 114)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T_out' (file /tmp/aorai_bts1289_1.i, line 118)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_bts1289_1.i, line 121)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_bts1289_1.i, line 124)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_init_out' (file /tmp/aorai_bts1289_1.i, line 127)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_bts1289_1.i, line 101)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ init ∧ 0 ≡ S ∧ 0 ≡ T ∧
- 0 ≡ aorai_intermediate_state ∧ 0 ≡ aorai_intermediate_state_0;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ T ∧ 0 ≡ aorai_intermediate_state ∧
- 0 ≡ aorai_intermediate_state_0 ∧ 0 ≡ init;
- ensures 1 ≡ S;
- */
-void main(void)
-{
- int aorai_Loop_Init_16;
- int i;
- main_pre_func();
- i = 0;
- /*@ ghost aorai_Loop_Init_16 = 1; */
- aorai_loop_16:
- /*@ loop invariant Aorai: 1 ≡ S ∨ 0 ≡ S;
- loop invariant Aorai: 1 ≡ T ∨ 0 ≡ T;
- loop invariant Aorai: 0 ≡ aorai_intermediate_state;
- loop invariant Aorai: 0 ≡ aorai_intermediate_state_0;
- loop invariant Aorai: 0 ≡ init;
- loop invariant Aorai: 1 ≡ S ∨ 1 ≡ T;
- loop invariant
- Aorai: aorai_Loop_Init_16 ≢ 0 ⇒ \at(1 ≡ init,Pre) ⇒ 0 ≡ T;
- loop assigns i, aorai_Loop_Init_16, aorai_CurOpStatus,
- aorai_CurOperation, S, T, aorai_intermediate_state,
- aorai_intermediate_state_0, init;
- loop assigns aorai_Loop_Init_16 \from \nothing;
- */
- while (1) {
- if (! (i < 10)) goto while_0_break;
- /*@ ghost aorai_Loop_Init_16 = 0; */
- a();
- i ++;
- }
- while_0_break: ;
- main_post_func();
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'a'
+--------------------------------------------------------------------------------
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_bts1289_1.i, line 198)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_bts1289_1.i, line 199)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_in' (file /tmp/aorai_bts1289_1.i, line 205)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_out' (file /tmp/aorai_bts1289_1.i, line 209)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T_out' (file /tmp/aorai_bts1289_1.i, line 212)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_bts1289_1.i, line 215)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_bts1289_1.i, line 218)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_init_out' (file /tmp/aorai_bts1289_1.i, line 221)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_bts1289_1.i, line 200)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_bts1289_1.i, line 257)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_bts1289_1.i, line 258)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_in' (file /tmp/aorai_bts1289_1.i, line 264)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_out' (file /tmp/aorai_bts1289_1.i, line 268)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T_out' (file /tmp/aorai_bts1289_1.i, line 271)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_bts1289_1.i, line 274)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_bts1289_1.i, line 277)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_init_out' (file /tmp/aorai_bts1289_1.i, line 280)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_bts1289_1.i, line 259)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 70 Completely validated
+ 70 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/declared_function.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/declared_function.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..b5da80c965c9347f4136781d4432c722c068041b
--- /dev/null
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/declared_function.res.oracle
@@ -0,0 +1,75 @@
+[kernel] Parsing tests/aorai/declared_function.i (no preprocessing)
+[aorai] Welcome to the Aorai plugin
+[kernel] Parsing /tmp/aorai_declared_function_0.i (no preprocessing)
+[kernel:annot:missing-spec] /tmp/aorai_declared_function_0.i:48: Warning:
+ Neither code nor specification for function f, generating default assigns from the prototype
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'f'
+--------------------------------------------------------------------------------
+
+[ - ] Assigns nothing
+ tried with Inferred annotations.
+[ - ] Froms (file /tmp/aorai_declared_function_0.i, line 2)
+ tried with Inferred annotations.
+[ - ] Default behavior
+ tried with Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_declared_function_0.i, line 63)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_declared_function_0.i, line 64)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_I_in' (file /tmp/aorai_declared_function_0.i, line 69)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_I_out' (file /tmp/aorai_declared_function_0.i, line 73)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_declared_function_0.i, line 65)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_I_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_I_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_declared_function_0.i, line 94)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_declared_function_0.i, line 95)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_I_in' (file /tmp/aorai_declared_function_0.i, line 100)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_I_out' (file /tmp/aorai_declared_function_0.i, line 104)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_declared_function_0.i, line 96)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_I_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_I_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 17 Completely validated
+ 3 To be validated
+ 20 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/deterministic.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/deterministic.res.oracle
index 336773a611b568b032e0f02be9029489b9ab720a..058f40effada474e9ff59d552c5a3def22f17bc9 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/deterministic.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/deterministic.res.oracle
@@ -1,595 +1,445 @@
[kernel] Parsing tests/aorai/deterministic.i (no preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_deterministic0.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_f_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_f_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_f_post_func_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_S3_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_S5_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_S4_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_Si_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_f_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_f_pre_func_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_g_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_g_post_func_post : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part3 : Valid
-[wp] [Alt-Ergo] Goal typed_g_post_func_buch_state_S0_out_post : Valid
-[wp] [Alt-Ergo] Goal typed_g_post_func_buch_state_S2_out_post : Valid
-[wp] [Alt-Ergo] Goal typed_g_post_func_buch_state_S1_out_post : Valid
-[wp] [Alt-Ergo] Goal typed_g_post_func_buch_state_S3_out_post : Valid
-[wp] [Alt-Ergo] Goal typed_g_post_func_buch_state_Sf_out_post : Valid
-[wp] [Alt-Ergo] Goal typed_g_post_func_buch_state_Si_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_g_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_g_pre_func_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S5_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S4_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S3_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_Si_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_Sf_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part3 : Valid
-[wp] Computing [100 goals...]
-[wp] [Qed] Goal typed_real_main_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_real_main_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_real_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_real_main_post_func_post : Valid
-[wp] [Qed] Goal typed_real_main_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_real_main_post_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_real_main_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_real_main_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_real_main_post_func_buch_state_S5_out_post : Valid
-[wp] [Qed] Goal typed_real_main_post_func_buch_state_S4_out_post : Valid
-[wp] [Qed] Goal typed_real_main_post_func_buch_state_S3_out_post : Valid
-[wp] [Qed] Goal typed_real_main_post_func_buch_state_Si_out_post : Valid
-[wp] [Qed] Goal typed_real_main_post_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_real_main_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_real_main_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_real_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_real_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_real_main_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_real_main_pre_func_assign_part3 : Valid
-/* Generated by Frama-C */
-enum aorai_States {
- aorai_reject_state = -2,
- S0 = 0,
- S1 = 1,
- S2 = 2,
- S3 = 3,
- S4 = 4,
- S5 = 5,
- Sf = 6,
- Si = 7
-};
-enum aorai_ListOper {
- op_f = 3,
- op_g = 2,
- op_main = 1,
- op_real_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@ lemma Si_deterministic_trans{L}: \true;
- */
-/*@ lemma Sf_deterministic_trans{L}: \true;
- */
-/*@ lemma S5_deterministic_trans{L}: \true;
- */
-/*@ lemma S4_deterministic_trans{L}: \true;
- */
-/*@ lemma S2_deterministic_trans{L}: \true;
- */
-int X;
-int Y;
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@
-lemma S3_deterministic_trans{L}:
- ∀ int x;
- ¬(\at(aorai_CurOperation,L) ≡ op_g ∧
- \at(aorai_CurOpStatus,L) ≡ aorai_Called ∧ x ≡ 5 ∧
- \at(aorai_CurOperation,L) ≡ op_g ∧
- \at(aorai_CurOpStatus,L) ≡ aorai_Called ∧ x ≡ 4);
- */
-/*@
-lemma S1_deterministic_trans{L}:
- ∀ int __retres_f, int x;
- ¬(\at(X,L) ≡ 5 ∧ \at(aorai_CurOperation,L) ≡ op_f ∧
- \at(aorai_CurOpStatus,L) ≡ aorai_Terminated ∧ __retres_f ≡ 0 ∧
- \at(aorai_CurOperation,L) ≡ op_f ∧
- \at(aorai_CurOpStatus,L) ≡ aorai_Called ∧ x ≡ 4);
- */
-/*@
-lemma S0_deterministic_trans{L}:
- ∀ int c;
- ¬(\at(aorai_CurOperation,L) ≡ op_real_main ∧
- \at(aorai_CurOpStatus,L) ≡ aorai_Called ∧ c ≢ 0 ∧
- \at(aorai_CurOperation,L) ≡ op_real_main ∧
- \at(aorai_CurOpStatus,L) ≡ aorai_Called ∧ c ≡ 0);
- */
-/*@ ghost int aorai_CurStates = Si; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_g;
- assigns aorai_CurOpStatus, aorai_CurOperation, aorai_CurStates;
-
- behavior buch_state_S0_out:
- ensures aorai_CurStates ≢ S0;
-
- behavior buch_state_S1_out:
- ensures aorai_CurStates ≢ S1;
-
- behavior buch_state_S2_out:
- ensures aorai_CurStates ≢ S2;
-
- behavior buch_state_S3_out:
- ensures aorai_CurStates ≢ S3;
-
- behavior buch_state_S4_in:
- assumes aorai_CurStates ≡ S3 ∧ x ≡ 4;
- ensures aorai_CurStates ≡ S4;
-
- behavior buch_state_S4_out:
- assumes aorai_CurStates ≢ S3 ∨ ¬(x ≡ 4);
- ensures aorai_CurStates ≢ S4;
-
- behavior buch_state_S5_in:
- assumes aorai_CurStates ≡ S3 ∧ x ≡ 5;
- ensures aorai_CurStates ≡ S5;
-
- behavior buch_state_S5_out:
- assumes aorai_CurStates ≢ S3 ∨ ¬(x ≡ 5);
- ensures aorai_CurStates ≢ S5;
-
- behavior buch_state_Sf_out:
- ensures aorai_CurStates ≢ Sf;
-
- behavior buch_state_Si_out:
- ensures aorai_CurStates ≢ Si;
- */
-void g_pre_func(int x)
-{
- /*@ ghost int aorai_CurStates_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_g;
- aorai_CurStates_tmp = aorai_CurStates;
- if (3 == aorai_CurStates)
- if (x == 5) aorai_CurStates_tmp = S5;
- if (3 == aorai_CurStates)
- if (x == 4) aorai_CurStates_tmp = S4;
- aorai_CurStates_tmp = aorai_CurStates;
- return;
-}
+[kernel] Parsing /tmp/aorai_deterministic_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires aorai_CurStates ≡ S4 ∨ aorai_CurStates ≡ S5;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_g;
- assigns aorai_CurOpStatus, aorai_CurOperation, aorai_CurStates;
-
- behavior buch_state_S0_out:
- ensures aorai_CurStates ≢ S0;
-
- behavior buch_state_S1_in:
- assumes aorai_CurStates ≡ S5;
- ensures aorai_CurStates ≡ S1;
-
- behavior buch_state_S1_out:
- assumes aorai_CurStates ≢ S5;
- ensures aorai_CurStates ≢ S1;
-
- behavior buch_state_S2_out:
- ensures aorai_CurStates ≢ S2;
-
- behavior buch_state_S3_in:
- assumes aorai_CurStates ≡ S4;
- ensures aorai_CurStates ≡ S3;
-
- behavior buch_state_S3_out:
- assumes aorai_CurStates ≢ S4;
- ensures aorai_CurStates ≢ S3;
-
- behavior buch_state_S4_out:
- ensures aorai_CurStates ≢ S4;
-
- behavior buch_state_S5_out:
- ensures aorai_CurStates ≢ S5;
-
- behavior buch_state_Sf_out:
- ensures aorai_CurStates ≢ Sf;
-
- behavior buch_state_Si_out:
- ensures aorai_CurStates ≢ Si;
- */
-void g_post_func(void)
-{
- /*@ ghost int aorai_CurStates_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_g;
- aorai_CurStates_tmp = aorai_CurStates;
- if (4 == aorai_CurStates) aorai_CurStates_tmp = S3;
- if (5 == aorai_CurStates) aorai_CurStates_tmp = S1;
- aorai_CurStates_tmp = aorai_CurStates;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'g_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires aorai_CurStates ≡ S3;
- requires aorai_CurStates ≡ S3 ⇒ x ≡ 4 ∨ x ≡ 5;
-
- behavior Buchi_behavior_in_1:
- assumes aorai_CurStates ≡ S3 ∧ x ≡ 5;
- ensures aorai_CurStates ≡ S1;
-
- behavior Buchi_behavior_in_0:
- assumes aorai_CurStates ≡ S3 ∧ x ≡ 4;
- ensures aorai_CurStates ≡ S3;
- */
-void g(int x)
-{
- g_pre_func(x);
- Y = x;
- g_post_func();
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_deterministic_0.i, line 80)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_deterministic_0.i, line 81)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_deterministic_0.i, line 85)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_deterministic_0.i, line 88)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_deterministic_0.i, line 91)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_deterministic_0.i, line 94)
+ tried with Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S4_in' (file /tmp/aorai_deterministic_0.i, line 98)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_deterministic_0.i, line 102)
+ tried with Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S5_in' (file /tmp/aorai_deterministic_0.i, line 106)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_S5_out' (file /tmp/aorai_deterministic_0.i, line 110)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_deterministic_0.i, line 113)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_Si_out' (file /tmp/aorai_deterministic_0.i, line 116)
+ tried with Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_deterministic_0.i, line 82)
+ by Wp.typed.
+[ - ] Behavior 'buch_state_S0_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_S1_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_S2_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_S3_out'
+ tried with Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S4_in'
+ by Frama-C kernel.
+[ - ] Behavior 'buch_state_S4_out'
+ tried with Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S5_in'
+ by Frama-C kernel.
+[ - ] Behavior 'buch_state_S5_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_Sf_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_Si_out'
+ tried with Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_f;
- assigns aorai_CurOpStatus, aorai_CurOperation, aorai_CurStates;
-
- behavior buch_state_S0_out:
- ensures aorai_CurStates ≢ S0;
-
- behavior buch_state_S1_out:
- ensures aorai_CurStates ≢ S1;
-
- behavior buch_state_S2_out:
- ensures aorai_CurStates ≢ S2;
-
- behavior buch_state_S3_in:
- assumes aorai_CurStates ≡ S1 ∧ x ≡ 4;
- ensures aorai_CurStates ≡ S3;
-
- behavior buch_state_S3_out:
- assumes aorai_CurStates ≢ S1 ∨ ¬(x ≡ 4);
- ensures aorai_CurStates ≢ S3;
-
- behavior buch_state_S4_out:
- ensures aorai_CurStates ≢ S4;
-
- behavior buch_state_S5_out:
- ensures aorai_CurStates ≢ S5;
-
- behavior buch_state_Sf_out:
- ensures aorai_CurStates ≢ Sf;
-
- behavior buch_state_Si_out:
- ensures aorai_CurStates ≢ Si;
- */
-void f_pre_func(int x)
-{
- /*@ ghost int aorai_CurStates_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_f;
- aorai_CurStates_tmp = aorai_CurStates;
- if (1 == aorai_CurStates)
- if (x == 4) aorai_CurStates_tmp = S3;
- aorai_CurStates_tmp = aorai_CurStates;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'g_post_func'
+--------------------------------------------------------------------------------
-/*@ requires aorai_CurStates ≡ S1;
- requires aorai_CurStates ≡ S1 ⇒ res ≡ 0 ∧ X ≡ 5;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_f;
- assigns aorai_CurOpStatus, aorai_CurOperation, aorai_CurStates;
-
- behavior buch_state_S0_out:
- ensures aorai_CurStates ≢ S0;
-
- behavior buch_state_S1_out:
- ensures aorai_CurStates ≢ S1;
-
- behavior buch_state_S2_in:
- assumes aorai_CurStates ≡ S1 ∧ X ≡ 5 ∧ res ≡ 0;
- ensures aorai_CurStates ≡ S2;
-
- behavior buch_state_S2_out:
- assumes aorai_CurStates ≢ S1 ∨ ¬(X ≡ 5 ∧ res ≡ 0);
- ensures aorai_CurStates ≢ S2;
-
- behavior buch_state_S3_out:
- ensures aorai_CurStates ≢ S3;
-
- behavior buch_state_S4_out:
- ensures aorai_CurStates ≢ S4;
-
- behavior buch_state_S5_out:
- ensures aorai_CurStates ≢ S5;
-
- behavior buch_state_Sf_out:
- ensures aorai_CurStates ≢ Sf;
-
- behavior buch_state_Si_out:
- ensures aorai_CurStates ≢ Si;
- */
-void f_post_func(int res)
-{
- /*@ ghost int aorai_CurStates_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_f;
- aorai_CurStates_tmp = aorai_CurStates;
- if (1 == aorai_CurStates)
- if (X == 5)
- if (res == 0) aorai_CurStates_tmp = S2;
- aorai_CurStates_tmp = aorai_CurStates;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_deterministic_0.i, line 134)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_deterministic_0.i, line 135)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_deterministic_0.i, line 139)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_in' (file /tmp/aorai_deterministic_0.i, line 143)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_deterministic_0.i, line 147)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_deterministic_0.i, line 150)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_in' (file /tmp/aorai_deterministic_0.i, line 154)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_deterministic_0.i, line 158)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_deterministic_0.i, line 161)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S5_out' (file /tmp/aorai_deterministic_0.i, line 164)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_deterministic_0.i, line 167)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Si_out' (file /tmp/aorai_deterministic_0.i, line 170)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_deterministic_0.i, line 136)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Si_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires aorai_CurStates ≡ S1;
- requires aorai_CurStates ≡ S1 ⇒ x ≡ 4;
-
- behavior Buchi_property_behavior:
- ensures aorai_CurStates ≡ S2 ⇒ \result ≡ 0 ∧ X ≡ 5;
- ensures aorai_CurStates ≡ S2;
- */
-int f(int x)
-{
- int __retres;
- f_pre_func(x);
- X = x;
- g(X);
- X ++;
- g(X);
- __retres = 0;
- f_post_func(__retres);
- return __retres;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'g'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_real_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, aorai_CurStates;
-
- behavior buch_state_S0_out:
- ensures aorai_CurStates ≢ S0;
-
- behavior buch_state_S1_in:
- assumes aorai_CurStates ≡ S0 ∧ c ≢ 0;
- ensures aorai_CurStates ≡ S1;
-
- behavior buch_state_S1_out:
- assumes aorai_CurStates ≢ S0 ∨ c ≡ 0;
- ensures aorai_CurStates ≢ S1;
-
- behavior buch_state_S2_in:
- assumes aorai_CurStates ≡ S0 ∧ c ≡ 0;
- ensures aorai_CurStates ≡ S2;
-
- behavior buch_state_S2_out:
- assumes aorai_CurStates ≢ S0 ∨ ¬(c ≡ 0);
- ensures aorai_CurStates ≢ S2;
-
- behavior buch_state_S3_out:
- ensures aorai_CurStates ≢ S3;
-
- behavior buch_state_S4_out:
- ensures aorai_CurStates ≢ S4;
-
- behavior buch_state_S5_out:
- ensures aorai_CurStates ≢ S5;
-
- behavior buch_state_Sf_out:
- ensures aorai_CurStates ≢ Sf;
-
- behavior buch_state_Si_out:
- ensures aorai_CurStates ≢ Si;
- */
-void real_main_pre_func(int c)
-{
- /*@ ghost int aorai_CurStates_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_real_main;
- aorai_CurStates_tmp = aorai_CurStates;
- if (0 == aorai_CurStates)
- if (c == 0) aorai_CurStates_tmp = S2;
- if (0 == aorai_CurStates)
- if (c != 0) aorai_CurStates_tmp = S1;
- aorai_CurStates_tmp = aorai_CurStates;
- return;
-}
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires aorai_CurStates ≡ S2;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_real_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, aorai_CurStates;
-
- behavior buch_state_S0_out:
- ensures aorai_CurStates ≢ S0;
-
- behavior buch_state_S1_out:
- ensures aorai_CurStates ≢ S1;
-
- behavior buch_state_S2_out:
- ensures aorai_CurStates ≢ S2;
-
- behavior buch_state_S3_out:
- ensures aorai_CurStates ≢ S3;
-
- behavior buch_state_S4_out:
- ensures aorai_CurStates ≢ S4;
-
- behavior buch_state_S5_out:
- ensures aorai_CurStates ≢ S5;
-
- behavior buch_state_Sf_in:
- assumes aorai_CurStates ≡ S2;
- ensures aorai_CurStates ≡ Sf;
-
- behavior buch_state_Sf_out:
- assumes aorai_CurStates ≢ S2;
- ensures aorai_CurStates ≢ Sf;
-
- behavior buch_state_Si_out:
- ensures aorai_CurStates ≢ Si;
- */
-void real_main_post_func(int res)
-{
- /*@ ghost int aorai_CurStates_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_real_main;
- aorai_CurStates_tmp = aorai_CurStates;
- if (2 == aorai_CurStates) aorai_CurStates_tmp = Sf;
- aorai_CurStates_tmp = aorai_CurStates;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires aorai_CurStates ≡ S0;
- requires aorai_CurStates ≡ S0 ⇒ c ≢ 0 ∨ c ≡ 0;
-
- behavior Buchi_property_behavior:
- ensures aorai_CurStates ≡ Sf;
- */
-int real_main(int c)
-{
- int __retres;
- real_main_pre_func(c);
- if (c) f(4);
- __retres = 0;
- real_main_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_deterministic_0.i, line 206)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_deterministic_0.i, line 207)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_deterministic_0.i, line 211)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_deterministic_0.i, line 214)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_deterministic_0.i, line 217)
+ tried with Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_in' (file /tmp/aorai_deterministic_0.i, line 221)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_deterministic_0.i, line 225)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_deterministic_0.i, line 228)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_S5_out' (file /tmp/aorai_deterministic_0.i, line 231)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_deterministic_0.i, line 234)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_Si_out' (file /tmp/aorai_deterministic_0.i, line 237)
+ tried with Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_deterministic_0.i, line 208)
+ by Wp.typed.
+[ - ] Behavior 'buch_state_S0_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_S1_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_S2_out'
+ tried with Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_in'
+ by Frama-C kernel.
+[ - ] Behavior 'buch_state_S3_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_S4_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_S5_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_Sf_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_Si_out'
+ tried with Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, aorai_CurStates;
-
- behavior buch_state_S0_in:
- assumes aorai_CurStates ≡ Si;
- ensures aorai_CurStates ≡ S0;
-
- behavior buch_state_S0_out:
- assumes aorai_CurStates ≢ Si;
- ensures aorai_CurStates ≢ S0;
-
- behavior buch_state_S1_out:
- ensures aorai_CurStates ≢ S1;
-
- behavior buch_state_S2_out:
- ensures aorai_CurStates ≢ S2;
-
- behavior buch_state_S3_out:
- ensures aorai_CurStates ≢ S3;
-
- behavior buch_state_S4_out:
- ensures aorai_CurStates ≢ S4;
-
- behavior buch_state_S5_out:
- ensures aorai_CurStates ≢ S5;
-
- behavior buch_state_Sf_out:
- ensures aorai_CurStates ≢ Sf;
-
- behavior buch_state_Si_out:
- ensures aorai_CurStates ≢ Si;
- */
-void main_pre_func(int c)
-{
- /*@ ghost int aorai_CurStates_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- aorai_CurStates_tmp = aorai_CurStates;
- if (7 == aorai_CurStates) aorai_CurStates_tmp = S0;
- aorai_CurStates_tmp = aorai_CurStates;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f_post_func'
+--------------------------------------------------------------------------------
-/*@ requires aorai_CurStates ≡ Sf;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, aorai_CurStates;
-
- behavior buch_state_S0_out:
- ensures aorai_CurStates ≢ S0;
-
- behavior buch_state_S1_out:
- ensures aorai_CurStates ≢ S1;
-
- behavior buch_state_S2_out:
- ensures aorai_CurStates ≢ S2;
-
- behavior buch_state_S3_out:
- ensures aorai_CurStates ≢ S3;
-
- behavior buch_state_S4_out:
- ensures aorai_CurStates ≢ S4;
-
- behavior buch_state_S5_out:
- ensures aorai_CurStates ≢ S5;
-
- behavior buch_state_Sf_in:
- assumes aorai_CurStates ≡ Sf;
- ensures aorai_CurStates ≡ Sf;
-
- behavior buch_state_Sf_out:
- assumes aorai_CurStates ≢ Sf;
- ensures aorai_CurStates ≢ Sf;
-
- behavior buch_state_Si_out:
- ensures aorai_CurStates ≢ Si;
- */
-void main_post_func(int res)
-{
- /*@ ghost int aorai_CurStates_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- aorai_CurStates_tmp = aorai_CurStates;
- if (6 == aorai_CurStates) aorai_CurStates_tmp = Sf;
- aorai_CurStates_tmp = aorai_CurStates;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_deterministic_0.i, line 255)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_deterministic_0.i, line 256)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_deterministic_0.i, line 260)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_deterministic_0.i, line 263)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_in' (file /tmp/aorai_deterministic_0.i, line 267)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_deterministic_0.i, line 271)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_deterministic_0.i, line 274)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_deterministic_0.i, line 277)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S5_out' (file /tmp/aorai_deterministic_0.i, line 280)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_deterministic_0.i, line 283)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Si_out' (file /tmp/aorai_deterministic_0.i, line 286)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_deterministic_0.i, line 257)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Si_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires aorai_CurStates ≡ Si;
-
- behavior Buchi_property_behavior:
- ensures aorai_CurStates ≡ Sf;
- */
-int main(int c)
-{
- int tmp;
- main_pre_func(c);
- tmp = real_main(c);
- main_post_func(tmp);
- return tmp;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f'
+--------------------------------------------------------------------------------
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'real_main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_deterministic_0.i, line 322)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_deterministic_0.i, line 323)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_deterministic_0.i, line 327)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_in' (file /tmp/aorai_deterministic_0.i, line 331)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_deterministic_0.i, line 335)
+ tried with Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_in' (file /tmp/aorai_deterministic_0.i, line 339)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_deterministic_0.i, line 343)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_deterministic_0.i, line 346)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_deterministic_0.i, line 349)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_S5_out' (file /tmp/aorai_deterministic_0.i, line 352)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_deterministic_0.i, line 355)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_Si_out' (file /tmp/aorai_deterministic_0.i, line 358)
+ tried with Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_deterministic_0.i, line 324)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S1_in'
+ by Frama-C kernel.
+[ - ] Behavior 'buch_state_S1_out'
+ tried with Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_in'
+ by Frama-C kernel.
+[ - ] Behavior 'buch_state_S2_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_S3_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_S4_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_S5_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_Sf_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_Si_out'
+ tried with Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'real_main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_deterministic_0.i, line 376)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_deterministic_0.i, line 377)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_deterministic_0.i, line 381)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_deterministic_0.i, line 384)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_deterministic_0.i, line 387)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_deterministic_0.i, line 390)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_deterministic_0.i, line 393)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S5_out' (file /tmp/aorai_deterministic_0.i, line 396)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_in' (file /tmp/aorai_deterministic_0.i, line 400)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_deterministic_0.i, line 404)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Si_out' (file /tmp/aorai_deterministic_0.i, line 407)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_deterministic_0.i, line 378)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Si_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'real_main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_deterministic_0.i, line 439)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_deterministic_0.i, line 440)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_in' (file /tmp/aorai_deterministic_0.i, line 445)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_deterministic_0.i, line 449)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_deterministic_0.i, line 452)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_deterministic_0.i, line 455)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_deterministic_0.i, line 458)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_deterministic_0.i, line 461)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_S5_out' (file /tmp/aorai_deterministic_0.i, line 464)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_deterministic_0.i, line 467)
+ tried with Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Si_out' (file /tmp/aorai_deterministic_0.i, line 470)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_deterministic_0.i, line 441)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_in'
+ by Frama-C kernel.
+[ - ] Behavior 'buch_state_S0_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_S1_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_S2_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_S3_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_S4_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_S5_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_Sf_out'
+ tried with Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Si_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_deterministic_0.i, line 487)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_deterministic_0.i, line 488)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_deterministic_0.i, line 492)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_deterministic_0.i, line 495)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_deterministic_0.i, line 498)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_deterministic_0.i, line 501)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_deterministic_0.i, line 504)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S5_out' (file /tmp/aorai_deterministic_0.i, line 507)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_in' (file /tmp/aorai_deterministic_0.i, line 511)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_deterministic_0.i, line 515)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Si_out' (file /tmp/aorai_deterministic_0.i, line 518)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_deterministic_0.i, line 489)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Si_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 126 Completely validated
+ 60 To be validated
+ 186 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/formals.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/formals.res.oracle
index fbf2d361e5a6b10b8bc6709fa7e04a969f591a82..0edf09a3f373f8c7fe83d1f74312febee66891c5 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/formals.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/formals.res.oracle
@@ -1,670 +1,347 @@
[kernel] Parsing tests/aorai/formals.i (no preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_formals0.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_f_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_f_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_f_post_func_post : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part7 : Valid
-[wp] [Alt-Ergo] Goal typed_f_post_func_buch_state_OK_out_post : Valid
-[wp] [Alt-Ergo] Goal typed_f_post_func_buch_state_aorai_intermediate_state_1_out_post : Valid
-[wp] [Alt-Ergo] Goal typed_f_post_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Alt-Ergo] Goal typed_f_post_func_buch_state_main_0_out_post : Valid
-[wp] [Alt-Ergo] Goal typed_f_post_func_buch_state_init_out_post : Valid
-[wp] [Alt-Ergo] Goal typed_f_post_func_buch_state_aorai_reject_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_f_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_f_pre_func_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_in_0_post_2 : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_out_post_2 : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_2_in_0_post_2 : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_2_out_post_2 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_g_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_g_post_func_post : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_OK_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part7 : Valid
-[wp] [Alt-Ergo] Goal typed_g_post_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Alt-Ergo] Goal typed_g_post_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_aorai_reject_out_post : Valid
-[wp] [Alt-Ergo] Goal typed_g_post_func_buch_state_aorai_intermediate_state_2_out_post : Valid
-[wp] [Alt-Ergo] Goal typed_g_post_func_buch_state_init_out_post : Valid
-[wp] [Alt-Ergo] Goal typed_g_post_func_buch_state_main_0_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_g_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_g_pre_func_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_OK_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_OK_in_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_1_in_0_post_2 : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_1_out_post_2 : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_reject_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_reject_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_OK_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_1_out____ : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_0_out____ : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_OK_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_init_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_reject_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_reject_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_2_out____ : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_main_0_out_post : Valid
-[wp] Computing [100 goals...]
-[wp] [Qed] Goal typed_main_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part3 : Valid
-/* Generated by Frama-C */
-enum aorai_States {
- aorai_reject_state = -2,
- OK = 0,
- aorai_intermediate_state = 1,
- aorai_intermediate_state_0 = 2,
- aorai_intermediate_state_1 = 3,
- aorai_intermediate_state_2 = 4,
- aorai_reject = 5,
- init = 6,
- main_0 = 7
-};
-enum aorai_ListOper {
- op_f = 2,
- op_g = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@ lemma init_deterministic_trans{L}: \true;
- */
-/*@ lemma aorai_reject_deterministic_trans{L}: \true;
- */
-/*@ lemma OK_deterministic_trans{L}: \true;
- */
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@
-lemma main_0_deterministic_trans{L}:
- ∀ int x;
- ¬(x ≡ 3 ∧ \at(aorai_CurOperation,L) ≡ op_f ∧
- \at(aorai_CurOpStatus,L) ≡ aorai_Called ∧ x ≡ 1 ∧
- \at(aorai_CurOperation,L) ≡ op_f ∧
- \at(aorai_CurOpStatus,L) ≡ aorai_Called);
- */
-/*@
-lemma aorai_intermediate_state_0_deterministic_trans{L}:
- ¬(\at(aorai_CurOperation,L) ≡ op_g ∧
- \at(aorai_CurOpStatus,L) ≡ aorai_Called ∧
- ¬(\at(aorai_CurOperation,L) ≡ op_g ∧
- \at(aorai_CurOpStatus,L) ≡ aorai_Called));
- */
-/*@ ghost int aorai_CurStates = init; */
-/*@ ghost int aorai_x_0 = 0; */
-/*@
-lemma aorai_intermediate_state_2_deterministic_trans{L}:
- ¬(\at(aorai_x_0,L) ≡ 3 ∧ \at(aorai_CurOperation,L) ≡ op_f ∧
- \at(aorai_CurOpStatus,L) ≡ aorai_Terminated ∧
- (¬(\at(aorai_CurOperation,L) ≡ op_f ∧
- \at(aorai_CurOpStatus,L) ≡ aorai_Terminated) ∨
- \at(aorai_x_0,L) ≢ 3));
- */
-/*@ ghost int aorai_y = 0; */
-/*@
-lemma aorai_intermediate_state_1_deterministic_trans{L}:
- ¬(\at(aorai_y,L) ≡ 2 ∧ \at(aorai_CurOperation,L) ≡ op_g ∧
- \at(aorai_CurOpStatus,L) ≡ aorai_Terminated ∧
- (¬(\at(aorai_CurOperation,L) ≡ op_g ∧
- \at(aorai_CurOpStatus,L) ≡ aorai_Terminated) ∨
- \at(aorai_y,L) ≢ 2));
- */
-/*@ ghost int aorai_x = 0; */
-/*@
-lemma aorai_intermediate_state_deterministic_trans{L}:
- ¬(\at(aorai_x,L) ≡ 1 ∧ \at(aorai_CurOperation,L) ≡ op_f ∧
- \at(aorai_CurOpStatus,L) ≡ aorai_Terminated ∧
- (¬(\at(aorai_CurOperation,L) ≡ op_f ∧
- \at(aorai_CurOpStatus,L) ≡ aorai_Terminated) ∨
- \at(aorai_x,L) ≢ 1));
- */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_f;
- assigns aorai_x_0, aorai_x, aorai_CurOpStatus, aorai_CurOperation,
- aorai_CurStates;
-
- behavior buch_state_OK_out:
- ensures aorai_CurStates ≢ OK;
-
- behavior buch_state_aorai_intermediate_state_in_0:
- assumes aorai_CurStates ≡ main_0 ∧ x ≡ 1;
- ensures aorai_CurStates ≡ aorai_intermediate_state;
- ensures aorai_x ≡ \old(x);
-
- behavior buch_state_aorai_intermediate_state_out:
- assumes aorai_CurStates ≢ main_0 ∨ ¬(x ≡ 1);
- ensures aorai_CurStates ≢ aorai_intermediate_state;
- ensures aorai_x ≡ \old(aorai_x);
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures aorai_CurStates ≢ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures aorai_CurStates ≢ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_in_0:
- assumes aorai_CurStates ≡ main_0 ∧ x ≡ 3;
- ensures aorai_CurStates ≡ aorai_intermediate_state_2;
- ensures aorai_x_0 ≡ \old(x);
-
- behavior buch_state_aorai_intermediate_state_2_out:
- assumes aorai_CurStates ≢ main_0 ∨ ¬(x ≡ 3);
- ensures aorai_CurStates ≢ aorai_intermediate_state_2;
- ensures aorai_x_0 ≡ \old(aorai_x_0);
-
- behavior buch_state_aorai_reject_out:
- ensures aorai_CurStates ≢ aorai_reject;
-
- behavior buch_state_init_out:
- ensures aorai_CurStates ≢ init;
-
- behavior buch_state_main_0_out:
- ensures aorai_CurStates ≢ main_0;
- */
-void f_pre_func(int x)
-{
- /*@ ghost int aorai_CurStates_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_f;
- aorai_CurStates_tmp = aorai_CurStates;
- if (7 == aorai_CurStates)
- if (x == 3) {
- aorai_CurStates_tmp = aorai_intermediate_state_2;
- aorai_x_0 = x;
- }
- if (7 == aorai_CurStates)
- if (x == 1) {
- aorai_CurStates_tmp = aorai_intermediate_state;
- aorai_x = x;
- }
- aorai_CurStates_tmp = aorai_CurStates;
- return;
-}
+[kernel] Parsing /tmp/aorai_formals_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires
- aorai_CurStates ≡ aorai_intermediate_state ∨
- aorai_CurStates ≡ aorai_intermediate_state_2;
- requires
- aorai_CurStates ≡ aorai_intermediate_state ⇒
- aorai_x ≡ 1 ∨ aorai_x ≢ 1;
- requires
- aorai_CurStates ≡ aorai_intermediate_state_2 ⇒
- aorai_x_0 ≡ 3 ∨ aorai_x_0 ≢ 3;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_f;
- assigns aorai_CurOpStatus, aorai_CurOperation, aorai_CurStates;
-
- behavior buch_state_OK_in:
- assumes
- aorai_CurStates ≡ aorai_intermediate_state_2 ∧ aorai_x_0 ≡ 3;
- ensures aorai_CurStates ≡ OK;
-
- behavior buch_state_OK_out:
- assumes
- aorai_CurStates ≢ aorai_intermediate_state_2 ∨
- ¬(aorai_x_0 ≡ 3);
- ensures aorai_CurStates ≢ OK;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures aorai_CurStates ≢ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_in:
- assumes aorai_CurStates ≡ aorai_intermediate_state ∧ aorai_x ≡ 1;
- ensures aorai_CurStates ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- assumes
- aorai_CurStates ≢ aorai_intermediate_state ∨ ¬(aorai_x ≡ 1);
- ensures aorai_CurStates ≢ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures aorai_CurStates ≢ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures aorai_CurStates ≢ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_reject_in:
- assumes
- (aorai_CurStates ≡ aorai_intermediate_state_2 ∧ aorai_x_0 ≢ 3) ∨
- (aorai_CurStates ≡ aorai_intermediate_state ∧ aorai_x ≢ 1);
- ensures aorai_CurStates ≡ aorai_reject;
-
- behavior buch_state_aorai_reject_out:
- assumes
- (aorai_CurStates ≢ aorai_intermediate_state_2 ∨
- ¬(aorai_x_0 ≢ 3)) ∧
- (aorai_CurStates ≢ aorai_intermediate_state ∨ ¬(aorai_x ≢ 1));
- ensures aorai_CurStates ≢ aorai_reject;
-
- behavior buch_state_init_out:
- ensures aorai_CurStates ≢ init;
-
- behavior buch_state_main_0_out:
- ensures aorai_CurStates ≢ main_0;
- */
-void f_post_func(int res)
-{
- /*@ ghost int aorai_CurStates_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_f;
- aorai_CurStates_tmp = aorai_CurStates;
- if (4 == aorai_CurStates) {
- if (aorai_x_0 != 3) aorai_CurStates_tmp = aorai_reject; else goto _LAND;
- }
- else {
- _LAND: ;
- if (1 == aorai_CurStates)
- if (aorai_x != 1) aorai_CurStates_tmp = aorai_reject;
- }
- if (1 == aorai_CurStates)
- if (aorai_x == 1) aorai_CurStates_tmp = aorai_intermediate_state_0;
- if (4 == aorai_CurStates)
- if (aorai_x_0 == 3) aorai_CurStates_tmp = OK;
- aorai_CurStates_tmp = aorai_CurStates;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires aorai_CurStates ≡ main_0;
- requires aorai_CurStates ≡ main_0 ⇒ x ≡ 1 ∨ x ≡ 3;
- ensures
- aorai_CurStates ≡ aorai_intermediate_state_0 ∨
- aorai_CurStates ≡ OK;
- ensures
- \old(aorai_CurStates ≡ main_0) ⇒
- aorai_CurStates ≢ OK ∧ aorai_CurStates ≢ aorai_reject ⇒
- aorai_x_0 ≡ \old(aorai_x_0);
- ensures
- \old(aorai_CurStates ≡ main_0) ⇒
- aorai_CurStates ≢ aorai_intermediate_state_0 ∧
- aorai_CurStates ≢ aorai_reject ⇒ aorai_x ≡ \old(aorai_x);
-
- behavior Buchi_behavior_in_1:
- assumes aorai_CurStates ≡ main_0 ∧ x ≡ 3;
- ensures
- (aorai_CurStates ≡ OK ⇒ aorai_x_0 ≡ 3) ∧
- (aorai_CurStates ≡ aorai_intermediate_state_0 ⇒ aorai_x ≡ 1) ∧
- (aorai_CurStates ≡ aorai_reject ⇒
- aorai_x ≢ 1 ∨ aorai_x_0 ≢ 3);
- ensures aorai_CurStates ≡ OK ∨ aorai_CurStates ≡ aorai_reject;
- ensures
- \at(aorai_CurStates ≡ main_0,Pre) ∧
- aorai_CurStates ≡ aorai_reject ⇒
- aorai_x_0 ≡ \at(x,Pre)+0 ∨ aorai_x_0 ≡ \at(aorai_x_0,Pre)+0;
- ensures
- \at(aorai_CurStates ≡ main_0,Pre) ∧
- aorai_CurStates ≡ aorai_reject ⇒
- aorai_x ≡ \at(x,Pre)+0 ∨ aorai_x ≡ \at(aorai_x,Pre)+0;
- ensures
- \at(aorai_CurStates ≡ main_0,Pre) ∧ aorai_CurStates ≡ OK ⇒
- aorai_x_0 ≡ \at(x,Pre)+0;
-
- behavior Buchi_behavior_in_0:
- assumes aorai_CurStates ≡ main_0 ∧ x ≡ 1;
- ensures
- (aorai_CurStates ≡ OK ⇒ aorai_x_0 ≡ 3) ∧
- (aorai_CurStates ≡ aorai_intermediate_state_0 ⇒ aorai_x ≡ 1) ∧
- (aorai_CurStates ≡ aorai_reject ⇒
- aorai_x ≢ 1 ∨ aorai_x_0 ≢ 3);
- ensures
- aorai_CurStates ≡ aorai_intermediate_state_0 ∨
- aorai_CurStates ≡ aorai_reject;
- ensures
- \at(aorai_CurStates ≡ main_0,Pre) ∧
- aorai_CurStates ≡ aorai_reject ⇒
- aorai_x_0 ≡ \at(x,Pre)+0 ∨ aorai_x_0 ≡ \at(aorai_x_0,Pre)+0;
- ensures
- \at(aorai_CurStates ≡ main_0,Pre) ∧
- aorai_CurStates ≡ aorai_reject ⇒
- aorai_x ≡ \at(x,Pre)+0 ∨ aorai_x ≡ \at(aorai_x,Pre)+0;
- ensures
- \at(aorai_CurStates ≡ main_0,Pre) ∧
- aorai_CurStates ≡ aorai_intermediate_state_0 ⇒
- aorai_x ≡ \at(x,Pre)+0;
- */
-int f(int x)
-{
- f_pre_func(x);
- f_post_func(x);
- return x;
-}
+[ Valid ] Post-condition (file /tmp/aorai_formals_0.i, line 93)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_formals_0.i, line 94)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_OK_out' (file /tmp/aorai_formals_0.i, line 99)
+ tried with Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_in_0' (file /tmp/aorai_formals_0.i, line 103)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_in_0' (file /tmp/aorai_formals_0.i, line 104)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_formals_0.i, line 108)
+ tried with Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_formals_0.i, line 109)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_formals_0.i, line 112)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_formals_0.i, line 115)
+ tried with Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_in_0' (file /tmp/aorai_formals_0.i, line 119)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_in_0' (file /tmp/aorai_formals_0.i, line 120)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_formals_0.i, line 124)
+ tried with Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_formals_0.i, line 125)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_aorai_reject_out' (file /tmp/aorai_formals_0.i, line 128)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_init_out' (file /tmp/aorai_formals_0.i, line 131)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_main_0_out' (file /tmp/aorai_formals_0.i, line 134)
+ tried with Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_formals_0.i, line 95)
+ by Wp.typed.
+[ - ] Behavior 'buch_state_OK_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ tried with Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_in_0'
+ by Frama-C kernel.
+[ - ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ tried with Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_in_0'
+ by Frama-C kernel.
+[ - ] Behavior 'buch_state_aorai_intermediate_state_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_aorai_reject_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_init_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_main_0_out'
+ tried with Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_g;
- assigns aorai_y, aorai_CurOpStatus, aorai_CurOperation, aorai_CurStates;
-
- behavior buch_state_OK_in:
- assumes aorai_CurStates ≡ OK;
- ensures aorai_CurStates ≡ OK;
-
- behavior buch_state_OK_out:
- assumes aorai_CurStates ≢ OK;
- ensures aorai_CurStates ≢ OK;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures aorai_CurStates ≢ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures aorai_CurStates ≢ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_in_0:
- assumes aorai_CurStates ≡ aorai_intermediate_state_0;
- ensures aorai_CurStates ≡ aorai_intermediate_state_1;
- ensures aorai_y ≡ \old(y);
-
- behavior buch_state_aorai_intermediate_state_1_out:
- assumes aorai_CurStates ≢ aorai_intermediate_state_0;
- ensures aorai_CurStates ≢ aorai_intermediate_state_1;
- ensures aorai_y ≡ \old(aorai_y);
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures aorai_CurStates ≢ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_reject_in:
- assumes aorai_CurStates ≡ aorai_reject;
- ensures aorai_CurStates ≡ aorai_reject;
-
- behavior buch_state_aorai_reject_out:
- assumes aorai_CurStates ≢ aorai_reject;
- ensures aorai_CurStates ≢ aorai_reject;
-
- behavior buch_state_init_out:
- ensures aorai_CurStates ≢ init;
-
- behavior buch_state_main_0_out:
- ensures aorai_CurStates ≢ main_0;
- */
-void g_pre_func(int y)
-{
- /*@ ghost int aorai_CurStates_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_g;
- aorai_CurStates_tmp = aorai_CurStates;
- if (5 == aorai_CurStates) aorai_CurStates_tmp = aorai_reject;
- if (2 == aorai_CurStates) {
- aorai_CurStates_tmp = aorai_intermediate_state_1;
- aorai_y = y;
- }
- if (0 == aorai_CurStates) aorai_CurStates_tmp = OK;
- aorai_CurStates_tmp = aorai_CurStates;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- aorai_CurStates ≡ OK ∨
- aorai_CurStates ≡ aorai_intermediate_state_1;
- requires
- aorai_CurStates ≡ aorai_intermediate_state_1 ⇒
- aorai_y ≡ 2 ∨ aorai_y ≢ 2;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_g;
- assigns aorai_CurOpStatus, aorai_CurOperation, aorai_CurStates;
-
- behavior buch_state_OK_in:
- assumes
- (aorai_CurStates ≡ aorai_intermediate_state_1 ∧ aorai_y ≡ 2) ∨
- aorai_CurStates ≡ OK;
- ensures aorai_CurStates ≡ OK;
-
- behavior buch_state_OK_out:
- assumes
- (aorai_CurStates ≢ aorai_intermediate_state_1 ∨ ¬(aorai_y ≡ 2)) ∧
- aorai_CurStates ≢ OK;
- ensures aorai_CurStates ≢ OK;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures aorai_CurStates ≢ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures aorai_CurStates ≢ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures aorai_CurStates ≢ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures aorai_CurStates ≢ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_reject_in:
- assumes
- aorai_CurStates ≡ aorai_reject ∨
- (aorai_CurStates ≡ aorai_intermediate_state_1 ∧ aorai_y ≢ 2);
- ensures aorai_CurStates ≡ aorai_reject;
-
- behavior buch_state_aorai_reject_out:
- assumes
- aorai_CurStates ≢ aorai_reject ∧
- (aorai_CurStates ≢ aorai_intermediate_state_1 ∨ ¬(aorai_y ≢ 2));
- ensures aorai_CurStates ≢ aorai_reject;
-
- behavior buch_state_init_out:
- ensures aorai_CurStates ≢ init;
-
- behavior buch_state_main_0_out:
- ensures aorai_CurStates ≢ main_0;
- */
-void g_post_func(int res)
-{
- /*@ ghost int aorai_CurStates_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_g;
- aorai_CurStates_tmp = aorai_CurStates;
- if (5 == aorai_CurStates) aorai_CurStates_tmp = aorai_reject;
- else
- if (3 == aorai_CurStates)
- if (aorai_y != 2) aorai_CurStates_tmp = aorai_reject;
- if (3 == aorai_CurStates) {
- if (aorai_y == 2) aorai_CurStates_tmp = OK; else goto _LAND;
- }
- else {
- _LAND: ;
- if (0 == aorai_CurStates) aorai_CurStates_tmp = OK;
- }
- aorai_CurStates_tmp = aorai_CurStates;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_formals_0.i, line 166)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_formals_0.i, line 167)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_OK_in' (file /tmp/aorai_formals_0.i, line 173)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_OK_out' (file /tmp/aorai_formals_0.i, line 179)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_formals_0.i, line 182)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_in' (file /tmp/aorai_formals_0.i, line 187)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_formals_0.i, line 192)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_formals_0.i, line 195)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_formals_0.i, line 198)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_reject_in' (file /tmp/aorai_formals_0.i, line 204)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_reject_out' (file /tmp/aorai_formals_0.i, line 211)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_init_out' (file /tmp/aorai_formals_0.i, line 214)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_main_0_out' (file /tmp/aorai_formals_0.i, line 217)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_formals_0.i, line 168)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_OK_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_OK_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_reject_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_reject_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_main_0_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- aorai_CurStates ≡ OK ∨
- aorai_CurStates ≡ aorai_intermediate_state_0;
- requires
- aorai_CurStates ≡ aorai_reject ∨ aorai_CurStates ≢ aorai_reject;
- requires
- aorai_CurStates ≡ aorai_intermediate_state_0 ∨
- aorai_CurStates ≢ aorai_intermediate_state_0;
- requires aorai_CurStates ≡ OK ∨ aorai_CurStates ≢ OK;
- ensures aorai_CurStates ≡ OK;
-
- behavior Buchi_behavior_in_2:
- assumes aorai_CurStates ≡ aorai_reject;
- ensures aorai_CurStates ≡ aorai_reject;
-
- behavior Buchi_behavior_in_1:
- assumes aorai_CurStates ≡ aorai_intermediate_state_0;
- ensures aorai_CurStates ≡ OK ∨ aorai_CurStates ≡ aorai_reject;
- ensures
- \at(aorai_CurStates ≡ aorai_intermediate_state_0,Pre) ∧
- aorai_CurStates ≡ aorai_reject ⇒ aorai_y ≡ \at(y,Pre)+0;
- ensures
- \at(aorai_CurStates ≡ aorai_intermediate_state_0,Pre) ∧
- aorai_CurStates ≡ OK ⇒ aorai_y ≡ \at(y,Pre)+0;
-
- behavior Buchi_behavior_in_0:
- assumes aorai_CurStates ≡ OK;
- ensures aorai_CurStates ≡ OK;
- */
-int g(int y)
-{
- g_pre_func(y);
- g_post_func(y);
- return y;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'g_pre_func'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, aorai_CurStates;
-
- behavior buch_state_OK_out:
- ensures aorai_CurStates ≢ OK;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures aorai_CurStates ≢ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures aorai_CurStates ≢ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures aorai_CurStates ≢ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures aorai_CurStates ≢ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_reject_out:
- ensures aorai_CurStates ≢ aorai_reject;
-
- behavior buch_state_init_out:
- ensures aorai_CurStates ≢ init;
-
- behavior buch_state_main_0_in:
- assumes aorai_CurStates ≡ init;
- ensures aorai_CurStates ≡ main_0;
-
- behavior buch_state_main_0_out:
- assumes aorai_CurStates ≢ init;
- ensures aorai_CurStates ≢ main_0;
- */
-void main_pre_func(void)
-{
- /*@ ghost int aorai_CurStates_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- aorai_CurStates_tmp = aorai_CurStates;
- if (6 == aorai_CurStates) aorai_CurStates_tmp = main_0;
- aorai_CurStates_tmp = aorai_CurStates;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_formals_0.i, line 301)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_formals_0.i, line 302)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_OK_in' (file /tmp/aorai_formals_0.i, line 307)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_OK_out' (file /tmp/aorai_formals_0.i, line 311)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_formals_0.i, line 314)
+ tried with Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_formals_0.i, line 317)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_in_0' (file /tmp/aorai_formals_0.i, line 321)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_in_0' (file /tmp/aorai_formals_0.i, line 322)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_formals_0.i, line 326)
+ tried with Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_formals_0.i, line 327)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_formals_0.i, line 330)
+ tried with Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_reject_in' (file /tmp/aorai_formals_0.i, line 334)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_reject_out' (file /tmp/aorai_formals_0.i, line 338)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_init_out' (file /tmp/aorai_formals_0.i, line 341)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_main_0_out' (file /tmp/aorai_formals_0.i, line 344)
+ tried with Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_formals_0.i, line 303)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_OK_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_OK_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_in_0'
+ by Frama-C kernel.
+[ - ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_aorai_intermediate_state_out'
+ tried with Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_reject_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_reject_out'
+ by Frama-C kernel.
+[ - ] Behavior 'buch_state_init_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_main_0_out'
+ tried with Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires aorai_CurStates ≡ OK;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, aorai_CurStates;
-
- behavior buch_state_OK_in:
- assumes aorai_CurStates ≡ OK;
- ensures aorai_CurStates ≡ OK;
-
- behavior buch_state_OK_out:
- assumes aorai_CurStates ≢ OK;
- ensures aorai_CurStates ≢ OK;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures aorai_CurStates ≢ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures aorai_CurStates ≢ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures aorai_CurStates ≢ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures aorai_CurStates ≢ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_reject_in:
- assumes aorai_CurStates ≡ aorai_reject;
- ensures aorai_CurStates ≡ aorai_reject;
-
- behavior buch_state_aorai_reject_out:
- assumes aorai_CurStates ≢ aorai_reject;
- ensures aorai_CurStates ≢ aorai_reject;
-
- behavior buch_state_init_out:
- ensures aorai_CurStates ≢ init;
-
- behavior buch_state_main_0_out:
- ensures aorai_CurStates ≢ main_0;
- */
-void main_post_func(int res)
-{
- /*@ ghost int aorai_CurStates_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- aorai_CurStates_tmp = aorai_CurStates;
- if (5 == aorai_CurStates) aorai_CurStates_tmp = aorai_reject;
- if (0 == aorai_CurStates) aorai_CurStates_tmp = OK;
- aorai_CurStates_tmp = aorai_CurStates;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'g_post_func'
+--------------------------------------------------------------------------------
-/*@ requires aorai_CurStates ≡ init;
- ensures aorai_CurStates ≡ OK;
-
- behavior Buchi_property_behavior:
- ensures aorai_CurStates ≡ OK ∨ aorai_CurStates ≡ aorai_reject;
- ensures
- \at(aorai_CurStates ≡ init,Pre) ∧
- aorai_CurStates ≡ aorai_reject ⇒
- aorai_x_0 ≡ \at(1,Pre)+0 ∨ aorai_x_0 ≡ \at(aorai_x_0,Pre)+0;
- ensures
- \at(aorai_CurStates ≡ init,Pre) ∧
- aorai_CurStates ≡ aorai_reject ⇒
- aorai_y ≡ \at(2,Pre)+0 ∨ aorai_y ≡ \at(aorai_y,Pre)+0;
- ensures
- \at(aorai_CurStates ≡ init,Pre) ∧
- aorai_CurStates ≡ aorai_reject ⇒
- aorai_x ≡ \at(1,Pre)+0 ∨ aorai_x ≡ \at(aorai_x,Pre)+0;
- ensures
- \at(aorai_CurStates ≡ init,Pre) ∧ aorai_CurStates ≡ OK ⇒
- aorai_x_0 ≡ \at(1,Pre)+0 ∨ aorai_x_0 ≡ \at(aorai_x_0,Pre)+0;
- ensures
- \at(aorai_CurStates ≡ init,Pre) ∧ aorai_CurStates ≡ OK ⇒
- aorai_y ≡ \at(2,Pre)+0 ∨ aorai_y ≡ \at(aorai_y,Pre)+0;
- ensures
- \at(aorai_CurStates ≡ init,Pre) ∧ aorai_CurStates ≡ OK ⇒
- aorai_x ≡ \at(1,Pre)+0 ∨ aorai_x ≡ \at(aorai_x,Pre)+0;
- */
-int main(void)
-{
- int __retres;
- main_pre_func();
- f(1);
- g(2);
- __retres = 0;
- main_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_formals_0.i, line 371)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_formals_0.i, line 372)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_OK_in' (file /tmp/aorai_formals_0.i, line 379)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_OK_out' (file /tmp/aorai_formals_0.i, line 386)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_formals_0.i, line 389)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_formals_0.i, line 392)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_formals_0.i, line 395)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_formals_0.i, line 398)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_reject_in' (file /tmp/aorai_formals_0.i, line 404)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_reject_out' (file /tmp/aorai_formals_0.i, line 411)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_init_out' (file /tmp/aorai_formals_0.i, line 414)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_main_0_out' (file /tmp/aorai_formals_0.i, line 417)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_formals_0.i, line 373)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_OK_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_OK_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_reject_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_reject_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_main_0_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_formals_0.i, line 474)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_formals_0.i, line 475)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_OK_out' (file /tmp/aorai_formals_0.i, line 479)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_formals_0.i, line 482)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_formals_0.i, line 485)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_formals_0.i, line 488)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_formals_0.i, line 491)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_aorai_reject_out' (file /tmp/aorai_formals_0.i, line 494)
+ tried with Wp.typed.
+[ Valid ] Post-condition for 'buch_state_init_out' (file /tmp/aorai_formals_0.i, line 497)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_main_0_in' (file /tmp/aorai_formals_0.i, line 501)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_main_0_out' (file /tmp/aorai_formals_0.i, line 505)
+ tried with Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_formals_0.i, line 476)
+ by Wp.typed.
+[ - ] Behavior 'buch_state_OK_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_aorai_intermediate_state_out'
+ tried with Frama-C kernel.
+[ - ] Behavior 'buch_state_aorai_reject_out'
+ tried with Frama-C kernel.
+[ Valid ] Behavior 'buch_state_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_main_0_in'
+ by Frama-C kernel.
+[ - ] Behavior 'buch_state_main_0_out'
+ tried with Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_formals_0.i, line 522)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_formals_0.i, line 523)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_OK_in' (file /tmp/aorai_formals_0.i, line 528)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_OK_out' (file /tmp/aorai_formals_0.i, line 532)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_formals_0.i, line 535)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_formals_0.i, line 538)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_formals_0.i, line 541)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_formals_0.i, line 544)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_reject_in' (file /tmp/aorai_formals_0.i, line 548)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_reject_out' (file /tmp/aorai_formals_0.i, line 552)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_init_out' (file /tmp/aorai_formals_0.i, line 555)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_main_0_out' (file /tmp/aorai_formals_0.i, line 558)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_formals_0.i, line 524)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_OK_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_OK_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_reject_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_reject_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_main_0_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 112 Completely validated
+ 40 To be validated
+ 152 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/generate_assigns_bts1290.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/generate_assigns_bts1290.res.oracle
index 74dfe092ace0323030b97467e8acbf682d42de8b..1612655aa9e12b100021f8d1fb629a5eaf885214 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/generate_assigns_bts1290.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/generate_assigns_bts1290.res.oracle
@@ -1,108 +1,61 @@
[kernel] Parsing tests/aorai/generate_assigns_bts1290.i (no preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_generate_assigns_bts12900.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_main_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part3 : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int S = 1; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S;
-
- behavior buch_state_S_in:
- assumes 1 ≡ S;
- ensures 1 ≡ S;
-
- behavior buch_state_S_out:
- assumes 0 ≡ S;
- ensures 0 ≡ S;
- */
-void main_pre_func(void)
-{
- /*@ ghost int S_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- S_tmp = S;
- if (S == 1) S_tmp = 1; else S_tmp = 0;
- S = S_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_generate_assigns_bts1290_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires 1 ≡ S;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S;
-
- behavior buch_state_S_in:
- assumes 1 ≡ S;
- ensures 1 ≡ S;
-
- behavior buch_state_S_out:
- assumes 0 ≡ S;
- ensures 0 ≡ S;
- */
-void main_post_func(void)
-{
- /*@ ghost int S_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- S_tmp = S;
- if (S == 1) S_tmp = 1; else S_tmp = 0;
- S = S_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ S;
-
- behavior Buchi_property_behavior:
- ensures \true;
- ensures 1 ≡ S;
- */
-void main(void)
-{
- int aorai_Loop_Init_11;
- int i;
- main_pre_func();
- i = 0;
- /*@ ghost aorai_Loop_Init_11 = 1; */
- aorai_loop_11:
- /*@ loop invariant Aorai: 1 ≡ S;
- loop assigns i, aorai_Loop_Init_11, aorai_CurOpStatus,
- aorai_CurOperation, S;
- loop assigns aorai_Loop_Init_11 \from \nothing;
- */
- while (1) {
- if (! (i < 10)) goto while_0_break;
- /*@ ghost aorai_Loop_Init_11 = 0; */
- i ++;
- }
- while_0_break: ;
- main_post_func();
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_generate_assigns_bts1290_0.i, line 29)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_generate_assigns_bts1290_0.i, line 30)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_in' (file /tmp/aorai_generate_assigns_bts1290_0.i, line 35)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_out' (file /tmp/aorai_generate_assigns_bts1290_0.i, line 39)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_generate_assigns_bts1290_0.i, line 31)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_generate_assigns_bts1290_0.i, line 56)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_generate_assigns_bts1290_0.i, line 57)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_in' (file /tmp/aorai_generate_assigns_bts1290_0.i, line 62)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S_out' (file /tmp/aorai_generate_assigns_bts1290_0.i, line 66)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_generate_assigns_bts1290_0.i, line 58)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 17 Completely validated
+ 17 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/goto.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/goto.res.oracle
index f29a5c02b36d7de375ae4ce96a1cc627fb3133df..f77b85543d2d2379ac66ede90ec43ce1754e45bd 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/goto.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/goto.res.oracle
@@ -1,877 +1,396 @@
[kernel] Parsing tests/aorai/goto.c (with preprocessing)
[aorai] Welcome to the Aorai plugin
-tests/aorai/goto.c:28:[aorai] warning: Call to opc does not follow automaton's specification. This path is assumed to be dead
-[kernel] Parsing /tmp/aorai_goto0.i (no preprocessing)
-/tmp/aorai_goto0.i:4:[wp] warning: Global invariant not handled yet ('inv' ignored)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_main_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_all_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S6_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S5_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S2_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S6_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S5_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opa_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_opa_post_func_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_S6_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_S5_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_S4_in_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_all_out_post : Valid
-[wp] Computing [100 goals...]
-[wp] [Qed] Goal typed_opa_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_S3_in_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_S6_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_S5_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opb_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_opb_post_func_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_S6_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_S6_in_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_S5_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_S6_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_S5_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_S5_in_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opc_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_opc_post_func_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opc_post_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_opc_post_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_buch_state_accept_S6_out_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_buch_state_accept_S5_out_post : Valid
-[wp] Computing [200 goals...]
-[wp] [Qed] Goal typed_opc_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_post : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_buch_state_accept_S5_out_post : Valid
-[wp] [Qed] Goal typed_opc_pre_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_opc_pre_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_opc_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_opc_pre_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_opc_pre_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_opc_pre_func_buch_state_accept_S6_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_main = 3,
- op_opa = 2,
- op_opb = 1,
- op_opc = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-int status = 0;
-int rr = 1;
-/*@ global invariant inv: 0 ≤ rr ≤ 5000;
- */
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int accept_S2 = 0; */
-/*@ ghost int accept_S3 = 0; */
-/*@ ghost int accept_S4 = 0; */
-/*@ ghost int accept_S5 = 0; */
-/*@ ghost int accept_S6 = 0; */
-/*@ ghost int accept_all = 0; */
-/*@ ghost int accept_init = 1; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_opa;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S2, accept_S3,
- accept_S4, accept_S5, accept_S6, accept_all, accept_init;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_in:
- assumes 1 ≡ accept_S2;
- ensures 1 ≡ accept_S3;
-
- behavior buch_state_accept_S3_out:
- assumes 0 ≡ accept_S2;
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_out:
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_S6_out:
- ensures 0 ≡ accept_S6;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void opa_pre_func(void)
-{
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_S6_tmp; */
- /*@ ghost int accept_all_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_opa;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_S6_tmp = accept_S6;
- accept_all_tmp = accept_all;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- accept_all_tmp = 0;
- accept_S6_tmp = 0;
- accept_S5_tmp = 0;
- accept_S4_tmp = 0;
- if (accept_S2 == 1) accept_S3_tmp = 1; else accept_S3_tmp = 0;
- accept_S2_tmp = 0;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_S6 = accept_S6_tmp;
- accept_all = accept_all_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+[aorai] tests/aorai/goto.c:28: Warning:
+ Call to opc does not follow automaton's specification. This path is assumed to be dead
+[kernel] Parsing /tmp/aorai_goto_0.i (no preprocessing)
+[wp] /tmp/aorai_goto_0.i:4: Warning:
+ Global invariant not handled yet ('inv' ignored)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires
- 1 ≡ accept_S3 ∧ 0 ≡ accept_S2 ∧ 0 ≡ accept_S4 ∧
- 0 ≡ accept_S5 ∧ 0 ≡ accept_S6 ∧ 0 ≡ accept_all ∧
- 0 ≡ accept_init;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_opa;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S2, accept_S3,
- accept_S4, accept_S5, accept_S6, accept_all, accept_init;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_in:
- assumes 1 ≡ accept_S3;
- ensures 1 ≡ accept_S4;
-
- behavior buch_state_accept_S4_out:
- assumes 0 ≡ accept_S3;
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_out:
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_S6_out:
- ensures 0 ≡ accept_S6;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void opa_post_func(void)
-{
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_S6_tmp; */
- /*@ ghost int accept_all_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_opa;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_S6_tmp = accept_S6;
- accept_all_tmp = accept_all;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- accept_all_tmp = 0;
- accept_S6_tmp = 0;
- accept_S5_tmp = 0;
- if (accept_S3 == 1) accept_S4_tmp = 1; else accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- accept_S2_tmp = 0;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_S6 = accept_S6_tmp;
- accept_all = accept_all_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opa_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ accept_S2 ∧ 0 ≡ accept_S3 ∧ 0 ≡ accept_S4 ∧
- 0 ≡ accept_S5 ∧ 0 ≡ accept_S6 ∧ 0 ≡ accept_all ∧
- 0 ≡ accept_init;
- requires rr < 5000;
-
- behavior j:
- ensures rr < 5001;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ accept_S2 ∧ 0 ≡ accept_S3 ∧ 0 ≡ accept_S5 ∧
- 0 ≡ accept_S6 ∧ 0 ≡ accept_all ∧ 0 ≡ accept_init;
- ensures 1 ≡ accept_S4;
- */
-void opa(void)
-{
- opa_pre_func();
- rr ++;
- opa_post_func();
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_goto_0.i, line 42)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_goto_0.i, line 43)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_goto_0.i, line 48)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_in' (file /tmp/aorai_goto_0.i, line 52)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_goto_0.i, line 56)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_goto_0.i, line 59)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_goto_0.i, line 62)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S6_out' (file /tmp/aorai_goto_0.i, line 65)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_goto_0.i, line 68)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_goto_0.i, line 71)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_goto_0.i, line 44)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_opb;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S2, accept_S3,
- accept_S4, accept_S5, accept_S6, accept_all, accept_init;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_in:
- assumes 1 ≡ accept_S4;
- ensures 1 ≡ accept_S5;
-
- behavior buch_state_accept_S5_out:
- assumes 0 ≡ accept_S4;
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_S6_out:
- ensures 0 ≡ accept_S6;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void opb_pre_func(void)
-{
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_S6_tmp; */
- /*@ ghost int accept_all_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_opb;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_S6_tmp = accept_S6;
- accept_all_tmp = accept_all;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- accept_all_tmp = 0;
- accept_S6_tmp = 0;
- if (accept_S4 == 1) accept_S5_tmp = 1; else accept_S5_tmp = 0;
- accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- accept_S2_tmp = 0;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_S6 = accept_S6_tmp;
- accept_all = accept_all_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opa_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ accept_S5 ∧ 0 ≡ accept_S2 ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_S4 ∧ 0 ≡ accept_S6 ∧ 0 ≡ accept_all ∧
- 0 ≡ accept_init;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_opb;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S2, accept_S3,
- accept_S4, accept_S5, accept_S6, accept_all, accept_init;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_out:
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_S6_in:
- assumes 1 ≡ accept_S5;
- ensures 1 ≡ accept_S6;
-
- behavior buch_state_accept_S6_out:
- assumes 0 ≡ accept_S5;
- ensures 0 ≡ accept_S6;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void opb_post_func(void)
-{
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_S6_tmp; */
- /*@ ghost int accept_all_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_opb;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_S6_tmp = accept_S6;
- accept_all_tmp = accept_all;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- accept_all_tmp = 0;
- if (accept_S5 == 1) accept_S6_tmp = 1; else accept_S6_tmp = 0;
- accept_S5_tmp = 0;
- accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- accept_S2_tmp = 0;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_S6 = accept_S6_tmp;
- accept_all = accept_all_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_goto_0.i, line 115)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_goto_0.i, line 116)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_goto_0.i, line 121)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_goto_0.i, line 124)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_in' (file /tmp/aorai_goto_0.i, line 128)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_goto_0.i, line 132)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_goto_0.i, line 135)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S6_out' (file /tmp/aorai_goto_0.i, line 138)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_goto_0.i, line 141)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_goto_0.i, line 144)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_goto_0.i, line 117)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ accept_S4 ∧ 0 ≡ accept_S2 ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_S5 ∧ 0 ≡ accept_S6 ∧ 0 ≡ accept_all ∧
- 0 ≡ accept_init;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ accept_S2 ∧ 0 ≡ accept_S3 ∧ 0 ≡ accept_S4 ∧
- 0 ≡ accept_S5 ∧ 0 ≡ accept_all ∧ 0 ≡ accept_init;
- ensures 1 ≡ accept_S6;
- */
-void opb(void)
-{
- opb_pre_func();
- status = 1;
- opb_post_func();
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opa'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_opc;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S2, accept_S3,
- accept_S4, accept_S5, accept_S6, accept_all, accept_init;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_out:
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_S6_out:
- ensures 0 ≡ accept_S6;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void opc_pre_func(void)
-{
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_S6_tmp; */
- /*@ ghost int accept_all_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_opc;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_S6_tmp = accept_S6;
- accept_all_tmp = accept_all;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- accept_all_tmp = 0;
- accept_S6_tmp = 0;
- accept_S5_tmp = 0;
- accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- accept_S2_tmp = 0;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_S6 = accept_S6_tmp;
- accept_all = accept_all_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires \false;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_opc;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S2, accept_S3,
- accept_S4, accept_S5, accept_S6, accept_all, accept_init;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_out:
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_S6_out:
- ensures 0 ≡ accept_S6;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void opc_post_func(void)
-{
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_S6_tmp; */
- /*@ ghost int accept_all_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_opc;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_S6_tmp = accept_S6;
- accept_all_tmp = accept_all;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- accept_all_tmp = 0;
- accept_S6_tmp = 0;
- accept_S5_tmp = 0;
- accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- accept_S2_tmp = 0;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_S6 = accept_S6_tmp;
- accept_all = accept_all_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opb_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires \false;
-
- behavior Buchi_behavior_out_0:
- ensures 0 ≡ accept_S2;
-
- behavior Buchi_behavior_out_1:
- ensures 0 ≡ accept_S3;
-
- behavior Buchi_behavior_out_2:
- ensures 0 ≡ accept_S4;
-
- behavior Buchi_behavior_out_3:
- ensures 0 ≡ accept_S5;
-
- behavior Buchi_behavior_out_4:
- ensures 0 ≡ accept_S6;
-
- behavior Buchi_behavior_out_5:
- ensures 0 ≡ accept_all;
-
- behavior Buchi_behavior_out_6:
- ensures 0 ≡ accept_init;
- */
-void opc(void)
-{
- opc_pre_func();
- rr = 60000;
- opc_post_func();
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_goto_0.i, line 207)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_goto_0.i, line 208)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_goto_0.i, line 213)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_goto_0.i, line 216)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_goto_0.i, line 219)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_in' (file /tmp/aorai_goto_0.i, line 223)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_goto_0.i, line 227)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S6_out' (file /tmp/aorai_goto_0.i, line 230)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_goto_0.i, line 233)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_goto_0.i, line 236)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_goto_0.i, line 209)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S2, accept_S3,
- accept_S4, accept_S5, accept_S6, accept_all, accept_init;
-
- behavior buch_state_accept_S2_in:
- assumes 1 ≡ accept_init;
- ensures 1 ≡ accept_S2;
-
- behavior buch_state_accept_S2_out:
- assumes 0 ≡ accept_init;
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_out:
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_S6_out:
- ensures 0 ≡ accept_S6;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void main_pre_func(void)
-{
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_S6_tmp; */
- /*@ ghost int accept_all_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_S6_tmp = accept_S6;
- accept_all_tmp = accept_all;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- accept_all_tmp = 0;
- accept_S6_tmp = 0;
- accept_S5_tmp = 0;
- accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- if (accept_init == 1) accept_S2_tmp = 1; else accept_S2_tmp = 0;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_S6 = accept_S6_tmp;
- accept_all = accept_all_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opb_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ accept_S6 ∧ 0 ≡ accept_S2 ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_S4 ∧ 0 ≡ accept_S5 ∧ 0 ≡ accept_all ∧
- 0 ≡ accept_init;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S2, accept_S3,
- accept_S4, accept_S5, accept_S6, accept_all, accept_init;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_out:
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_S6_out:
- ensures 0 ≡ accept_S6;
-
- behavior buch_state_accept_all_in:
- assumes 1 ≡ accept_S6;
- ensures 1 ≡ accept_all;
-
- behavior buch_state_accept_all_out:
- assumes 0 ≡ accept_S6;
- ensures 0 ≡ accept_all;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void main_post_func(int res)
-{
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_S6_tmp; */
- /*@ ghost int accept_all_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_S6_tmp = accept_S6;
- accept_all_tmp = accept_all;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- if (accept_S6 == 1) accept_all_tmp = 1; else accept_all_tmp = 0;
- accept_S6_tmp = 0;
- accept_S5_tmp = 0;
- accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- accept_S2_tmp = 0;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_S6 = accept_S6_tmp;
- accept_all = accept_all_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_goto_0.i, line 280)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_goto_0.i, line 281)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_goto_0.i, line 286)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_goto_0.i, line 289)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_goto_0.i, line 292)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_goto_0.i, line 295)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S6_in' (file /tmp/aorai_goto_0.i, line 299)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S6_out' (file /tmp/aorai_goto_0.i, line 303)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_goto_0.i, line 306)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_goto_0.i, line 309)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_goto_0.i, line 282)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S6_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ accept_init ∧ 0 ≡ accept_S2 ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_S4 ∧ 0 ≡ accept_S5 ∧ 0 ≡ accept_S6 ∧
- 0 ≡ accept_all;
-
- behavior aorai_acceptance:
- ensures
- 1 ≡ accept_S2 ∨ 1 ≡ accept_S3 ∨ 1 ≡ accept_S4 ∨
- 1 ≡ accept_S5 ∨ 1 ≡ accept_S6 ∨ 1 ≡ accept_all ∨
- 1 ≡ accept_init;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ accept_S2 ∧ 0 ≡ accept_S3 ∧ 0 ≡ accept_S4 ∧
- 0 ≡ accept_S5 ∧ 0 ≡ accept_S6 ∧ 0 ≡ accept_init;
- ensures 1 ≡ accept_all;
- */
-int main(void)
-{
- int __retres;
- main_pre_func();
- if (rr < 5000) goto L;
- opc();
- L4: goto L5;
- L: opa();
- goto L2;
- opc();
- L6: __retres = 1;
- goto return_label;
- L3: goto L4;
- opc();
- goto L2;
- L2: goto L3;
- L5: opb();
- goto L6;
- return_label: main_post_func(__retres);
- return __retres;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opb'
+--------------------------------------------------------------------------------
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'opc_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_goto_0.i, line 368)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_goto_0.i, line 369)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_goto_0.i, line 374)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_goto_0.i, line 377)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_goto_0.i, line 380)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_goto_0.i, line 383)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S6_out' (file /tmp/aorai_goto_0.i, line 386)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_goto_0.i, line 389)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_goto_0.i, line 392)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_goto_0.i, line 370)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'opc_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_goto_0.i, line 433)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_goto_0.i, line 434)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_goto_0.i, line 439)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_goto_0.i, line 442)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_goto_0.i, line 445)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_goto_0.i, line 448)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S6_out' (file /tmp/aorai_goto_0.i, line 451)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_goto_0.i, line 454)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_goto_0.i, line 457)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_goto_0.i, line 435)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'opc'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_goto_0.i, line 528)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_goto_0.i, line 529)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_in' (file /tmp/aorai_goto_0.i, line 535)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_goto_0.i, line 539)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_goto_0.i, line 542)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_goto_0.i, line 545)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_goto_0.i, line 548)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S6_out' (file /tmp/aorai_goto_0.i, line 551)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_goto_0.i, line 554)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_goto_0.i, line 557)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_goto_0.i, line 530)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_goto_0.i, line 601)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_goto_0.i, line 602)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_goto_0.i, line 607)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_goto_0.i, line 610)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_goto_0.i, line 613)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_goto_0.i, line 616)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S6_out' (file /tmp/aorai_goto_0.i, line 619)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_in' (file /tmp/aorai_goto_0.i, line 623)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_goto_0.i, line 627)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_goto_0.i, line 630)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_goto_0.i, line 603)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 160 Completely validated
+ 160 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/hoare_seq.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/hoare_seq.res.oracle
index d1a8dce2eb23b6ef73e833d6683b624dcab2484a..ce2b6a6fbdbe188d7486e3b114a550522f8d52f9 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/hoare_seq.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/hoare_seq.res.oracle
@@ -1,551 +1,209 @@
[kernel] Parsing tests/aorai/hoare_seq.i (no preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_hoare_seq0.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_f_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_f_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_f_post_func_post : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part17 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_1_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_reject_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_reject_in_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_2_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_2_in_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_f_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_f_pre_func_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_1_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_1_in_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_reject_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_reject_in_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part18 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part17 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part21 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part20 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part19 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_0_out____ : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_Sf_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_reject_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_reject_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_2_out____ : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_1_out____ : Valid
-[wp] Computing [100 goals...]
-[wp] [Qed] Goal typed_main_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part17 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_0_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_1_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_reject_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_f = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int S0 = 1; */
-/*@ ghost int Sf = 0; */
-/*@ ghost int aorai_intermediate_state = 0; */
-/*@ ghost int aorai_intermediate_state_0 = 0; */
-/*@ ghost int aorai_intermediate_state_1 = 0; */
-/*@ ghost int aorai_intermediate_state_2 = 0; */
-/*@ ghost int aorai_reject = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_f;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_reject;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_in:
- assumes 1 ≡ aorai_intermediate_state_0;
- ensures 1 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- assumes 0 ≡ aorai_intermediate_state_0;
- ensures 0 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_reject_in:
- assumes 1 ≡ aorai_intermediate_state;
- ensures 1 ≡ aorai_reject;
-
- behavior buch_state_aorai_reject_out:
- assumes 0 ≡ aorai_intermediate_state;
- ensures 0 ≡ aorai_reject;
- */
-void f_pre_func(void)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_reject_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_f;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_reject_tmp = aorai_reject;
- if (aorai_intermediate_state == 1) aorai_reject_tmp = 1;
- else aorai_reject_tmp = 0;
- aorai_intermediate_state_2_tmp = 0;
- if (aorai_intermediate_state_0 == 1) aorai_intermediate_state_1_tmp = 1;
- else aorai_intermediate_state_1_tmp = 0;
- aorai_intermediate_state_0_tmp = 0;
- aorai_intermediate_state_tmp = 0;
- Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_reject = aorai_reject_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_hoare_seq_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires
- 1 ≡ aorai_intermediate_state_1 ∧ 0 ≡ S0 ∧ 0 ≡ Sf ∧
- 0 ≡ aorai_intermediate_state ∧ 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_2;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_f;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_reject;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures 0 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_in:
- assumes 1 ≡ aorai_intermediate_state_1;
- ensures 1 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- assumes 0 ≡ aorai_intermediate_state_1;
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_reject_in:
- assumes 1 ≡ aorai_reject;
- ensures 1 ≡ aorai_reject;
-
- behavior buch_state_aorai_reject_out:
- assumes 0 ≡ aorai_reject;
- ensures 0 ≡ aorai_reject;
- */
-void f_post_func(void)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_reject_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_f;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_reject_tmp = aorai_reject;
- if (aorai_reject == 1) aorai_reject_tmp = 1; else aorai_reject_tmp = 0;
- if (aorai_intermediate_state_1 == 1) aorai_intermediate_state_2_tmp = 1;
- else aorai_intermediate_state_2_tmp = 0;
- aorai_intermediate_state_1_tmp = 0;
- aorai_intermediate_state_0_tmp = 0;
- aorai_intermediate_state_tmp = 0;
- Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_reject = aorai_reject_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ aorai_intermediate_state_0 ∧ 0 ≡ S0 ∧ 0 ≡ Sf ∧
- 0 ≡ aorai_intermediate_state_1 ∧
- 0 ≡ aorai_intermediate_state_2 ∧ 0 ≡ aorai_reject;
- requires
- 1 ≡ aorai_intermediate_state_0 ∨ 0 ≡ aorai_intermediate_state_0;
- requires
- 1 ≡ aorai_intermediate_state ∨ 0 ≡ aorai_intermediate_state;
- ensures 1 ≡ aorai_intermediate_state_2;
-
- behavior Buchi_behavior_in_0:
- assumes 1 ≡ aorai_intermediate_state_0;
- ensures 1 ≡ aorai_intermediate_state_2;
-
- behavior Buchi_behavior_in_1:
- assumes 1 ≡ aorai_intermediate_state;
- ensures 1 ≡ aorai_reject;
-
- behavior Buchi_behavior_out_0:
- ensures 0 ≡ S0;
-
- behavior Buchi_behavior_out_1:
- ensures 0 ≡ Sf;
-
- behavior Buchi_behavior_out_2:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior Buchi_behavior_out_3:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior Buchi_behavior_out_4:
- ensures 0 ≡ aorai_intermediate_state_1;
-
- behavior Buchi_behavior_out_5:
- assumes 0 ≡ aorai_intermediate_state_0;
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior Buchi_behavior_out_6:
- assumes 0 ≡ aorai_intermediate_state;
- ensures 0 ≡ aorai_reject;
- */
-void f(void)
-{
- f_pre_func();
- f_post_func();
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_hoare_seq_0.i, line 36)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_hoare_seq_0.i, line 37)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_hoare_seq_0.i, line 44)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_hoare_seq_0.i, line 47)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_hoare_seq_0.i, line 50)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_hoare_seq_0.i, line 53)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_in' (file /tmp/aorai_hoare_seq_0.i, line 57)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_hoare_seq_0.i, line 61)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_hoare_seq_0.i, line 64)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_reject_in' (file /tmp/aorai_hoare_seq_0.i, line 68)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_reject_out' (file /tmp/aorai_hoare_seq_0.i, line 72)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_hoare_seq_0.i, line 38)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_reject_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_reject_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_reject;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_in:
- assumes 1 ≡ S0 ∧ c > 0;
- ensures 1 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_out:
- assumes 0 ≡ S0 ∨ ¬(c > 0);
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_in:
- assumes 1 ≡ S0 ∧ c ≤ 0;
- ensures 1 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- assumes 0 ≡ S0 ∨ ¬(c ≤ 0);
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures 0 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_reject_out:
- ensures 0 ≡ aorai_reject;
- */
-void main_pre_func(int c)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_reject_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_reject_tmp = aorai_reject;
- aorai_reject_tmp = 0;
- aorai_intermediate_state_2_tmp = 0;
- aorai_intermediate_state_1_tmp = 0;
- if (S0 == 1)
- if (c <= 0) aorai_intermediate_state_0_tmp = 1;
- else aorai_intermediate_state_0_tmp = 0;
- else aorai_intermediate_state_0_tmp = 0;
- if (S0 == 1) aorai_intermediate_state_tmp = 1;
- else aorai_intermediate_state_tmp = 0;
- Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_reject = aorai_reject_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- (1 ≡ aorai_intermediate_state ∨ 1 ≡ aorai_intermediate_state_0 ∨
- 1 ≡ aorai_intermediate_state_2) ∧
- 0 ≡ S0 ∧ 0 ≡ Sf ∧ 0 ≡ aorai_intermediate_state_1;
- requires 1 ≡ aorai_intermediate_state_2 ⇒ res ≡ 0 ∨ res ≢ 0;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_reject;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_in:
- assumes
- (1 ≡ aorai_intermediate_state_2 ∧ res ≡ 0) ∨
- 1 ≡ aorai_intermediate_state;
- ensures 1 ≡ Sf;
-
- behavior buch_state_Sf_out:
- assumes
- (0 ≡ aorai_intermediate_state_2 ∨ ¬(res ≡ 0)) ∧
- 0 ≡ aorai_intermediate_state;
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures 0 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_reject_in:
- assumes
- 1 ≡ aorai_reject ∨
- (1 ≡ aorai_intermediate_state_2 ∧ res ≢ 0) ∨
- 1 ≡ aorai_intermediate_state_0;
- ensures 1 ≡ aorai_reject;
-
- behavior buch_state_aorai_reject_out:
- assumes
- 0 ≡ aorai_reject ∧
- (0 ≡ aorai_intermediate_state_2 ∨ res ≡ 0) ∧
- 0 ≡ aorai_intermediate_state_0;
- ensures 0 ≡ aorai_reject;
- */
-void main_post_func(int res)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_reject_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_reject_tmp = aorai_reject;
- if (aorai_intermediate_state_0 == 1) aorai_reject_tmp = 1;
- else
- if (aorai_intermediate_state_2 == 1) {
- if (res != 0) aorai_reject_tmp = 1; else goto _LAND;
- }
- else {
- _LAND: ;
- if (aorai_reject == 1) aorai_reject_tmp = 1; else aorai_reject_tmp = 0;
- }
- aorai_intermediate_state_2_tmp = 0;
- aorai_intermediate_state_1_tmp = 0;
- aorai_intermediate_state_0_tmp = 0;
- aorai_intermediate_state_tmp = 0;
- if (aorai_intermediate_state == 1) Sf_tmp = 1;
- else
- if (aorai_intermediate_state_2 == 1)
- if (res == 0) Sf_tmp = 1; else Sf_tmp = 0;
- else Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_reject = aorai_reject_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_hoare_seq_0.i, line 118)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_hoare_seq_0.i, line 119)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_hoare_seq_0.i, line 126)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_hoare_seq_0.i, line 129)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_hoare_seq_0.i, line 132)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_hoare_seq_0.i, line 135)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_hoare_seq_0.i, line 138)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_in' (file /tmp/aorai_hoare_seq_0.i, line 142)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_hoare_seq_0.i, line 146)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_reject_in' (file /tmp/aorai_hoare_seq_0.i, line 150)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_reject_out' (file /tmp/aorai_hoare_seq_0.i, line 154)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_hoare_seq_0.i, line 120)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_reject_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_reject_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ S0 ∧ 0 ≡ Sf ∧ 0 ≡ aorai_intermediate_state ∧
- 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_1 ∧
- 0 ≡ aorai_intermediate_state_2 ∧ 0 ≡ aorai_reject;
- requires 1 ≡ S0 ⇒ c > 0 ∨ c ≤ 0;
- ensures 1 ≡ Sf;
-
- behavior bhv:
- assumes c > 0;
- ensures \result ≡ 0;
-
- behavior aorai_acceptance:
- ensures 1 ≡ Sf;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ Sf ∨ 0 ≡ Sf;
- ensures 1 ≡ aorai_reject ∨ 0 ≡ aorai_reject;
- ensures
- 0 ≡ S0 ∧ 0 ≡ aorai_intermediate_state ∧
- 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_1 ∧ 0 ≡ aorai_intermediate_state_2;
- ensures 1 ≡ Sf ∨ 1 ≡ aorai_reject;
- */
-int main(int c)
-{
- int __retres;
- main_pre_func(c);
- if (c <= 0) f();
- __retres = 0;
- main_post_func(__retres);
- return __retres;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_hoare_seq_0.i, line 243)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_hoare_seq_0.i, line 244)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_hoare_seq_0.i, line 251)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_hoare_seq_0.i, line 254)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_in' (file /tmp/aorai_hoare_seq_0.i, line 258)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_hoare_seq_0.i, line 262)
+ tried with Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_in' (file /tmp/aorai_hoare_seq_0.i, line 266)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_hoare_seq_0.i, line 270)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_hoare_seq_0.i, line 273)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_hoare_seq_0.i, line 276)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_reject_out' (file /tmp/aorai_hoare_seq_0.i, line 279)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_hoare_seq_0.i, line 245)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_in'
+ by Frama-C kernel.
+[ - ] Behavior 'buch_state_aorai_intermediate_state_out'
+ tried with Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_reject_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_hoare_seq_0.i, line 326)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_hoare_seq_0.i, line 327)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_hoare_seq_0.i, line 334)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_in' (file /tmp/aorai_hoare_seq_0.i, line 340)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_hoare_seq_0.i, line 346)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_hoare_seq_0.i, line 349)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_hoare_seq_0.i, line 352)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_hoare_seq_0.i, line 355)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_hoare_seq_0.i, line 358)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_reject_in' (file /tmp/aorai_hoare_seq_0.i, line 365)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_reject_out' (file /tmp/aorai_hoare_seq_0.i, line 372)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_hoare_seq_0.i, line 328)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_reject_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_reject_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 86 Completely validated
+ 2 To be validated
+ 88 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/incorrect.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/incorrect.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..b0ccf45eaf4161d5c99de5306533716a87090169
--- /dev/null
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/incorrect.res.oracle
@@ -0,0 +1,68 @@
+[kernel] Parsing tests/aorai/incorrect.i (no preprocessing)
+[aorai] Welcome to the Aorai plugin
+[aorai] Warning: Call to main does not follow automaton's specification. This path is assumed to be dead
+[kernel] Parsing /tmp/aorai_incorrect_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[kernel:annot:missing-spec] /tmp/aorai_incorrect_0.i:60: Warning:
+ Neither code nor specification for function f, generating default assigns from the prototype
+[report] Computing properties status...
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'f'
+--------------------------------------------------------------------------------
+
+[ - ] Assigns nothing
+ tried with Inferred annotations.
+[ - ] Froms (file /tmp/aorai_incorrect_0.i, line 4)
+ tried with Inferred annotations.
+[ - ] Default behavior
+ tried with Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_incorrect_0.i, line 38)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_incorrect_0.i, line 39)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_s0_out' (file /tmp/aorai_incorrect_0.i, line 43)
+ tried with Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_incorrect_0.i, line 40)
+ by Wp.typed.
+[ - ] Behavior 'buch_state_s0_out'
+ tried with Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_incorrect_0.i, line 59)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_incorrect_0.i, line 60)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_s0_out' (file /tmp/aorai_incorrect_0.i, line 64)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_incorrect_0.i, line 61)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_s0_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 11 Completely validated
+ 5 To be validated
+ 16 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/loop_bts1050.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/loop_bts1050.res.oracle
index 8251302b8c97a827a9bf3bf6aa276d0e182b10e7..06fc76c442f1367df7c5be6072ad73884c0aa6ea 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/loop_bts1050.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/loop_bts1050.res.oracle
@@ -1,753 +1,314 @@
[kernel] Parsing tests/aorai/loop_bts1050.i (no preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_loop_bts10500.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_f_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_f_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_f_post_func_post : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_2_in_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_1_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_3_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_2_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_f_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_f_pre_func_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part18 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part17 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_1_in_1_post_2 : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_1_in_1_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_1_out_post_2 : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_1_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_3_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_2_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_g_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_g_post_func_post : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_aorai_intermediate_state_1_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_aorai_intermediate_state_0_in_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_aorai_intermediate_state_3_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_aorai_intermediate_state_2_out_post : Valid
-[wp] Computing [100 goals...]
-[wp] [Qed] Goal typed_g_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_g_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_g_pre_func_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_3_in_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_2_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_1_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_3_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part17 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_0_out____ : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_Sf_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_3_out____ : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_2_out____ : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_1_out____ : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_1_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_3_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_f = 2,
- op_g = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int S0 = 1; */
-/*@ ghost int Sf = 0; */
-/*@ ghost int aorai_intermediate_state = 0; */
-/*@ ghost int aorai_intermediate_state_0 = 0; */
-/*@ ghost int aorai_intermediate_state_1 = 0; */
-/*@ ghost int aorai_intermediate_state_2 = 0; */
-/*@ ghost int aorai_intermediate_state_3 = 0; */
-/*@ ghost int aorai_counter = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_f;
- assigns aorai_counter, aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_intermediate_state_3;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_in_0:
- assumes 1 ≡ aorai_intermediate_state_0 ∧ aorai_counter < 5;
- ensures 1 ≡ aorai_intermediate_state_1;
- ensures aorai_counter ≡ \old(aorai_counter)+1;
-
- behavior buch_state_aorai_intermediate_state_1_in_1:
- assumes 1 ≡ aorai_intermediate_state;
- ensures 1 ≡ aorai_intermediate_state_1;
- ensures aorai_counter ≡ 1;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- assumes
- (0 ≡ aorai_intermediate_state_0 ∨ ¬(aorai_counter < 5)) ∧
- 0 ≡ aorai_intermediate_state;
- ensures 0 ≡ aorai_intermediate_state_1;
- ensures aorai_counter ≡ \old(aorai_counter);
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_3_out:
- ensures 0 ≡ aorai_intermediate_state_3;
- */
-void f_pre_func(void)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_intermediate_state_3_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_f;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_intermediate_state_3_tmp = aorai_intermediate_state_3;
- aorai_intermediate_state_3_tmp = 0;
- aorai_intermediate_state_2_tmp = 0;
- if (aorai_intermediate_state_0 == 1)
- if (aorai_counter < 5) aorai_counter ++;
- if (aorai_intermediate_state == 1) aorai_counter = 1;
- if (aorai_intermediate_state == 1) aorai_intermediate_state_1_tmp = 1;
- else
- if (aorai_intermediate_state_0 == 1)
- if (aorai_counter < 5) aorai_intermediate_state_1_tmp = 1;
- else aorai_intermediate_state_1_tmp = 0;
- else aorai_intermediate_state_1_tmp = 0;
- aorai_intermediate_state_0_tmp = 0;
- aorai_intermediate_state_tmp = 0;
- Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_intermediate_state_3 = aorai_intermediate_state_3_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_loop_bts1050_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires
- 1 ≡ aorai_intermediate_state_1 ∧ 0 ≡ S0 ∧ 0 ≡ Sf ∧
- 0 ≡ aorai_intermediate_state ∧ 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_2 ∧ 0 ≡ aorai_intermediate_state_3;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_f;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_intermediate_state_3;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures 0 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_in:
- assumes 1 ≡ aorai_intermediate_state_1;
- ensures 1 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- assumes 0 ≡ aorai_intermediate_state_1;
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_3_out:
- ensures 0 ≡ aorai_intermediate_state_3;
- */
-void f_post_func(void)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_intermediate_state_3_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_f;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_intermediate_state_3_tmp = aorai_intermediate_state_3;
- aorai_intermediate_state_3_tmp = 0;
- if (aorai_intermediate_state_1 == 1) aorai_intermediate_state_2_tmp = 1;
- else aorai_intermediate_state_2_tmp = 0;
- aorai_intermediate_state_1_tmp = 0;
- aorai_intermediate_state_0_tmp = 0;
- aorai_intermediate_state_tmp = 0;
- Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_intermediate_state_3 = aorai_intermediate_state_3_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- (1 ≡ aorai_intermediate_state ∨ 1 ≡ aorai_intermediate_state_0) ∧
- 0 ≡ S0 ∧ 0 ≡ Sf ∧ 0 ≡ aorai_intermediate_state_1 ∧
- 0 ≡ aorai_intermediate_state_2 ∧ 0 ≡ aorai_intermediate_state_3;
- requires 1 ≡ aorai_intermediate_state_0 ⇒ aorai_counter < 5;
- requires
- 0 ≡ aorai_intermediate_state ∨ 0 ≡ aorai_intermediate_state_0;
- requires
- 1 ≡ aorai_intermediate_state_0 ∨ 0 ≡ aorai_intermediate_state_0;
- requires
- 1 ≡ aorai_intermediate_state ∨ 0 ≡ aorai_intermediate_state;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ S0 ∧ 0 ≡ Sf ∧ 0 ≡ aorai_intermediate_state ∧
- 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_1 ∧ 0 ≡ aorai_intermediate_state_3;
- ensures 1 ≡ aorai_intermediate_state_2;
- ensures
- \at(1 ≡ aorai_intermediate_state_0,Pre) ∧
- 1 ≡ aorai_intermediate_state_2 ⇒
- aorai_counter ≡ \at(aorai_counter,Pre)+1;
- ensures
- \at(1 ≡ aorai_intermediate_state,Pre) ∧
- 1 ≡ aorai_intermediate_state_2 ⇒ aorai_counter ≡ 1;
- */
-void f(void)
-{
- f_pre_func();
- f_post_func();
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_loop_bts1050_0.i, line 38)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_loop_bts1050_0.i, line 39)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_loop_bts1050_0.i, line 46)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_loop_bts1050_0.i, line 49)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_loop_bts1050_0.i, line 52)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_loop_bts1050_0.i, line 55)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_aorai_intermediate_state_1_in_0' (file /tmp/aorai_loop_bts1050_0.i, line 59)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_aorai_intermediate_state_1_in_0' (file /tmp/aorai_loop_bts1050_0.i, line 60)
+ tried with Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_in_1' (file /tmp/aorai_loop_bts1050_0.i, line 64)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_in_1' (file /tmp/aorai_loop_bts1050_0.i, line 65)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_loop_bts1050_0.i, line 71)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_loop_bts1050_0.i, line 72)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_loop_bts1050_0.i, line 75)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_out' (file /tmp/aorai_loop_bts1050_0.i, line 78)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_loop_bts1050_0.i, line 40)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ - ] Behavior 'buch_state_aorai_intermediate_state_1_in_0'
+ tried with Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_in_1'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_g;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_intermediate_state_3;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures 0 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_3_in:
- assumes 1 ≡ aorai_intermediate_state_2;
- ensures 1 ≡ aorai_intermediate_state_3;
-
- behavior buch_state_aorai_intermediate_state_3_out:
- assumes 0 ≡ aorai_intermediate_state_2;
- ensures 0 ≡ aorai_intermediate_state_3;
- */
-void g_pre_func(void)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_intermediate_state_3_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_g;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_intermediate_state_3_tmp = aorai_intermediate_state_3;
- if (aorai_intermediate_state_2 == 1) aorai_intermediate_state_3_tmp = 1;
- else aorai_intermediate_state_3_tmp = 0;
- aorai_intermediate_state_2_tmp = 0;
- aorai_intermediate_state_1_tmp = 0;
- aorai_intermediate_state_0_tmp = 0;
- aorai_intermediate_state_tmp = 0;
- Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_intermediate_state_3 = aorai_intermediate_state_3_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ aorai_intermediate_state_3 ∧ 0 ≡ S0 ∧ 0 ≡ Sf ∧
- 0 ≡ aorai_intermediate_state ∧ 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_1 ∧ 0 ≡ aorai_intermediate_state_2;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_g;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_intermediate_state_3;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_in:
- assumes 1 ≡ aorai_intermediate_state_3;
- ensures 1 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- assumes 0 ≡ aorai_intermediate_state_3;
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures 0 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_3_out:
- ensures 0 ≡ aorai_intermediate_state_3;
- */
-void g_post_func(void)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_intermediate_state_3_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_g;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_intermediate_state_3_tmp = aorai_intermediate_state_3;
- aorai_intermediate_state_3_tmp = 0;
- aorai_intermediate_state_2_tmp = 0;
- aorai_intermediate_state_1_tmp = 0;
- if (aorai_intermediate_state_3 == 1) aorai_intermediate_state_0_tmp = 1;
- else aorai_intermediate_state_0_tmp = 0;
- aorai_intermediate_state_tmp = 0;
- Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_intermediate_state_3 = aorai_intermediate_state_3_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_loop_bts1050_0.i, line 127)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_loop_bts1050_0.i, line 128)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_loop_bts1050_0.i, line 135)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_loop_bts1050_0.i, line 138)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_loop_bts1050_0.i, line 141)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_loop_bts1050_0.i, line 144)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_loop_bts1050_0.i, line 147)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_in' (file /tmp/aorai_loop_bts1050_0.i, line 151)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_loop_bts1050_0.i, line 155)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_out' (file /tmp/aorai_loop_bts1050_0.i, line 158)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_loop_bts1050_0.i, line 129)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ aorai_intermediate_state_2 ∧ 0 ≡ S0 ∧ 0 ≡ Sf ∧
- 0 ≡ aorai_intermediate_state ∧ 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_1 ∧ 0 ≡ aorai_intermediate_state_3;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ S0 ∧ 0 ≡ Sf ∧ 0 ≡ aorai_intermediate_state ∧
- 0 ≡ aorai_intermediate_state_1 ∧
- 0 ≡ aorai_intermediate_state_2 ∧ 0 ≡ aorai_intermediate_state_3;
- ensures 1 ≡ aorai_intermediate_state_0;
- */
-void g(void)
-{
- g_pre_func();
- g_post_func();
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_intermediate_state_3;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_in:
- assumes 1 ≡ S0;
- ensures 1 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_out:
- assumes 0 ≡ S0;
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures 0 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_3_out:
- ensures 0 ≡ aorai_intermediate_state_3;
- */
-void main_pre_func(int c)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_intermediate_state_3_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_intermediate_state_3_tmp = aorai_intermediate_state_3;
- aorai_intermediate_state_3_tmp = 0;
- aorai_intermediate_state_2_tmp = 0;
- aorai_intermediate_state_1_tmp = 0;
- aorai_intermediate_state_0_tmp = 0;
- if (S0 == 1) aorai_intermediate_state_tmp = 1;
- else aorai_intermediate_state_tmp = 0;
- Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_intermediate_state_3 = aorai_intermediate_state_3_tmp;
- return;
-}
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- (1 ≡ aorai_intermediate_state ∨ 1 ≡ aorai_intermediate_state_0) ∧
- 0 ≡ S0 ∧ 0 ≡ Sf ∧ 0 ≡ aorai_intermediate_state_1 ∧
- 0 ≡ aorai_intermediate_state_2 ∧ 0 ≡ aorai_intermediate_state_3;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_intermediate_state_3;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_in:
- assumes
- 1 ≡ aorai_intermediate_state_0 ∨ 1 ≡ aorai_intermediate_state;
- ensures 1 ≡ Sf;
-
- behavior buch_state_Sf_out:
- assumes
- 0 ≡ aorai_intermediate_state_0 ∧ 0 ≡ aorai_intermediate_state;
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures 0 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_3_out:
- ensures 0 ≡ aorai_intermediate_state_3;
- */
-void main_post_func(int res)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_intermediate_state_3_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_intermediate_state_3_tmp = aorai_intermediate_state_3;
- aorai_intermediate_state_3_tmp = 0;
- aorai_intermediate_state_2_tmp = 0;
- aorai_intermediate_state_1_tmp = 0;
- aorai_intermediate_state_0_tmp = 0;
- aorai_intermediate_state_tmp = 0;
- if (aorai_intermediate_state == 1) Sf_tmp = 1;
- else
- if (aorai_intermediate_state_0 == 1) Sf_tmp = 1; else Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_intermediate_state_3 = aorai_intermediate_state_3_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'g_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ S0 ∧ 0 ≡ Sf ∧ 0 ≡ aorai_intermediate_state ∧
- 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_1 ∧
- 0 ≡ aorai_intermediate_state_2 ∧ 0 ≡ aorai_intermediate_state_3;
-
- behavior aorai_acceptance:
- ensures 1 ≡ Sf;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ S0 ∧ 0 ≡ aorai_intermediate_state ∧
- 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_1 ∧
- 0 ≡ aorai_intermediate_state_2 ∧ 0 ≡ aorai_intermediate_state_3;
- ensures 1 ≡ Sf;
- ensures
- \at(1 ≡ S0,Pre) ∧ 1 ≡ Sf ⇒
- (1 ≤ aorai_counter ≤ 5) ∨
- aorai_counter ≡ \at(aorai_counter,Pre)+0;
- */
-int main(int c)
-{
- int aorai_Loop_Init_37;
- int __retres;
- main_pre_func(c);
- if (c < 0) c = 0;
- if (c > 0) c = 5;
- /*@ ghost aorai_Loop_Init_37 = 1; */
- aorai_loop_37:
- /*@ loop invariant Aorai: 0 ≡ S0;
- loop invariant Aorai: 0 ≡ Sf;
- loop invariant
- Aorai:
- 1 ≡ aorai_intermediate_state ∨ 0 ≡ aorai_intermediate_state;
- loop invariant
- Aorai:
- 1 ≡ aorai_intermediate_state_0 ∨
- 0 ≡ aorai_intermediate_state_0;
- loop invariant Aorai: 0 ≡ aorai_intermediate_state_1;
- loop invariant Aorai: 0 ≡ aorai_intermediate_state_2;
- loop invariant Aorai: 0 ≡ aorai_intermediate_state_3;
- loop invariant
- Aorai:
- 1 ≡ aorai_intermediate_state ∨
- 1 ≡ aorai_intermediate_state_0;
- loop invariant
- Aorai:
- aorai_Loop_Init_37 ≢ 0 ⇒
- \at(1 ≡ S0,Pre) ⇒ 0 ≡ aorai_intermediate_state_0;
- loop invariant
- Aorai: aorai_Loop_Init_37 ≡ 0 ⇒ 0 ≡ aorai_intermediate_state;
- loop invariant
- Aorai:
- \at(1 ≡ aorai_intermediate_state,aorai_loop_37) ∧
- 1 ≡ aorai_intermediate_state_0 ⇒ 1 ≤ aorai_counter ≤ 5;
- */
- while (1) {
- if (! c) goto while_0_break;
- /*@ ghost aorai_Loop_Init_37 = 0; */
- f();
- g();
- c --;
- }
- while_0_break: ;
- __retres = 0;
- main_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_loop_bts1050_0.i, line 232)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_loop_bts1050_0.i, line 233)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_loop_bts1050_0.i, line 240)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_loop_bts1050_0.i, line 243)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_loop_bts1050_0.i, line 246)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_loop_bts1050_0.i, line 249)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_loop_bts1050_0.i, line 252)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_loop_bts1050_0.i, line 255)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_in' (file /tmp/aorai_loop_bts1050_0.i, line 259)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_out' (file /tmp/aorai_loop_bts1050_0.i, line 263)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_loop_bts1050_0.i, line 234)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'g_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_loop_bts1050_0.i, line 309)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_loop_bts1050_0.i, line 310)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_loop_bts1050_0.i, line 317)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_loop_bts1050_0.i, line 320)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_loop_bts1050_0.i, line 323)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_in' (file /tmp/aorai_loop_bts1050_0.i, line 327)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_loop_bts1050_0.i, line 331)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_loop_bts1050_0.i, line 334)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_loop_bts1050_0.i, line 337)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_out' (file /tmp/aorai_loop_bts1050_0.i, line 340)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_loop_bts1050_0.i, line 311)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'g'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_loop_bts1050_0.i, line 401)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_loop_bts1050_0.i, line 402)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_loop_bts1050_0.i, line 409)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_loop_bts1050_0.i, line 412)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_in' (file /tmp/aorai_loop_bts1050_0.i, line 416)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_loop_bts1050_0.i, line 420)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_loop_bts1050_0.i, line 423)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_loop_bts1050_0.i, line 426)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_loop_bts1050_0.i, line 429)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_out' (file /tmp/aorai_loop_bts1050_0.i, line 432)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_loop_bts1050_0.i, line 403)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_loop_bts1050_0.i, line 477)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_loop_bts1050_0.i, line 478)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_loop_bts1050_0.i, line 485)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_in' (file /tmp/aorai_loop_bts1050_0.i, line 490)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_loop_bts1050_0.i, line 495)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_loop_bts1050_0.i, line 498)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_loop_bts1050_0.i, line 501)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_loop_bts1050_0.i, line 504)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_loop_bts1050_0.i, line 507)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_out' (file /tmp/aorai_loop_bts1050_0.i, line 510)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_loop_bts1050_0.i, line 479)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 125 Completely validated
+ 3 To be validated
+ 128 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/monostate.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/monostate.res.oracle
new file mode 100644
index 0000000000000000000000000000000000000000..fcbb126e71536b5d56700432953494a2ce09929a
--- /dev/null
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/monostate.res.oracle
@@ -0,0 +1 @@
+[kernel] Parsing tests/aorai/monostate.i (no preprocessing)
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/not_prm.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/not_prm.res.oracle
index 4d9c5febd4bf309268f76ad1db7fba72b5c9bff5..73fd79dcc665035f30336d021e345e24c505ded1 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/not_prm.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/not_prm.res.oracle
@@ -1,120 +1,69 @@
[kernel] Parsing tests/aorai/not_prm.i (no preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_not_prm0.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_f_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_f_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_f_post_func_post : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_Sf_in_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_f_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_f_pre_func_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_Sf_in_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_S0_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_f = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_f; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int S0 = 1; */
-/*@ ghost int Sf = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_f;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_in:
- assumes 1 ≡ S0 ∧ x ≥ 4;
- ensures 1 ≡ Sf;
-
- behavior buch_state_Sf_out:
- assumes 0 ≡ S0 ∨ ¬(x ≥ 4);
- ensures 0 ≡ Sf;
- */
-void f_pre_func(int x)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_f;
- S0_tmp = S0;
- Sf_tmp = Sf;
- if (S0 == 1)
- if (x >= 4) Sf_tmp = 1; else Sf_tmp = 0;
- else Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_not_prm_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires 1 ≡ Sf ∧ 0 ≡ S0;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_f;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_in:
- assumes 1 ≡ Sf;
- ensures 1 ≡ Sf;
-
- behavior buch_state_Sf_out:
- assumes 0 ≡ Sf;
- ensures 0 ≡ Sf;
- */
-void f_post_func(int res)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_f;
- S0_tmp = S0;
- Sf_tmp = Sf;
- if (Sf == 1) Sf_tmp = 1; else Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ S0 ∧ 0 ≡ Sf;
- requires 1 ≡ S0 ⇒ x ≥ 4;
-
- behavior aorai_acceptance:
- ensures 1 ≡ Sf;
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ S0;
- ensures 1 ≡ Sf;
- */
-int f(int x)
-{
- f_pre_func(x);
- f_post_func(x);
- return x;
-}
+[ Valid ] Post-condition (file /tmp/aorai_not_prm_0.i, line 30)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_not_prm_0.i, line 31)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_not_prm_0.i, line 35)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_in' (file /tmp/aorai_not_prm_0.i, line 39)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_not_prm_0.i, line 43)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_not_prm_0.i, line 32)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'f_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_not_prm_0.i, line 64)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_not_prm_0.i, line 65)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_not_prm_0.i, line 69)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_in' (file /tmp/aorai_not_prm_0.i, line 73)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_not_prm_0.i, line 77)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_not_prm_0.i, line 66)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'f'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 21 Completely validated
+ 21 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/other.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/other.res.oracle
index e3f9de9e5215c71c449f41cee15e94154ef80b2f..34218372ad9f6e3dd03a43c3e8c6bf5a15a39785 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/other.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/other.res.oracle
@@ -1,796 +1,251 @@
[kernel] Parsing tests/aorai/other.c (with preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_other0.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_f_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_f_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_f_post_func_post : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_init_in_post : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part17 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_last_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_last_in_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_init_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_step1_out_post : Valid
-[wp] [Alt-Ergo] Goal typed_f_post_func_buch_state_step1_in_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_f_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_f_pre_func_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_init_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_init_in_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_step1_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_last_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_last_in_post : Valid
-[wp] [Alt-Ergo] Goal typed_f_pre_func_buch_state_step1_in_post : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_g_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_g_post_func_post : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_init_in_post : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part17 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_last_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_last_in_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_init_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_step1_out_post : Valid
-[wp] [Alt-Ergo] Goal typed_g_post_func_buch_state_step1_in_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_g_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_g_pre_func_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_init_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_init_in_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_step1_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_last_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_last_in_post : Valid
-[wp] [Alt-Ergo] Goal typed_g_pre_func_buch_state_step1_in_post : Valid
-[wp] Computing [100 goals...]
-[wp] [Qed] Goal typed_main_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_init_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part17 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_last_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_last_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_init_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_step1_out_post : Valid
-[wp] [Alt-Ergo] Goal typed_main_post_func_buch_state_step1_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_init_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_init_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_step1_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_last_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_f = 2,
- op_g = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-int x = 0;
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int init = 1; */
-/*@ ghost int last = 0; */
-/*@ ghost int step1 = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_f;
- assigns aorai_CurOpStatus, aorai_CurOperation, init, last, step1;
-
- behavior buch_state_init_in:
- assumes (1 ≡ last ∧ x ≡ 4) ∨ (1 ≡ init ∧ x ≢ 3);
- ensures 1 ≡ init;
-
- behavior buch_state_init_out:
- assumes (0 ≡ last ∨ ¬(x ≡ 4)) ∧ (0 ≡ init ∨ ¬(x ≢ 3));
- ensures 0 ≡ init;
-
- behavior buch_state_last_in:
- assumes
- (1 ≡ step1 ∧ x ≡ 4) ∨ (1 ≡ last ∧ x ≢ 4 ∧ x ≢ 3);
- ensures 1 ≡ last;
-
- behavior buch_state_last_out:
- assumes
- (0 ≡ step1 ∨ ¬(x ≡ 4)) ∧
- (0 ≡ last ∨ ¬(x ≢ 4 ∧ x ≢ 3));
- ensures 0 ≡ last;
-
- behavior buch_state_step1_in:
- assumes
- (1 ≡ step1 ∧ x ≢ 4) ∨ (1 ≡ last ∧ x ≡ 3) ∨
- (1 ≡ init ∧ x ≡ 3);
- ensures 1 ≡ step1;
-
- behavior buch_state_step1_out:
- assumes
- (0 ≡ step1 ∨ ¬(x ≢ 4)) ∧ (0 ≡ last ∨ ¬(x ≡ 3)) ∧
- (0 ≡ init ∨ ¬(x ≡ 3));
- ensures 0 ≡ step1;
- */
-void f_pre_func(void)
-{
- /*@ ghost int init_tmp; */
- /*@ ghost int last_tmp; */
- /*@ ghost int step1_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_f;
- init_tmp = init;
- last_tmp = last;
- step1_tmp = step1;
- if (init == 1) {
- if (x == 3) step1_tmp = 1; else goto _LAND_0;
- }
- else {
- _LAND_0: ;
- if (last == 1) {
- if (x == 3) step1_tmp = 1; else goto _LAND;
- }
- else {
- _LAND: ;
- if (step1 == 1)
- if (x != 4) step1_tmp = 1; else step1_tmp = 0;
- else step1_tmp = 0;
- }
- }
- if (last == 1) {
- if (x != 4) {
- if (x != 3) last_tmp = 1; else goto _LAND_1;
- }
- else goto _LAND_1;
- }
- else {
- _LAND_1: ;
- if (step1 == 1)
- if (x == 4) last_tmp = 1; else last_tmp = 0;
- else last_tmp = 0;
- }
- if (init == 1) {
- if (x != 3) init_tmp = 1; else goto _LAND_2;
- }
- else {
- _LAND_2: ;
- if (last == 1)
- if (x == 4) init_tmp = 1; else init_tmp = 0;
- else init_tmp = 0;
- }
- init = init_tmp;
- last = last_tmp;
- step1 = step1_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_other_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires 1 ≡ init ∨ 1 ≡ last ∨ 1 ≡ step1;
- requires 1 ≡ last ⇒ x ≡ 4 ∨ (x ≢ 4 ∧ x ≢ 3) ∨ x ≡ 3;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_f;
- assigns aorai_CurOpStatus, aorai_CurOperation, init, last, step1;
-
- behavior buch_state_init_in:
- assumes (1 ≡ last ∧ x ≡ 4) ∨ (1 ≡ init ∧ x ≢ 3);
- ensures 1 ≡ init;
-
- behavior buch_state_init_out:
- assumes (0 ≡ last ∨ ¬(x ≡ 4)) ∧ (0 ≡ init ∨ ¬(x ≢ 3));
- ensures 0 ≡ init;
-
- behavior buch_state_last_in:
- assumes
- (1 ≡ step1 ∧ x ≡ 4) ∨ (1 ≡ last ∧ x ≢ 4 ∧ x ≢ 3);
- ensures 1 ≡ last;
-
- behavior buch_state_last_out:
- assumes
- (0 ≡ step1 ∨ ¬(x ≡ 4)) ∧
- (0 ≡ last ∨ ¬(x ≢ 4 ∧ x ≢ 3));
- ensures 0 ≡ last;
-
- behavior buch_state_step1_in:
- assumes
- (1 ≡ step1 ∧ x ≢ 4) ∨ (1 ≡ last ∧ x ≡ 3) ∨
- (1 ≡ init ∧ x ≡ 3);
- ensures 1 ≡ step1;
-
- behavior buch_state_step1_out:
- assumes
- (0 ≡ step1 ∨ ¬(x ≢ 4)) ∧ (0 ≡ last ∨ ¬(x ≡ 3)) ∧
- (0 ≡ init ∨ ¬(x ≡ 3));
- ensures 0 ≡ step1;
- */
-void f_post_func(void)
-{
- /*@ ghost int init_tmp; */
- /*@ ghost int last_tmp; */
- /*@ ghost int step1_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_f;
- init_tmp = init;
- last_tmp = last;
- step1_tmp = step1;
- if (init == 1) {
- if (x == 3) step1_tmp = 1; else goto _LAND_0;
- }
- else {
- _LAND_0: ;
- if (last == 1) {
- if (x == 3) step1_tmp = 1; else goto _LAND;
- }
- else {
- _LAND: ;
- if (step1 == 1)
- if (x != 4) step1_tmp = 1; else step1_tmp = 0;
- else step1_tmp = 0;
- }
- }
- if (last == 1) {
- if (x != 4) {
- if (x != 3) last_tmp = 1; else goto _LAND_1;
- }
- else goto _LAND_1;
- }
- else {
- _LAND_1: ;
- if (step1 == 1)
- if (x == 4) last_tmp = 1; else last_tmp = 0;
- else last_tmp = 0;
- }
- if (init == 1) {
- if (x != 3) init_tmp = 1; else goto _LAND_2;
- }
- else {
- _LAND_2: ;
- if (last == 1)
- if (x == 4) init_tmp = 1; else init_tmp = 0;
- else init_tmp = 0;
- }
- init = init_tmp;
- last = last_tmp;
- step1 = step1_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ init ∨ 1 ≡ last ∨ 1 ≡ step1;
- requires 1 ≡ last ⇒ x ≡ 4 ∨ (x ≢ 4 ∧ x ≢ 3) ∨ x ≡ 3;
- requires 1 ≡ step1 ∨ 0 ≡ step1;
- requires 1 ≡ last ∨ 0 ≡ last;
- requires 1 ≡ init ∨ 0 ≡ init;
-
- behavior Buchi_behavior_in_0:
- assumes (1 ≡ last ∧ x ≡ 4) ∨ (1 ≡ init ∧ x ≢ 3);
- ensures
- (1 ≡ init ⇒ x ≢ 3 ∨ x ≡ 4) ∧
- (1 ≡ last ⇒ (x ≢ 4 ∧ x ≢ 3) ∨ x ≡ 4) ∧
- (1 ≡ step1 ⇒ x ≡ 3 ∨ x ≢ 4);
- ensures 1 ≡ init ∨ 0 ≡ init;
- ensures 1 ≡ step1 ∨ 0 ≡ step1;
- ensures 1 ≡ init ∨ 1 ≡ step1;
-
- behavior Buchi_behavior_in_1:
- assumes
- (1 ≡ step1 ∧ x ≡ 4) ∨ (1 ≡ last ∧ x ≢ 4 ∧ x ≢ 3);
- ensures
- (1 ≡ init ⇒ x ≢ 3 ∨ x ≡ 4) ∧
- (1 ≡ last ⇒ (x ≢ 4 ∧ x ≢ 3) ∨ x ≡ 4) ∧
- (1 ≡ step1 ⇒ x ≡ 3 ∨ x ≢ 4);
- ensures 1 ≡ init ∨ 0 ≡ init;
- ensures 1 ≡ last ∨ 0 ≡ last;
- ensures 1 ≡ step1 ∨ 0 ≡ step1;
- ensures 1 ≡ init ∨ 1 ≡ last ∨ 1 ≡ step1;
-
- behavior Buchi_behavior_in_2:
- assumes
- (1 ≡ step1 ∧ x ≢ 4) ∨ (1 ≡ last ∧ x ≡ 3) ∨
- (1 ≡ init ∧ x ≡ 3);
- ensures
- (1 ≡ init ⇒ x ≢ 3 ∨ x ≡ 4) ∧
- (1 ≡ last ⇒ (x ≢ 4 ∧ x ≢ 3) ∨ x ≡ 4) ∧
- (1 ≡ step1 ⇒ x ≡ 3 ∨ x ≢ 4);
- ensures 1 ≡ last ∨ 0 ≡ last;
- ensures 1 ≡ step1 ∨ 0 ≡ step1;
- ensures 1 ≡ last ∨ 1 ≡ step1;
-
- behavior Buchi_behavior_out_0:
- assumes
- (0 ≡ last ∨ (x ≡ 3 ∧ x ≢ 4)) ∧
- (0 ≡ step1 ∨ x ≢ 4) ∧ (0 ≡ init ∨ x ≡ 3);
- ensures 0 ≡ init;
-
- behavior Buchi_behavior_out_1:
- assumes
- 0 ≡ step1 ∧ (0 ≡ init ∨ x ≢ 3) ∧
- (0 ≡ last ∨ (x ≢ 3 ∧ x ≡ 4));
- ensures 0 ≡ last;
-
- behavior Buchi_behavior_out_2:
- assumes 0 ≡ last ∧ 0 ≡ init ∧ 0 ≡ step1;
- ensures 0 ≡ step1;
- */
-void f(void)
-{
- f_pre_func();
- x = 3;
- f_post_func();
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_other_0.i, line 34)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_other_0.i, line 35)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_init_in' (file /tmp/aorai_other_0.i, line 40)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_init_out' (file /tmp/aorai_other_0.i, line 44)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_last_in' (file /tmp/aorai_other_0.i, line 49)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_last_out' (file /tmp/aorai_other_0.i, line 55)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_step1_in' (file /tmp/aorai_other_0.i, line 61)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_step1_out' (file /tmp/aorai_other_0.i, line 67)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_other_0.i, line 36)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_init_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_last_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_last_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_step1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_step1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_g;
- assigns aorai_CurOpStatus, aorai_CurOperation, init, last, step1;
-
- behavior buch_state_init_in:
- assumes (1 ≡ last ∧ x ≡ 4) ∨ (1 ≡ init ∧ x ≢ 3);
- ensures 1 ≡ init;
-
- behavior buch_state_init_out:
- assumes (0 ≡ last ∨ ¬(x ≡ 4)) ∧ (0 ≡ init ∨ ¬(x ≢ 3));
- ensures 0 ≡ init;
-
- behavior buch_state_last_in:
- assumes
- (1 ≡ step1 ∧ x ≡ 4) ∨ (1 ≡ last ∧ x ≢ 4 ∧ x ≢ 3);
- ensures 1 ≡ last;
-
- behavior buch_state_last_out:
- assumes
- (0 ≡ step1 ∨ ¬(x ≡ 4)) ∧
- (0 ≡ last ∨ ¬(x ≢ 4 ∧ x ≢ 3));
- ensures 0 ≡ last;
-
- behavior buch_state_step1_in:
- assumes
- (1 ≡ step1 ∧ x ≢ 4) ∨ (1 ≡ last ∧ x ≡ 3) ∨
- (1 ≡ init ∧ x ≡ 3);
- ensures 1 ≡ step1;
-
- behavior buch_state_step1_out:
- assumes
- (0 ≡ step1 ∨ ¬(x ≢ 4)) ∧ (0 ≡ last ∨ ¬(x ≡ 3)) ∧
- (0 ≡ init ∨ ¬(x ≡ 3));
- ensures 0 ≡ step1;
- */
-void g_pre_func(void)
-{
- /*@ ghost int init_tmp; */
- /*@ ghost int last_tmp; */
- /*@ ghost int step1_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_g;
- init_tmp = init;
- last_tmp = last;
- step1_tmp = step1;
- if (init == 1) {
- if (x == 3) step1_tmp = 1; else goto _LAND_0;
- }
- else {
- _LAND_0: ;
- if (last == 1) {
- if (x == 3) step1_tmp = 1; else goto _LAND;
- }
- else {
- _LAND: ;
- if (step1 == 1)
- if (x != 4) step1_tmp = 1; else step1_tmp = 0;
- else step1_tmp = 0;
- }
- }
- if (last == 1) {
- if (x != 4) {
- if (x != 3) last_tmp = 1; else goto _LAND_1;
- }
- else goto _LAND_1;
- }
- else {
- _LAND_1: ;
- if (step1 == 1)
- if (x == 4) last_tmp = 1; else last_tmp = 0;
- else last_tmp = 0;
- }
- if (init == 1) {
- if (x != 3) init_tmp = 1; else goto _LAND_2;
- }
- else {
- _LAND_2: ;
- if (last == 1)
- if (x == 4) init_tmp = 1; else init_tmp = 0;
- else init_tmp = 0;
- }
- init = init_tmp;
- last = last_tmp;
- step1 = step1_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f_post_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ init ∨ 1 ≡ last ∨ 1 ≡ step1;
- requires 1 ≡ last ⇒ x ≡ 4 ∨ (x ≢ 4 ∧ x ≢ 3) ∨ x ≡ 3;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_g;
- assigns aorai_CurOpStatus, aorai_CurOperation, init, last, step1;
-
- behavior buch_state_init_in:
- assumes (1 ≡ last ∧ x ≡ 4) ∨ (1 ≡ init ∧ x ≢ 3);
- ensures 1 ≡ init;
-
- behavior buch_state_init_out:
- assumes (0 ≡ last ∨ ¬(x ≡ 4)) ∧ (0 ≡ init ∨ ¬(x ≢ 3));
- ensures 0 ≡ init;
-
- behavior buch_state_last_in:
- assumes
- (1 ≡ step1 ∧ x ≡ 4) ∨ (1 ≡ last ∧ x ≢ 4 ∧ x ≢ 3);
- ensures 1 ≡ last;
-
- behavior buch_state_last_out:
- assumes
- (0 ≡ step1 ∨ ¬(x ≡ 4)) ∧
- (0 ≡ last ∨ ¬(x ≢ 4 ∧ x ≢ 3));
- ensures 0 ≡ last;
-
- behavior buch_state_step1_in:
- assumes
- (1 ≡ step1 ∧ x ≢ 4) ∨ (1 ≡ last ∧ x ≡ 3) ∨
- (1 ≡ init ∧ x ≡ 3);
- ensures 1 ≡ step1;
-
- behavior buch_state_step1_out:
- assumes
- (0 ≡ step1 ∨ ¬(x ≢ 4)) ∧ (0 ≡ last ∨ ¬(x ≡ 3)) ∧
- (0 ≡ init ∨ ¬(x ≡ 3));
- ensures 0 ≡ step1;
- */
-void g_post_func(void)
-{
- /*@ ghost int init_tmp; */
- /*@ ghost int last_tmp; */
- /*@ ghost int step1_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_g;
- init_tmp = init;
- last_tmp = last;
- step1_tmp = step1;
- if (init == 1) {
- if (x == 3) step1_tmp = 1; else goto _LAND_0;
- }
- else {
- _LAND_0: ;
- if (last == 1) {
- if (x == 3) step1_tmp = 1; else goto _LAND;
- }
- else {
- _LAND: ;
- if (step1 == 1)
- if (x != 4) step1_tmp = 1; else step1_tmp = 0;
- else step1_tmp = 0;
- }
- }
- if (last == 1) {
- if (x != 4) {
- if (x != 3) last_tmp = 1; else goto _LAND_1;
- }
- else goto _LAND_1;
- }
- else {
- _LAND_1: ;
- if (step1 == 1)
- if (x == 4) last_tmp = 1; else last_tmp = 0;
- else last_tmp = 0;
- }
- if (init == 1) {
- if (x != 3) init_tmp = 1; else goto _LAND_2;
- }
- else {
- _LAND_2: ;
- if (last == 1)
- if (x == 4) init_tmp = 1; else init_tmp = 0;
- else init_tmp = 0;
- }
- init = init_tmp;
- last = last_tmp;
- step1 = step1_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_other_0.i, line 97)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_other_0.i, line 98)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_init_in' (file /tmp/aorai_other_0.i, line 103)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_init_out' (file /tmp/aorai_other_0.i, line 107)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_last_in' (file /tmp/aorai_other_0.i, line 112)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_last_out' (file /tmp/aorai_other_0.i, line 118)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_step1_in' (file /tmp/aorai_other_0.i, line 124)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_step1_out' (file /tmp/aorai_other_0.i, line 130)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_other_0.i, line 99)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_init_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_last_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_last_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_step1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_step1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires 1 ≡ init ∨ 1 ≡ last ∨ 1 ≡ step1;
- requires 1 ≡ last ⇒ x ≡ 4 ∨ (x ≢ 4 ∧ x ≢ 3) ∨ x ≡ 3;
- requires 1 ≡ step1 ∨ 0 ≡ step1;
- requires 1 ≡ last ∨ 0 ≡ last;
- requires 1 ≡ init ∨ 0 ≡ init;
-
- behavior Buchi_behavior_in_0:
- assumes (1 ≡ last ∧ x ≡ 4) ∨ (1 ≡ init ∧ x ≢ 3);
- ensures
- (1 ≡ init ⇒ x ≢ 3 ∨ x ≡ 4) ∧
- (1 ≡ last ⇒ (x ≢ 4 ∧ x ≢ 3) ∨ x ≡ 4) ∧
- (1 ≡ step1 ⇒ x ≡ 3 ∨ x ≢ 4);
- ensures 1 ≡ init ∨ 0 ≡ init;
- ensures 1 ≡ step1 ∨ 0 ≡ step1;
- ensures 1 ≡ init ∨ 1 ≡ step1;
-
- behavior Buchi_behavior_in_1:
- assumes
- (1 ≡ step1 ∧ x ≡ 4) ∨ (1 ≡ last ∧ x ≢ 4 ∧ x ≢ 3);
- ensures
- (1 ≡ init ⇒ x ≢ 3 ∨ x ≡ 4) ∧
- (1 ≡ last ⇒ (x ≢ 4 ∧ x ≢ 3) ∨ x ≡ 4) ∧
- (1 ≡ step1 ⇒ x ≡ 3 ∨ x ≢ 4);
- ensures 1 ≡ init ∨ 0 ≡ init;
- ensures 1 ≡ last ∨ 0 ≡ last;
- ensures 1 ≡ step1 ∨ 0 ≡ step1;
- ensures 1 ≡ init ∨ 1 ≡ last ∨ 1 ≡ step1;
-
- behavior Buchi_behavior_in_2:
- assumes
- (1 ≡ step1 ∧ x ≢ 4) ∨ (1 ≡ last ∧ x ≡ 3) ∨
- (1 ≡ init ∧ x ≡ 3);
- ensures
- (1 ≡ init ⇒ x ≢ 3 ∨ x ≡ 4) ∧
- (1 ≡ last ⇒ (x ≢ 4 ∧ x ≢ 3) ∨ x ≡ 4) ∧
- (1 ≡ step1 ⇒ x ≡ 3 ∨ x ≢ 4);
- ensures 1 ≡ last ∨ 0 ≡ last;
- ensures 1 ≡ step1 ∨ 0 ≡ step1;
- ensures 1 ≡ last ∨ 1 ≡ step1;
-
- behavior Buchi_behavior_out_0:
- assumes
- (0 ≡ last ∨ (x ≡ 3 ∧ x ≢ 4)) ∧
- (0 ≡ step1 ∨ x ≢ 4) ∧ (0 ≡ init ∨ x ≡ 3);
- ensures 0 ≡ init;
-
- behavior Buchi_behavior_out_1:
- assumes
- 0 ≡ step1 ∧ (0 ≡ init ∨ x ≢ 3) ∧
- (0 ≡ last ∨ (x ≢ 3 ∧ x ≡ 4));
- ensures 0 ≡ last;
-
- behavior Buchi_behavior_out_2:
- assumes 0 ≡ last ∧ 0 ≡ init ∧ 0 ≡ step1;
- ensures 0 ≡ step1;
- */
-void g(void)
-{
- g_pre_func();
- x = 4;
- g_post_func();
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, init, last, step1;
-
- behavior buch_state_init_in:
- assumes 1 ≡ init ∧ x ≢ 3;
- ensures 1 ≡ init;
-
- behavior buch_state_init_out:
- assumes 0 ≡ init ∨ ¬(x ≢ 3);
- ensures 0 ≡ init;
-
- behavior buch_state_last_out:
- ensures 0 ≡ last;
-
- behavior buch_state_step1_out:
- ensures 0 ≡ step1;
- */
-void main_pre_func(void)
-{
- /*@ ghost int init_tmp; */
- /*@ ghost int last_tmp; */
- /*@ ghost int step1_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- init_tmp = init;
- last_tmp = last;
- step1_tmp = step1;
- step1_tmp = 0;
- last_tmp = 0;
- if (init == 1)
- if (x != 3) init_tmp = 1; else init_tmp = 0;
- else init_tmp = 0;
- init = init_tmp;
- last = last_tmp;
- step1 = step1_tmp;
- return;
-}
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires 1 ≡ init ∨ 1 ≡ last ∨ 1 ≡ step1;
- requires 1 ≡ last ⇒ x ≡ 4 ∨ (x ≢ 4 ∧ x ≢ 3) ∨ x ≡ 3;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, init, last, step1;
-
- behavior buch_state_init_in:
- assumes (1 ≡ last ∧ x ≡ 4) ∨ (1 ≡ init ∧ x ≢ 3);
- ensures 1 ≡ init;
-
- behavior buch_state_init_out:
- assumes (0 ≡ last ∨ ¬(x ≡ 4)) ∧ (0 ≡ init ∨ ¬(x ≢ 3));
- ensures 0 ≡ init;
-
- behavior buch_state_last_in:
- assumes
- (1 ≡ step1 ∧ x ≡ 4) ∨ (1 ≡ last ∧ x ≢ 4 ∧ x ≢ 3);
- ensures 1 ≡ last;
-
- behavior buch_state_last_out:
- assumes
- (0 ≡ step1 ∨ ¬(x ≡ 4)) ∧
- (0 ≡ last ∨ ¬(x ≢ 4 ∧ x ≢ 3));
- ensures 0 ≡ last;
-
- behavior buch_state_step1_in:
- assumes
- (1 ≡ step1 ∧ x ≢ 4) ∨ (1 ≡ last ∧ x ≡ 3) ∨
- (1 ≡ init ∧ x ≡ 3);
- ensures 1 ≡ step1;
-
- behavior buch_state_step1_out:
- assumes
- (0 ≡ step1 ∨ ¬(x ≢ 4)) ∧ (0 ≡ last ∨ ¬(x ≡ 3)) ∧
- (0 ≡ init ∨ ¬(x ≡ 3));
- ensures 0 ≡ step1;
- */
-void main_post_func(int res)
-{
- /*@ ghost int init_tmp; */
- /*@ ghost int last_tmp; */
- /*@ ghost int step1_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- init_tmp = init;
- last_tmp = last;
- step1_tmp = step1;
- if (init == 1) {
- if (x == 3) step1_tmp = 1; else goto _LAND_0;
- }
- else {
- _LAND_0: ;
- if (last == 1) {
- if (x == 3) step1_tmp = 1; else goto _LAND;
- }
- else {
- _LAND: ;
- if (step1 == 1)
- if (x != 4) step1_tmp = 1; else step1_tmp = 0;
- else step1_tmp = 0;
- }
- }
- if (last == 1) {
- if (x != 4) {
- if (x != 3) last_tmp = 1; else goto _LAND_1;
- }
- else goto _LAND_1;
- }
- else {
- _LAND_1: ;
- if (step1 == 1)
- if (x == 4) last_tmp = 1; else last_tmp = 0;
- else last_tmp = 0;
- }
- if (init == 1) {
- if (x != 3) init_tmp = 1; else goto _LAND_2;
- }
- else {
- _LAND_2: ;
- if (last == 1)
- if (x == 4) init_tmp = 1; else init_tmp = 0;
- else init_tmp = 0;
- }
- init = init_tmp;
- last = last_tmp;
- step1 = step1_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'g_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ init ∧ 0 ≡ last ∧ 0 ≡ step1;
- requires 1 ≡ init ⇒ x ≢ 3;
-
- behavior aorai_acceptance:
- ensures 1 ≡ last;
-
- behavior Buchi_property_behavior:
- ensures
- (1 ≡ init ⇒ x ≢ 3 ∨ x ≡ 4) ∧
- (1 ≡ last ⇒ (x ≢ 4 ∧ x ≢ 3) ∨ x ≡ 4) ∧
- (1 ≡ step1 ⇒ x ≡ 3 ∨ x ≢ 4);
- ensures 1 ≡ init ∨ 0 ≡ init;
- ensures 1 ≡ last ∨ 0 ≡ last;
- ensures 1 ≡ step1 ∨ 0 ≡ step1;
- ensures \true;
- ensures 1 ≡ init ∨ 1 ≡ last ∨ 1 ≡ step1;
- */
-int main(void)
-{
- main_pre_func();
- f();
- g();
- f();
- g();
- main_post_func(x);
- return x;
-}
+[ Valid ] Post-condition (file /tmp/aorai_other_0.i, line 222)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_other_0.i, line 223)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_init_in' (file /tmp/aorai_other_0.i, line 228)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_init_out' (file /tmp/aorai_other_0.i, line 232)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_last_in' (file /tmp/aorai_other_0.i, line 237)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_last_out' (file /tmp/aorai_other_0.i, line 243)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_step1_in' (file /tmp/aorai_other_0.i, line 249)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_step1_out' (file /tmp/aorai_other_0.i, line 255)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_other_0.i, line 224)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_init_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_last_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_last_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_step1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_step1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'g_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_other_0.i, line 285)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_other_0.i, line 286)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_init_in' (file /tmp/aorai_other_0.i, line 291)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_init_out' (file /tmp/aorai_other_0.i, line 295)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_last_in' (file /tmp/aorai_other_0.i, line 300)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_last_out' (file /tmp/aorai_other_0.i, line 306)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_step1_in' (file /tmp/aorai_other_0.i, line 312)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_step1_out' (file /tmp/aorai_other_0.i, line 318)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_other_0.i, line 287)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_init_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_last_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_last_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_step1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_step1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'g'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_other_0.i, line 410)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_other_0.i, line 411)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_init_in' (file /tmp/aorai_other_0.i, line 416)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_init_out' (file /tmp/aorai_other_0.i, line 420)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_last_out' (file /tmp/aorai_other_0.i, line 423)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_step1_in' (file /tmp/aorai_other_0.i, line 427)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_step1_out' (file /tmp/aorai_other_0.i, line 431)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_other_0.i, line 412)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_init_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_last_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_step1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_step1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_other_0.i, line 457)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_other_0.i, line 458)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_init_in' (file /tmp/aorai_other_0.i, line 463)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_init_out' (file /tmp/aorai_other_0.i, line 467)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_last_in' (file /tmp/aorai_other_0.i, line 472)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_last_out' (file /tmp/aorai_other_0.i, line 478)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_step1_in' (file /tmp/aorai_other_0.i, line 484)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_step1_out' (file /tmp/aorai_other_0.i, line 490)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_other_0.i, line 459)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_init_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_last_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_last_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_step1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_step1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 97 Completely validated
+ 97 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/seq.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/seq.res.oracle
index c885df01ab6aa381f0739cd8a67c9f6c22b2bd9a..1ae82747bad756b22faeccb03521f4e03cdf1836 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/seq.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/seq.res.oracle
@@ -1,735 +1,320 @@
[kernel] Parsing tests/aorai/seq.i (no preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_seq0.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_f_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_f_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_f_post_func_post : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_1_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_0_in_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_3_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_2_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_f_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_f_pre_func_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_2_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_1_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_1_in_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_3_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_g_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_g_post_func_post : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_aorai_intermediate_state_2_in_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_aorai_intermediate_state_1_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_aorai_intermediate_state_3_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_aorai_intermediate_state_2_out_post : Valid
-[wp] Computing [100 goals...]
-[wp] [Qed] Goal typed_g_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_g_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_g_pre_func_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part18 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part17 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part19 : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_2_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_1_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_3_in_1_post_2 : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_3_in_1_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_3_in_2_post_2 : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_3_in_2_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_3_out_post_2 : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_3_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part17 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_0_out____ : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_Sf_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_3_out____ : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_2_out____ : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_1_out____ : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_1_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_3_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_f = 2,
- op_g = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int S0 = 1; */
-/*@ ghost int Sf = 0; */
-/*@ ghost int aorai_intermediate_state = 0; */
-/*@ ghost int aorai_intermediate_state_0 = 0; */
-/*@ ghost int aorai_intermediate_state_1 = 0; */
-/*@ ghost int aorai_intermediate_state_2 = 0; */
-/*@ ghost int aorai_intermediate_state_3 = 0; */
-/*@ ghost int aorai_counter = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_f;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_intermediate_state_3;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_in:
- assumes 1 ≡ aorai_intermediate_state;
- ensures 1 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- assumes 0 ≡ aorai_intermediate_state;
- ensures 0 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_3_out:
- ensures 0 ≡ aorai_intermediate_state_3;
- */
-void f_pre_func(void)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_intermediate_state_3_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_f;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_intermediate_state_3_tmp = aorai_intermediate_state_3;
- aorai_intermediate_state_3_tmp = 0;
- aorai_intermediate_state_2_tmp = 0;
- if (aorai_intermediate_state == 1) aorai_intermediate_state_1_tmp = 1;
- else aorai_intermediate_state_1_tmp = 0;
- aorai_intermediate_state_0_tmp = 0;
- aorai_intermediate_state_tmp = 0;
- Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_intermediate_state_3 = aorai_intermediate_state_3_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_seq_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires
- 1 ≡ aorai_intermediate_state_1 ∧ 0 ≡ S0 ∧ 0 ≡ Sf ∧
- 0 ≡ aorai_intermediate_state ∧ 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_2 ∧ 0 ≡ aorai_intermediate_state_3;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_f;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_intermediate_state_3;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_in:
- assumes 1 ≡ aorai_intermediate_state_1;
- ensures 1 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- assumes 0 ≡ aorai_intermediate_state_1;
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures 0 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_3_out:
- ensures 0 ≡ aorai_intermediate_state_3;
- */
-void f_post_func(void)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_intermediate_state_3_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_f;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_intermediate_state_3_tmp = aorai_intermediate_state_3;
- aorai_intermediate_state_3_tmp = 0;
- aorai_intermediate_state_2_tmp = 0;
- aorai_intermediate_state_1_tmp = 0;
- if (aorai_intermediate_state_1 == 1) aorai_intermediate_state_0_tmp = 1;
- else aorai_intermediate_state_0_tmp = 0;
- aorai_intermediate_state_tmp = 0;
- Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_intermediate_state_3 = aorai_intermediate_state_3_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ aorai_intermediate_state ∧ 0 ≡ S0 ∧ 0 ≡ Sf ∧
- 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_1 ∧
- 0 ≡ aorai_intermediate_state_2 ∧ 0 ≡ aorai_intermediate_state_3;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ S0 ∧ 0 ≡ Sf ∧ 0 ≡ aorai_intermediate_state ∧
- 0 ≡ aorai_intermediate_state_1 ∧
- 0 ≡ aorai_intermediate_state_2 ∧ 0 ≡ aorai_intermediate_state_3;
- ensures 1 ≡ aorai_intermediate_state_0;
- */
-void f(void)
-{
- f_pre_func();
- f_post_func();
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_seq_0.i, line 38)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_seq_0.i, line 39)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_seq_0.i, line 46)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_seq_0.i, line 49)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_seq_0.i, line 52)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_seq_0.i, line 55)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_in' (file /tmp/aorai_seq_0.i, line 59)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_seq_0.i, line 63)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_seq_0.i, line 66)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_out' (file /tmp/aorai_seq_0.i, line 69)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_seq_0.i, line 40)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_g;
- assigns aorai_counter, aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_intermediate_state_3;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures 0 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_3_in_0:
- assumes 1 ≡ aorai_intermediate_state_2 ∧ aorai_counter < 2;
- ensures 1 ≡ aorai_intermediate_state_3;
- ensures aorai_counter ≡ \old(aorai_counter)+1;
-
- behavior buch_state_aorai_intermediate_state_3_in_1:
- assumes 1 ≡ aorai_intermediate_state_0;
- ensures 1 ≡ aorai_intermediate_state_3;
- ensures aorai_counter ≡ 1;
-
- behavior buch_state_aorai_intermediate_state_3_in_2:
- assumes 1 ≡ aorai_intermediate_state;
- ensures 1 ≡ aorai_intermediate_state_3;
- ensures aorai_counter ≡ 1;
-
- behavior buch_state_aorai_intermediate_state_3_out:
- assumes
- (0 ≡ aorai_intermediate_state_2 ∨ ¬(aorai_counter < 2)) ∧
- 0 ≡ aorai_intermediate_state_0 ∧ 0 ≡ aorai_intermediate_state;
- ensures 0 ≡ aorai_intermediate_state_3;
- ensures aorai_counter ≡ \old(aorai_counter);
- */
-void g_pre_func(void)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_intermediate_state_3_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_g;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_intermediate_state_3_tmp = aorai_intermediate_state_3;
- if (aorai_intermediate_state_2 == 1)
- if (aorai_counter < 2) aorai_counter ++;
- if (aorai_intermediate_state_0 == 1) aorai_counter = 1;
- if (aorai_intermediate_state == 1) aorai_counter = 1;
- if (aorai_intermediate_state == 1) aorai_intermediate_state_3_tmp = 1;
- else
- if (aorai_intermediate_state_0 == 1) aorai_intermediate_state_3_tmp = 1;
- else
- if (aorai_intermediate_state_2 == 1)
- if (aorai_counter < 2) aorai_intermediate_state_3_tmp = 1;
- else aorai_intermediate_state_3_tmp = 0;
- else aorai_intermediate_state_3_tmp = 0;
- aorai_intermediate_state_2_tmp = 0;
- aorai_intermediate_state_1_tmp = 0;
- aorai_intermediate_state_0_tmp = 0;
- aorai_intermediate_state_tmp = 0;
- Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_intermediate_state_3 = aorai_intermediate_state_3_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ aorai_intermediate_state_3 ∧ 0 ≡ S0 ∧ 0 ≡ Sf ∧
- 0 ≡ aorai_intermediate_state ∧ 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_1 ∧ 0 ≡ aorai_intermediate_state_2;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_g;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_intermediate_state_3;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures 0 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_in:
- assumes 1 ≡ aorai_intermediate_state_3;
- ensures 1 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- assumes 0 ≡ aorai_intermediate_state_3;
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_3_out:
- ensures 0 ≡ aorai_intermediate_state_3;
- */
-void g_post_func(void)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_intermediate_state_3_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_g;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_intermediate_state_3_tmp = aorai_intermediate_state_3;
- aorai_intermediate_state_3_tmp = 0;
- if (aorai_intermediate_state_3 == 1) aorai_intermediate_state_2_tmp = 1;
- else aorai_intermediate_state_2_tmp = 0;
- aorai_intermediate_state_1_tmp = 0;
- aorai_intermediate_state_0_tmp = 0;
- aorai_intermediate_state_tmp = 0;
- Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_intermediate_state_3 = aorai_intermediate_state_3_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_seq_0.i, line 115)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_seq_0.i, line 116)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_seq_0.i, line 123)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_seq_0.i, line 126)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_seq_0.i, line 129)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_in' (file /tmp/aorai_seq_0.i, line 133)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_seq_0.i, line 137)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_seq_0.i, line 140)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_seq_0.i, line 143)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_out' (file /tmp/aorai_seq_0.i, line 146)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_seq_0.i, line 117)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- (1 ≡ aorai_intermediate_state ∨ 1 ≡ aorai_intermediate_state_0 ∨
- 1 ≡ aorai_intermediate_state_2) ∧
- 0 ≡ S0 ∧ 0 ≡ Sf ∧ 0 ≡ aorai_intermediate_state_1 ∧
- 0 ≡ aorai_intermediate_state_3;
- requires 1 ≡ aorai_intermediate_state_2 ⇒ aorai_counter < 2;
- requires
- 0 ≡ aorai_intermediate_state ∨ 0 ≡ aorai_intermediate_state_2;
- requires
- 0 ≡ aorai_intermediate_state ∨ 0 ≡ aorai_intermediate_state_0;
- requires
- 0 ≡ aorai_intermediate_state_0 ∨ 0 ≡ aorai_intermediate_state_2;
- requires
- 1 ≡ aorai_intermediate_state_2 ∨ 0 ≡ aorai_intermediate_state_2;
- requires
- 1 ≡ aorai_intermediate_state_0 ∨ 0 ≡ aorai_intermediate_state_0;
- requires
- 1 ≡ aorai_intermediate_state ∨ 0 ≡ aorai_intermediate_state;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ S0 ∧ 0 ≡ Sf ∧ 0 ≡ aorai_intermediate_state ∧
- 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_1 ∧ 0 ≡ aorai_intermediate_state_3;
- ensures 1 ≡ aorai_intermediate_state_2;
- ensures
- \at(1 ≡ aorai_intermediate_state_2,Pre) ∧
- 1 ≡ aorai_intermediate_state_2 ⇒
- aorai_counter ≡ \at(aorai_counter,Pre)+1;
- ensures
- \at(1 ≡ aorai_intermediate_state_0,Pre) ∧
- 1 ≡ aorai_intermediate_state_2 ⇒ aorai_counter ≡ 1;
- ensures
- \at(1 ≡ aorai_intermediate_state,Pre) ∧
- 1 ≡ aorai_intermediate_state_2 ⇒ aorai_counter ≡ 1;
- */
-void g(void)
-{
- g_pre_func();
- g_post_func();
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_intermediate_state_3;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_in:
- assumes 1 ≡ S0;
- ensures 1 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_out:
- assumes 0 ≡ S0;
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures 0 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_3_out:
- ensures 0 ≡ aorai_intermediate_state_3;
- */
-void main_pre_func(int c)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_intermediate_state_3_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_intermediate_state_3_tmp = aorai_intermediate_state_3;
- aorai_intermediate_state_3_tmp = 0;
- aorai_intermediate_state_2_tmp = 0;
- aorai_intermediate_state_1_tmp = 0;
- aorai_intermediate_state_0_tmp = 0;
- if (S0 == 1) aorai_intermediate_state_tmp = 1;
- else aorai_intermediate_state_tmp = 0;
- Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_intermediate_state_3 = aorai_intermediate_state_3_tmp;
- return;
-}
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ aorai_intermediate_state_2 ∧ 0 ≡ S0 ∧ 0 ≡ Sf ∧
- 0 ≡ aorai_intermediate_state ∧ 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_1 ∧ 0 ≡ aorai_intermediate_state_3;
- requires 1 ≡ aorai_intermediate_state_2 ⇒ 1 ≤ aorai_counter;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_intermediate_state_3;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_in:
- assumes 1 ≡ aorai_intermediate_state_2 ∧ 1 ≤ aorai_counter;
- ensures 1 ≡ Sf;
-
- behavior buch_state_Sf_out:
- assumes 0 ≡ aorai_intermediate_state_2 ∨ ¬(1 ≤ aorai_counter);
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures 0 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_3_out:
- ensures 0 ≡ aorai_intermediate_state_3;
- */
-void main_post_func(int res)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_intermediate_state_3_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_intermediate_state_3_tmp = aorai_intermediate_state_3;
- aorai_intermediate_state_3_tmp = 0;
- aorai_intermediate_state_2_tmp = 0;
- aorai_intermediate_state_1_tmp = 0;
- aorai_intermediate_state_0_tmp = 0;
- aorai_intermediate_state_tmp = 0;
- if (aorai_intermediate_state_2 == 1)
- if (1 <= aorai_counter) Sf_tmp = 1; else Sf_tmp = 0;
- else Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_intermediate_state_3 = aorai_intermediate_state_3_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'g_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ S0 ∧ 0 ≡ Sf ∧ 0 ≡ aorai_intermediate_state ∧
- 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_1 ∧
- 0 ≡ aorai_intermediate_state_2 ∧ 0 ≡ aorai_intermediate_state_3;
-
- behavior aorai_acceptance:
- ensures 1 ≡ Sf;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ Sf ⇒ 1 ≤ aorai_counter;
- ensures
- 0 ≡ S0 ∧ 0 ≡ aorai_intermediate_state ∧
- 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_1 ∧
- 0 ≡ aorai_intermediate_state_2 ∧ 0 ≡ aorai_intermediate_state_3;
- ensures 1 ≡ Sf;
- ensures \at(1 ≡ S0,Pre) ∧ 1 ≡ Sf ⇒ 1 ≤ aorai_counter ≤ 2;
- */
-int main(int c)
-{
- int __retres;
- main_pre_func(c);
- if (c) f();
- g();
- if (c) g();
- __retres = 0;
- main_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_seq_0.i, line 207)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_seq_0.i, line 208)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_seq_0.i, line 215)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_seq_0.i, line 218)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_seq_0.i, line 221)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_seq_0.i, line 224)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_seq_0.i, line 227)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_seq_0.i, line 230)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_aorai_intermediate_state_3_in_0' (file /tmp/aorai_seq_0.i, line 234)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_aorai_intermediate_state_3_in_0' (file /tmp/aorai_seq_0.i, line 235)
+ tried with Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_in_1' (file /tmp/aorai_seq_0.i, line 239)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_in_1' (file /tmp/aorai_seq_0.i, line 240)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_in_2' (file /tmp/aorai_seq_0.i, line 244)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_in_2' (file /tmp/aorai_seq_0.i, line 245)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_out' (file /tmp/aorai_seq_0.i, line 251)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_out' (file /tmp/aorai_seq_0.i, line 252)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_seq_0.i, line 209)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ - ] Behavior 'buch_state_aorai_intermediate_state_3_in_0'
+ tried with Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_in_1'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_in_2'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'g_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_seq_0.i, line 303)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_seq_0.i, line 304)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_seq_0.i, line 311)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_seq_0.i, line 314)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_seq_0.i, line 317)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_seq_0.i, line 320)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_seq_0.i, line 323)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_in' (file /tmp/aorai_seq_0.i, line 327)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_seq_0.i, line 331)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_out' (file /tmp/aorai_seq_0.i, line 334)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_seq_0.i, line 305)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'g'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_seq_0.i, line 418)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_seq_0.i, line 419)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_seq_0.i, line 426)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_seq_0.i, line 429)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_in' (file /tmp/aorai_seq_0.i, line 433)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_seq_0.i, line 437)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_seq_0.i, line 440)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_seq_0.i, line 443)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_seq_0.i, line 446)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_out' (file /tmp/aorai_seq_0.i, line 449)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_seq_0.i, line 420)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_seq_0.i, line 496)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_seq_0.i, line 497)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_seq_0.i, line 504)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_in' (file /tmp/aorai_seq_0.i, line 508)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_seq_0.i, line 512)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_seq_0.i, line 515)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_seq_0.i, line 518)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_seq_0.i, line 521)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_seq_0.i, line 524)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_out' (file /tmp/aorai_seq_0.i, line 527)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_seq_0.i, line 498)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 128 Completely validated
+ 3 To be validated
+ 131 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/seq_loop.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/seq_loop.res.oracle
index fa97bb7c5ad0fba69131b3c65fb51f1c2954f41a..3d049e5a8690df99b944fe2c4ad9d87ec452bc1b 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/seq_loop.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/seq_loop.res.oracle
@@ -1,764 +1,307 @@
[kernel] Parsing tests/aorai/seq_loop.i (no preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_seq_loop0.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_f_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_f_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_f_post_func_post : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_f_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_2_in_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_1_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_3_out_post : Valid
-[wp] [Qed] Goal typed_f_post_func_buch_state_aorai_intermediate_state_2_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_f_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_f_pre_func_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part18 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part17 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_f_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_1_in_1_post_2 : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_1_in_1_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_1_out_post_2 : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_1_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_3_out_post : Valid
-[wp] [Qed] Goal typed_f_pre_func_buch_state_aorai_intermediate_state_2_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_g_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_g_post_func_post : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_g_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_aorai_intermediate_state_1_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_aorai_intermediate_state_0_in_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_aorai_intermediate_state_3_out_post : Valid
-[wp] [Qed] Goal typed_g_post_func_buch_state_aorai_intermediate_state_2_out_post : Valid
-[wp] Computing [100 goals...]
-[wp] [Qed] Goal typed_g_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_g_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_g_pre_func_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_3_in_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_2_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_1_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_g_pre_func_buch_state_aorai_intermediate_state_3_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part17 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_0_out____ : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_Sf_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_3_out____ : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_2_out____ : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_1_out____ : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_1_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_0_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_3_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_f = 2,
- op_g = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int S0 = 1; */
-/*@ ghost int Sf = 0; */
-/*@ ghost int aorai_intermediate_state = 0; */
-/*@ ghost int aorai_intermediate_state_0 = 0; */
-/*@ ghost int aorai_intermediate_state_1 = 0; */
-/*@ ghost int aorai_intermediate_state_2 = 0; */
-/*@ ghost int aorai_intermediate_state_3 = 0; */
-/*@ ghost int aorai_counter = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_f;
- assigns aorai_counter, aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_intermediate_state_3;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_in_0:
- assumes 1 ≡ aorai_intermediate_state_0 ∧ aorai_counter < 5;
- ensures 1 ≡ aorai_intermediate_state_1;
- ensures aorai_counter ≡ \old(aorai_counter)+1;
-
- behavior buch_state_aorai_intermediate_state_1_in_1:
- assumes 1 ≡ aorai_intermediate_state;
- ensures 1 ≡ aorai_intermediate_state_1;
- ensures aorai_counter ≡ 1;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- assumes
- (0 ≡ aorai_intermediate_state_0 ∨ ¬(aorai_counter < 5)) ∧
- 0 ≡ aorai_intermediate_state;
- ensures 0 ≡ aorai_intermediate_state_1;
- ensures aorai_counter ≡ \old(aorai_counter);
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_3_out:
- ensures 0 ≡ aorai_intermediate_state_3;
- */
-void f_pre_func(void)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_intermediate_state_3_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_f;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_intermediate_state_3_tmp = aorai_intermediate_state_3;
- aorai_intermediate_state_3_tmp = 0;
- aorai_intermediate_state_2_tmp = 0;
- if (aorai_intermediate_state_0 == 1)
- if (aorai_counter < 5) aorai_counter ++;
- if (aorai_intermediate_state == 1) aorai_counter = 1;
- if (aorai_intermediate_state == 1) aorai_intermediate_state_1_tmp = 1;
- else
- if (aorai_intermediate_state_0 == 1)
- if (aorai_counter < 5) aorai_intermediate_state_1_tmp = 1;
- else aorai_intermediate_state_1_tmp = 0;
- else aorai_intermediate_state_1_tmp = 0;
- aorai_intermediate_state_0_tmp = 0;
- aorai_intermediate_state_tmp = 0;
- Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_intermediate_state_3 = aorai_intermediate_state_3_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_seq_loop_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires
- 1 ≡ aorai_intermediate_state_1 ∧ 0 ≡ S0 ∧ 0 ≡ Sf ∧
- 0 ≡ aorai_intermediate_state ∧ 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_2 ∧ 0 ≡ aorai_intermediate_state_3;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_f;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_intermediate_state_3;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures 0 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_in:
- assumes 1 ≡ aorai_intermediate_state_1;
- ensures 1 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- assumes 0 ≡ aorai_intermediate_state_1;
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_3_out:
- ensures 0 ≡ aorai_intermediate_state_3;
- */
-void f_post_func(void)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_intermediate_state_3_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_f;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_intermediate_state_3_tmp = aorai_intermediate_state_3;
- aorai_intermediate_state_3_tmp = 0;
- if (aorai_intermediate_state_1 == 1) aorai_intermediate_state_2_tmp = 1;
- else aorai_intermediate_state_2_tmp = 0;
- aorai_intermediate_state_1_tmp = 0;
- aorai_intermediate_state_0_tmp = 0;
- aorai_intermediate_state_tmp = 0;
- Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_intermediate_state_3 = aorai_intermediate_state_3_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- (1 ≡ aorai_intermediate_state ∨ 1 ≡ aorai_intermediate_state_0) ∧
- 0 ≡ S0 ∧ 0 ≡ Sf ∧ 0 ≡ aorai_intermediate_state_1 ∧
- 0 ≡ aorai_intermediate_state_2 ∧ 0 ≡ aorai_intermediate_state_3;
- requires 1 ≡ aorai_intermediate_state_0 ⇒ aorai_counter < 5;
- requires
- 0 ≡ aorai_intermediate_state ∨ 0 ≡ aorai_intermediate_state_0;
- requires
- 1 ≡ aorai_intermediate_state_0 ∨ 0 ≡ aorai_intermediate_state_0;
- requires
- 1 ≡ aorai_intermediate_state ∨ 0 ≡ aorai_intermediate_state;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ S0 ∧ 0 ≡ Sf ∧ 0 ≡ aorai_intermediate_state ∧
- 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_1 ∧ 0 ≡ aorai_intermediate_state_3;
- ensures 1 ≡ aorai_intermediate_state_2;
- ensures
- \at(1 ≡ aorai_intermediate_state_0,Pre) ∧
- 1 ≡ aorai_intermediate_state_2 ⇒
- aorai_counter ≡ \at(aorai_counter,Pre)+1;
- ensures
- \at(1 ≡ aorai_intermediate_state,Pre) ∧
- 1 ≡ aorai_intermediate_state_2 ⇒ aorai_counter ≡ 1;
- */
-void f(void)
-{
- f_pre_func();
- f_post_func();
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_seq_loop_0.i, line 38)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_seq_loop_0.i, line 39)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_seq_loop_0.i, line 46)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_seq_loop_0.i, line 49)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_seq_loop_0.i, line 52)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_seq_loop_0.i, line 55)
+ by Wp.typed.
+[ - ] Post-condition for 'buch_state_aorai_intermediate_state_1_in_0' (file /tmp/aorai_seq_loop_0.i, line 59)
+ tried with Wp.typed.
+[ - ] Post-condition for 'buch_state_aorai_intermediate_state_1_in_0' (file /tmp/aorai_seq_loop_0.i, line 60)
+ tried with Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_in_1' (file /tmp/aorai_seq_loop_0.i, line 64)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_in_1' (file /tmp/aorai_seq_loop_0.i, line 65)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_seq_loop_0.i, line 71)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_seq_loop_0.i, line 72)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_seq_loop_0.i, line 75)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_out' (file /tmp/aorai_seq_loop_0.i, line 78)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_seq_loop_0.i, line 40)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ - ] Behavior 'buch_state_aorai_intermediate_state_1_in_0'
+ tried with Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_in_1'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_g;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_intermediate_state_3;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures 0 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_3_in:
- assumes 1 ≡ aorai_intermediate_state_2;
- ensures 1 ≡ aorai_intermediate_state_3;
-
- behavior buch_state_aorai_intermediate_state_3_out:
- assumes 0 ≡ aorai_intermediate_state_2;
- ensures 0 ≡ aorai_intermediate_state_3;
- */
-void g_pre_func(void)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_intermediate_state_3_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_g;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_intermediate_state_3_tmp = aorai_intermediate_state_3;
- if (aorai_intermediate_state_2 == 1) aorai_intermediate_state_3_tmp = 1;
- else aorai_intermediate_state_3_tmp = 0;
- aorai_intermediate_state_2_tmp = 0;
- aorai_intermediate_state_1_tmp = 0;
- aorai_intermediate_state_0_tmp = 0;
- aorai_intermediate_state_tmp = 0;
- Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_intermediate_state_3 = aorai_intermediate_state_3_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ aorai_intermediate_state_3 ∧ 0 ≡ S0 ∧ 0 ≡ Sf ∧
- 0 ≡ aorai_intermediate_state ∧ 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_1 ∧ 0 ≡ aorai_intermediate_state_2;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_g;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_intermediate_state_3;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_in:
- assumes 1 ≡ aorai_intermediate_state_3;
- ensures 1 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- assumes 0 ≡ aorai_intermediate_state_3;
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures 0 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_3_out:
- ensures 0 ≡ aorai_intermediate_state_3;
- */
-void g_post_func(void)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_intermediate_state_3_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_g;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_intermediate_state_3_tmp = aorai_intermediate_state_3;
- aorai_intermediate_state_3_tmp = 0;
- aorai_intermediate_state_2_tmp = 0;
- aorai_intermediate_state_1_tmp = 0;
- if (aorai_intermediate_state_3 == 1) aorai_intermediate_state_0_tmp = 1;
- else aorai_intermediate_state_0_tmp = 0;
- aorai_intermediate_state_tmp = 0;
- Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_intermediate_state_3 = aorai_intermediate_state_3_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_seq_loop_0.i, line 127)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_seq_loop_0.i, line 128)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_seq_loop_0.i, line 135)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_seq_loop_0.i, line 138)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_seq_loop_0.i, line 141)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_seq_loop_0.i, line 144)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_seq_loop_0.i, line 147)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_in' (file /tmp/aorai_seq_loop_0.i, line 151)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_seq_loop_0.i, line 155)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_out' (file /tmp/aorai_seq_loop_0.i, line 158)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_seq_loop_0.i, line 129)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ aorai_intermediate_state_2 ∧ 0 ≡ S0 ∧ 0 ≡ Sf ∧
- 0 ≡ aorai_intermediate_state ∧ 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_1 ∧ 0 ≡ aorai_intermediate_state_3;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ S0 ∧ 0 ≡ Sf ∧ 0 ≡ aorai_intermediate_state ∧
- 0 ≡ aorai_intermediate_state_1 ∧
- 0 ≡ aorai_intermediate_state_2 ∧ 0 ≡ aorai_intermediate_state_3;
- ensures 1 ≡ aorai_intermediate_state_0;
- */
-void g(void)
-{
- g_pre_func();
- g_post_func();
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'f'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_intermediate_state_3;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_in:
- assumes 1 ≡ S0;
- ensures 1 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_out:
- assumes 0 ≡ S0;
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures 0 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_3_out:
- ensures 0 ≡ aorai_intermediate_state_3;
- */
-void main_pre_func(int c)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_intermediate_state_3_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_intermediate_state_3_tmp = aorai_intermediate_state_3;
- aorai_intermediate_state_3_tmp = 0;
- aorai_intermediate_state_2_tmp = 0;
- aorai_intermediate_state_1_tmp = 0;
- aorai_intermediate_state_0_tmp = 0;
- if (S0 == 1) aorai_intermediate_state_tmp = 1;
- else aorai_intermediate_state_tmp = 0;
- Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_intermediate_state_3 = aorai_intermediate_state_3_tmp;
- return;
-}
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- (1 ≡ aorai_intermediate_state ∨ 1 ≡ aorai_intermediate_state_0) ∧
- 0 ≡ S0 ∧ 0 ≡ Sf ∧ 0 ≡ aorai_intermediate_state_1 ∧
- 0 ≡ aorai_intermediate_state_2 ∧ 0 ≡ aorai_intermediate_state_3;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_intermediate_state_3;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_in:
- assumes
- 1 ≡ aorai_intermediate_state_0 ∨ 1 ≡ aorai_intermediate_state;
- ensures 1 ≡ Sf;
-
- behavior buch_state_Sf_out:
- assumes
- 0 ≡ aorai_intermediate_state_0 ∧ 0 ≡ aorai_intermediate_state;
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_0_out:
- ensures 0 ≡ aorai_intermediate_state_0;
-
- behavior buch_state_aorai_intermediate_state_1_out:
- ensures 0 ≡ aorai_intermediate_state_1;
-
- behavior buch_state_aorai_intermediate_state_2_out:
- ensures 0 ≡ aorai_intermediate_state_2;
-
- behavior buch_state_aorai_intermediate_state_3_out:
- ensures 0 ≡ aorai_intermediate_state_3;
- */
-void main_post_func(int res)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- /*@ ghost int aorai_intermediate_state_0_tmp; */
- /*@ ghost int aorai_intermediate_state_1_tmp; */
- /*@ ghost int aorai_intermediate_state_2_tmp; */
- /*@ ghost int aorai_intermediate_state_3_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_0_tmp = aorai_intermediate_state_0;
- aorai_intermediate_state_1_tmp = aorai_intermediate_state_1;
- aorai_intermediate_state_2_tmp = aorai_intermediate_state_2;
- aorai_intermediate_state_3_tmp = aorai_intermediate_state_3;
- aorai_intermediate_state_3_tmp = 0;
- aorai_intermediate_state_2_tmp = 0;
- aorai_intermediate_state_1_tmp = 0;
- aorai_intermediate_state_0_tmp = 0;
- aorai_intermediate_state_tmp = 0;
- if (aorai_intermediate_state == 1) Sf_tmp = 1;
- else
- if (aorai_intermediate_state_0 == 1) Sf_tmp = 1; else Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- aorai_intermediate_state_0 = aorai_intermediate_state_0_tmp;
- aorai_intermediate_state_1 = aorai_intermediate_state_1_tmp;
- aorai_intermediate_state_2 = aorai_intermediate_state_2_tmp;
- aorai_intermediate_state_3 = aorai_intermediate_state_3_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'g_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ S0 ∧ 0 ≡ Sf ∧ 0 ≡ aorai_intermediate_state ∧
- 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_1 ∧
- 0 ≡ aorai_intermediate_state_2 ∧ 0 ≡ aorai_intermediate_state_3;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state, aorai_intermediate_state_0,
- aorai_intermediate_state_1, aorai_intermediate_state_2,
- aorai_intermediate_state_3, aorai_counter;
-
- behavior aorai_acceptance:
- ensures 1 ≡ Sf;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ S0 ∧ 0 ≡ aorai_intermediate_state ∧
- 0 ≡ aorai_intermediate_state_0 ∧
- 0 ≡ aorai_intermediate_state_1 ∧
- 0 ≡ aorai_intermediate_state_2 ∧ 0 ≡ aorai_intermediate_state_3;
- ensures 1 ≡ Sf;
- ensures
- \at(1 ≡ S0,Pre) ∧ 1 ≡ Sf ⇒
- (1 ≤ aorai_counter ≤ 5) ∨
- aorai_counter ≡ \at(aorai_counter,Pre)+0;
- */
-int main(int c)
-{
- int aorai_Loop_Init_39;
- int __retres;
- main_pre_func(c);
- if (c < 0) c = 0;
- if (c > 5) c = 5;
- /*@ assert 0 ≤ c ≤ 5; */ ;
- /*@ ghost aorai_Loop_Init_39 = 1; */
- aorai_loop_39:
- /*@ loop invariant Aorai: 0 ≡ S0;
- loop invariant Aorai: 0 ≡ Sf;
- loop invariant
- Aorai:
- 1 ≡ aorai_intermediate_state ∨ 0 ≡ aorai_intermediate_state;
- loop invariant
- Aorai:
- 1 ≡ aorai_intermediate_state_0 ∨
- 0 ≡ aorai_intermediate_state_0;
- loop invariant Aorai: 0 ≡ aorai_intermediate_state_1;
- loop invariant Aorai: 0 ≡ aorai_intermediate_state_2;
- loop invariant Aorai: 0 ≡ aorai_intermediate_state_3;
- loop invariant
- Aorai:
- 1 ≡ aorai_intermediate_state ∨
- 1 ≡ aorai_intermediate_state_0;
- loop invariant
- Aorai:
- aorai_Loop_Init_39 ≢ 0 ⇒
- \at(1 ≡ S0,Pre) ⇒ 0 ≡ aorai_intermediate_state_0;
- loop invariant
- Aorai: aorai_Loop_Init_39 ≡ 0 ⇒ 0 ≡ aorai_intermediate_state;
- loop invariant
- Aorai:
- \at(1 ≡ aorai_intermediate_state,aorai_loop_39) ∧
- 1 ≡ aorai_intermediate_state_0 ⇒ 1 ≤ aorai_counter ≤ 5;
- loop assigns c, aorai_Loop_Init_39, aorai_CurOpStatus,
- aorai_CurOperation, S0, Sf, aorai_intermediate_state,
- aorai_intermediate_state_0, aorai_intermediate_state_1,
- aorai_intermediate_state_2, aorai_intermediate_state_3,
- aorai_counter;
- loop assigns aorai_Loop_Init_39 \from \nothing;
- */
- while (1) {
- if (! c) goto while_0_break;
- /*@ ghost aorai_Loop_Init_39 = 0; */
- f();
- g();
- c --;
- }
- while_0_break: ;
- __retres = 0;
- main_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_seq_loop_0.i, line 232)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_seq_loop_0.i, line 233)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_seq_loop_0.i, line 240)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_seq_loop_0.i, line 243)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_seq_loop_0.i, line 246)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_seq_loop_0.i, line 249)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_seq_loop_0.i, line 252)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_seq_loop_0.i, line 255)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_in' (file /tmp/aorai_seq_loop_0.i, line 259)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_out' (file /tmp/aorai_seq_loop_0.i, line 263)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_seq_loop_0.i, line 234)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'g_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_seq_loop_0.i, line 309)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_seq_loop_0.i, line 310)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_seq_loop_0.i, line 317)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_seq_loop_0.i, line 320)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_seq_loop_0.i, line 323)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_in' (file /tmp/aorai_seq_loop_0.i, line 327)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_seq_loop_0.i, line 331)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_seq_loop_0.i, line 334)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_seq_loop_0.i, line 337)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_out' (file /tmp/aorai_seq_loop_0.i, line 340)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_seq_loop_0.i, line 311)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'g'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_seq_loop_0.i, line 401)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_seq_loop_0.i, line 402)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_seq_loop_0.i, line 409)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_seq_loop_0.i, line 412)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_in' (file /tmp/aorai_seq_loop_0.i, line 416)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_seq_loop_0.i, line 420)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_seq_loop_0.i, line 423)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_seq_loop_0.i, line 426)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_seq_loop_0.i, line 429)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_out' (file /tmp/aorai_seq_loop_0.i, line 432)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_seq_loop_0.i, line 403)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_seq_loop_0.i, line 477)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_seq_loop_0.i, line 478)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_seq_loop_0.i, line 485)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_in' (file /tmp/aorai_seq_loop_0.i, line 490)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_seq_loop_0.i, line 495)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_seq_loop_0.i, line 498)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_0_out' (file /tmp/aorai_seq_loop_0.i, line 501)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_1_out' (file /tmp/aorai_seq_loop_0.i, line 504)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_2_out' (file /tmp/aorai_seq_loop_0.i, line 507)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_3_out' (file /tmp/aorai_seq_loop_0.i, line 510)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_seq_loop_0.i, line 479)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 124 Completely validated
+ 3 To be validated
+ 127 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/single_call.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/single_call.res.oracle
index 712bfa00cd2c8c656bdce8aad08ab0120956c1f5..8a438103317f7b8c347f2a0a4e3468943778fddf 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/single_call.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/single_call.res.oracle
@@ -1,142 +1,77 @@
[kernel] Parsing tests/aorai/single_call.i (no preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_single_call0.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_main_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_Sf_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_aorai_intermediate_state_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_Sf_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S0_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_aorai_intermediate_state_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int S0 = 1; */
-/*@ ghost int Sf = 0; */
-/*@ ghost int aorai_intermediate_state = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_out:
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_in:
- assumes 1 ≡ S0;
- ensures 1 ≡ aorai_intermediate_state;
-
- behavior buch_state_aorai_intermediate_state_out:
- assumes 0 ≡ S0;
- ensures 0 ≡ aorai_intermediate_state;
- */
-void main_pre_func(void)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- if (S0 == 1) aorai_intermediate_state_tmp = 1;
- else aorai_intermediate_state_tmp = 0;
- Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_single_call_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires 1 ≡ aorai_intermediate_state ∧ 0 ≡ S0 ∧ 0 ≡ Sf;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S0, Sf,
- aorai_intermediate_state;
-
- behavior buch_state_S0_out:
- ensures 0 ≡ S0;
-
- behavior buch_state_Sf_in:
- assumes 1 ≡ aorai_intermediate_state;
- ensures 1 ≡ Sf;
-
- behavior buch_state_Sf_out:
- assumes 0 ≡ aorai_intermediate_state;
- ensures 0 ≡ Sf;
-
- behavior buch_state_aorai_intermediate_state_out:
- ensures 0 ≡ aorai_intermediate_state;
- */
-void main_post_func(int res)
-{
- /*@ ghost int S0_tmp; */
- /*@ ghost int Sf_tmp; */
- /*@ ghost int aorai_intermediate_state_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- S0_tmp = S0;
- Sf_tmp = Sf;
- aorai_intermediate_state_tmp = aorai_intermediate_state;
- aorai_intermediate_state_tmp = 0;
- if (aorai_intermediate_state == 1) Sf_tmp = 1; else Sf_tmp = 0;
- S0_tmp = 0;
- S0 = S0_tmp;
- Sf = Sf_tmp;
- aorai_intermediate_state = aorai_intermediate_state_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ S0 ∧ 0 ≡ Sf ∧ 0 ≡ aorai_intermediate_state;
-
- behavior aorai_acceptance:
- ensures 1 ≡ Sf;
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ S0 ∧ 0 ≡ aorai_intermediate_state;
- ensures 1 ≡ Sf;
- */
-int main(void)
-{
- int __retres;
- main_pre_func();
- __retres = 0;
- main_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_single_call_0.i, line 31)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_single_call_0.i, line 32)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_single_call_0.i, line 37)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_single_call_0.i, line 40)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_in' (file /tmp/aorai_single_call_0.i, line 44)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_single_call_0.i, line 48)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_single_call_0.i, line 33)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_single_call_0.i, line 74)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_single_call_0.i, line 75)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S0_out' (file /tmp/aorai_single_call_0.i, line 80)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_in' (file /tmp/aorai_single_call_0.i, line 84)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Sf_out' (file /tmp/aorai_single_call_0.i, line 88)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_aorai_intermediate_state_out' (file /tmp/aorai_single_call_0.i, line 91)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_single_call_0.i, line 76)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S0_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Sf_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_aorai_intermediate_state_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 25 Completely validated
+ 25 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/test_acces_params.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/test_acces_params.res.oracle
index ff9ed90082ea33e0e744cbf57045d37191f398a8..f109b2eef387c54a854a5c7d968f8f3ff1d9ad4e 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/test_acces_params.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/test_acces_params.res.oracle
@@ -1,597 +1,281 @@
[kernel] Parsing tests/aorai/test_acces_params.c (with preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_test_acces_params0.i (no preprocessing)
-/tmp/aorai_test_acces_params0.i:4:[wp] warning: Global invariant not handled yet ('inv' ignored)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_main_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S4_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S3_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_mainst_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_SF_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_SF_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S1_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S4_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S3_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_mainst_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_SF_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opa_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_opa_post_func_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_S3_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_S3_in_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_mainst_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_SF_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_S4_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_S3_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_S2_in_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_mainst_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_SF_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_S4_out_post : Valid
-[wp] Computing [100 goals...]
-[wp] [Qed] Goal typed_opb_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opb_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_opb_post_func_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_S3_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_mainst_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_SF_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_SF_in_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_S4_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_S4_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_S4_in_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_S3_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_mainst_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_SF_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_main = 2,
- op_opa = 1,
- op_opb = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-int status = 0;
-int rr = 1;
-/*@ global invariant inv: 0 ≤ rr ≤ 5000;
- */
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int S1 = 0; */
-/*@ ghost int S2 = 0; */
-/*@ ghost int S3 = 0; */
-/*@ ghost int S4 = 0; */
-/*@ ghost int SF = 0; */
-/*@ ghost int mainst = 1; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_opa;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, S3, S4, SF,
- mainst;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_in:
- assumes 1 ≡ S1 ∧ i ≥ 0;
- ensures 1 ≡ S2;
-
- behavior buch_state_S2_out:
- assumes 0 ≡ S1 ∨ ¬(i ≥ 0);
- ensures 0 ≡ S2;
-
- behavior buch_state_S3_out:
- ensures 0 ≡ S3;
-
- behavior buch_state_S4_out:
- ensures 0 ≡ S4;
-
- behavior buch_state_SF_out:
- ensures 0 ≡ SF;
-
- behavior buch_state_mainst_out:
- ensures 0 ≡ mainst;
- */
-void opa_pre_func(int i, int j)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int S3_tmp; */
- /*@ ghost int S4_tmp; */
- /*@ ghost int SF_tmp; */
- /*@ ghost int mainst_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_opa;
- S1_tmp = S1;
- S2_tmp = S2;
- S3_tmp = S3;
- S4_tmp = S4;
- SF_tmp = SF;
- mainst_tmp = mainst;
- mainst_tmp = 0;
- SF_tmp = 0;
- S4_tmp = 0;
- S3_tmp = 0;
- if (S1 == 1)
- if (i >= 0) S2_tmp = 1; else S2_tmp = 0;
- else S2_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- S3 = S3_tmp;
- S4 = S4_tmp;
- SF = SF_tmp;
- mainst = mainst_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_test_acces_params_0.i (no preprocessing)
+[wp] /tmp/aorai_test_acces_params_0.i:4: Warning:
+ Global invariant not handled yet ('inv' ignored)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires
- 1 ≡ S2 ∧ 0 ≡ S1 ∧ 0 ≡ S3 ∧ 0 ≡ S4 ∧ 0 ≡ SF ∧
- 0 ≡ mainst;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_opa;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, S3, S4, SF,
- mainst;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_out:
- ensures 0 ≡ S2;
-
- behavior buch_state_S3_in:
- assumes 1 ≡ S2;
- ensures 1 ≡ S3;
-
- behavior buch_state_S3_out:
- assumes 0 ≡ S2;
- ensures 0 ≡ S3;
-
- behavior buch_state_S4_out:
- ensures 0 ≡ S4;
-
- behavior buch_state_SF_out:
- ensures 0 ≡ SF;
-
- behavior buch_state_mainst_out:
- ensures 0 ≡ mainst;
- */
-void opa_post_func(void)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int S3_tmp; */
- /*@ ghost int S4_tmp; */
- /*@ ghost int SF_tmp; */
- /*@ ghost int mainst_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_opa;
- S1_tmp = S1;
- S2_tmp = S2;
- S3_tmp = S3;
- S4_tmp = S4;
- SF_tmp = SF;
- mainst_tmp = mainst;
- mainst_tmp = 0;
- SF_tmp = 0;
- S4_tmp = 0;
- if (S2 == 1) S3_tmp = 1; else S3_tmp = 0;
- S2_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- S3 = S3_tmp;
- S4 = S4_tmp;
- SF = SF_tmp;
- mainst = mainst_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opa_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ S3 ∧ 0 ≡ S4 ∧ 0 ≡ SF ∧
- 0 ≡ mainst;
- requires 1 ≡ S1 ⇒ i ≥ 0;
- requires rr < 5000;
-
- behavior j:
- ensures rr < 5001;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ S4 ∧ 0 ≡ SF ∧ 0 ≡ mainst;
- ensures 1 ≡ S3;
- */
-void opa(int i, int j)
-{
- opa_pre_func(i,j);
- rr = i + j;
- opa_post_func();
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params_0.i, line 40)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params_0.i, line 41)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_acces_params_0.i, line 46)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_in' (file /tmp/aorai_test_acces_params_0.i, line 50)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_test_acces_params_0.i, line 54)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_test_acces_params_0.i, line 57)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_test_acces_params_0.i, line 60)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_SF_out' (file /tmp/aorai_test_acces_params_0.i, line 63)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_mainst_out' (file /tmp/aorai_test_acces_params_0.i, line 66)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_acces_params_0.i, line 42)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_SF_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_mainst_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_opb;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, S3, S4, SF,
- mainst;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_out:
- ensures 0 ≡ S2;
-
- behavior buch_state_S3_out:
- ensures 0 ≡ S3;
-
- behavior buch_state_S4_in:
- assumes 1 ≡ S3;
- ensures 1 ≡ S4;
-
- behavior buch_state_S4_out:
- assumes 0 ≡ S3;
- ensures 0 ≡ S4;
-
- behavior buch_state_SF_out:
- ensures 0 ≡ SF;
-
- behavior buch_state_mainst_out:
- ensures 0 ≡ mainst;
- */
-void opb_pre_func(void)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int S3_tmp; */
- /*@ ghost int S4_tmp; */
- /*@ ghost int SF_tmp; */
- /*@ ghost int mainst_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_opb;
- S1_tmp = S1;
- S2_tmp = S2;
- S3_tmp = S3;
- S4_tmp = S4;
- SF_tmp = SF;
- mainst_tmp = mainst;
- mainst_tmp = 0;
- SF_tmp = 0;
- if (S3 == 1) S4_tmp = 1; else S4_tmp = 0;
- S3_tmp = 0;
- S2_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- S3 = S3_tmp;
- S4 = S4_tmp;
- SF = SF_tmp;
- mainst = mainst_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opa_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ S4 ∧ 0 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ S3 ∧ 0 ≡ SF ∧
- 0 ≡ mainst;
- requires 1 ≡ S4 ⇒ res > 0;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_opb;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, S3, S4, SF,
- mainst;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_out:
- ensures 0 ≡ S2;
-
- behavior buch_state_S3_out:
- ensures 0 ≡ S3;
-
- behavior buch_state_S4_out:
- ensures 0 ≡ S4;
-
- behavior buch_state_SF_in:
- assumes 1 ≡ S4 ∧ res > 0;
- ensures 1 ≡ SF;
-
- behavior buch_state_SF_out:
- assumes 0 ≡ S4 ∨ ¬(res > 0);
- ensures 0 ≡ SF;
-
- behavior buch_state_mainst_out:
- ensures 0 ≡ mainst;
- */
-void opb_post_func(int res)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int S3_tmp; */
- /*@ ghost int S4_tmp; */
- /*@ ghost int SF_tmp; */
- /*@ ghost int mainst_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_opb;
- S1_tmp = S1;
- S2_tmp = S2;
- S3_tmp = S3;
- S4_tmp = S4;
- SF_tmp = SF;
- mainst_tmp = mainst;
- mainst_tmp = 0;
- if (S4 == 1)
- if (res > 0) SF_tmp = 1; else SF_tmp = 0;
- else SF_tmp = 0;
- S4_tmp = 0;
- S3_tmp = 0;
- S2_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- S3 = S3_tmp;
- S4 = S4_tmp;
- SF = SF_tmp;
- mainst = mainst_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params_0.i, line 105)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params_0.i, line 106)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_acces_params_0.i, line 111)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_test_acces_params_0.i, line 114)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_in' (file /tmp/aorai_test_acces_params_0.i, line 118)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_test_acces_params_0.i, line 122)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_test_acces_params_0.i, line 125)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_SF_out' (file /tmp/aorai_test_acces_params_0.i, line 128)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_mainst_out' (file /tmp/aorai_test_acces_params_0.i, line 131)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_acces_params_0.i, line 107)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_SF_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_mainst_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ S3 ∧ 0 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ S4 ∧ 0 ≡ SF ∧
- 0 ≡ mainst;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ SF ⇒ \result > 0;
- ensures
- 0 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ S3 ∧ 0 ≡ S4 ∧ 0 ≡ mainst;
- ensures 1 ≡ SF;
- */
-int opb(void)
-{
- int __retres;
- opb_pre_func();
- status = 1;
- __retres = status * 3;
- opb_post_func(__retres);
- return __retres;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opa'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, S3, S4, SF,
- mainst;
-
- behavior buch_state_S1_in:
- assumes 1 ≡ mainst;
- ensures 1 ≡ S1;
-
- behavior buch_state_S1_out:
- assumes 0 ≡ mainst;
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_out:
- ensures 0 ≡ S2;
-
- behavior buch_state_S3_out:
- ensures 0 ≡ S3;
-
- behavior buch_state_S4_out:
- ensures 0 ≡ S4;
-
- behavior buch_state_SF_out:
- ensures 0 ≡ SF;
-
- behavior buch_state_mainst_out:
- ensures 0 ≡ mainst;
- */
-void main_pre_func(void)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int S3_tmp; */
- /*@ ghost int S4_tmp; */
- /*@ ghost int SF_tmp; */
- /*@ ghost int mainst_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- S1_tmp = S1;
- S2_tmp = S2;
- S3_tmp = S3;
- S4_tmp = S4;
- SF_tmp = SF;
- mainst_tmp = mainst;
- mainst_tmp = 0;
- SF_tmp = 0;
- S4_tmp = 0;
- S3_tmp = 0;
- S2_tmp = 0;
- if (mainst == 1) S1_tmp = 1; else S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- S3 = S3_tmp;
- S4 = S4_tmp;
- SF = SF_tmp;
- mainst = mainst_tmp;
- return;
-}
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ SF ∧ 0 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ S3 ∧ 0 ≡ S4 ∧
- 0 ≡ mainst;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, S3, S4, SF,
- mainst;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_out:
- ensures 0 ≡ S2;
-
- behavior buch_state_S3_out:
- ensures 0 ≡ S3;
-
- behavior buch_state_S4_out:
- ensures 0 ≡ S4;
-
- behavior buch_state_SF_in:
- assumes 1 ≡ SF;
- ensures 1 ≡ SF;
-
- behavior buch_state_SF_out:
- assumes 0 ≡ SF;
- ensures 0 ≡ SF;
-
- behavior buch_state_mainst_out:
- ensures 0 ≡ mainst;
- */
-void main_post_func(int res)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int S3_tmp; */
- /*@ ghost int S4_tmp; */
- /*@ ghost int SF_tmp; */
- /*@ ghost int mainst_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- S1_tmp = S1;
- S2_tmp = S2;
- S3_tmp = S3;
- S4_tmp = S4;
- SF_tmp = SF;
- mainst_tmp = mainst;
- mainst_tmp = 0;
- if (SF == 1) SF_tmp = 1; else SF_tmp = 0;
- S4_tmp = 0;
- S3_tmp = 0;
- S2_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- S3 = S3_tmp;
- S4 = S4_tmp;
- SF = SF_tmp;
- mainst = mainst_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opb_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ mainst ∧ 0 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ S3 ∧ 0 ≡ S4 ∧
- 0 ≡ SF;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ S3 ∧ 0 ≡ S4 ∧ 0 ≡ mainst;
- ensures 1 ≡ SF;
- */
-int main(void)
-{
- int __retres;
- main_pre_func();
- if (rr < 5000) opa(rr,300);
- rr = opb();
- __retres = 1;
- main_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params_0.i, line 189)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params_0.i, line 190)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_acces_params_0.i, line 195)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_test_acces_params_0.i, line 198)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_test_acces_params_0.i, line 201)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S4_in' (file /tmp/aorai_test_acces_params_0.i, line 205)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_test_acces_params_0.i, line 209)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_SF_out' (file /tmp/aorai_test_acces_params_0.i, line 212)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_mainst_out' (file /tmp/aorai_test_acces_params_0.i, line 215)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_acces_params_0.i, line 191)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S4_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_SF_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_mainst_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'opb_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params_0.i, line 255)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params_0.i, line 256)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_acces_params_0.i, line 261)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_test_acces_params_0.i, line 264)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_test_acces_params_0.i, line 267)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_test_acces_params_0.i, line 270)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_SF_in' (file /tmp/aorai_test_acces_params_0.i, line 274)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_SF_out' (file /tmp/aorai_test_acces_params_0.i, line 278)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_mainst_out' (file /tmp/aorai_test_acces_params_0.i, line 281)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_acces_params_0.i, line 257)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_SF_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_SF_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_mainst_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'opb'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params_0.i, line 337)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params_0.i, line 338)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_in' (file /tmp/aorai_test_acces_params_0.i, line 344)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_acces_params_0.i, line 348)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_test_acces_params_0.i, line 351)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_test_acces_params_0.i, line 354)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_test_acces_params_0.i, line 357)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_SF_out' (file /tmp/aorai_test_acces_params_0.i, line 360)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_mainst_out' (file /tmp/aorai_test_acces_params_0.i, line 363)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_acces_params_0.i, line 339)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_SF_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_mainst_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params_0.i, line 402)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params_0.i, line 403)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_acces_params_0.i, line 408)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_test_acces_params_0.i, line 411)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_test_acces_params_0.i, line 414)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_test_acces_params_0.i, line 417)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_SF_in' (file /tmp/aorai_test_acces_params_0.i, line 421)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_SF_out' (file /tmp/aorai_test_acces_params_0.i, line 425)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_mainst_out' (file /tmp/aorai_test_acces_params_0.i, line 428)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_acces_params_0.i, line 404)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_SF_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_SF_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_mainst_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 111 Completely validated
+ 111 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/test_acces_params2.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/test_acces_params2.res.oracle
index 36faad6b3f8756de4bd9e8dc54eab26af41ca28b..606a2a6a590aa8d188b9b59112293f601c812e7a 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/test_acces_params2.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/test_acces_params2.res.oracle
@@ -1,872 +1,394 @@
[kernel] Parsing tests/aorai/test_acces_params2.c (with preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_test_acces_params20.i (no preprocessing)
-/tmp/aorai_test_acces_params20.i:3:[wp] warning: Global invariant not handled yet ('inv' ignored)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_main_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S6_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S5_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S4_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S3_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S7_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S7_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S2_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S6_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S5_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S4_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S3_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S7_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opa_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_opa_post_func_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part17 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_S4_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_S4_in_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_S3_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_S7_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_S6_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_S5_out_post : Valid
-[wp] Computing [100 goals...]
-[wp] [Qed] Goal typed_opa_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_S5_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_S4_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_S3_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_S3_in_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_S7_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_S6_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opb_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_opb_post_func_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_S6_in_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_S5_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_S4_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_S3_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_S7_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_S6_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_S3_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_S6_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_S5_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_S5_in_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_S4_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_S7_out_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opc_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_opc_post_func_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opc_post_func_buch_state_S3_out_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_opc_post_func_buch_state_S7_out_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_buch_state_S6_out_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_buch_state_S5_out_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_buch_state_S4_out_post : Valid
-[wp] Computing [200 goals...]
-[wp] [Qed] Goal typed_opc_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_post : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_buch_state_S4_out_post : Valid
-[wp] [Qed] Goal typed_opc_pre_func_buch_state_S3_out_post : Valid
-[wp] [Qed] Goal typed_opc_pre_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_opc_pre_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_opc_pre_func_buch_state_S7_out_post : Valid
-[wp] [Qed] Goal typed_opc_pre_func_buch_state_S6_out_post : Valid
-[wp] [Qed] Goal typed_opc_pre_func_buch_state_S5_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_main = 3,
- op_opa = 2,
- op_opb = 1,
- op_opc = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-int rr = 1;
-/*@ global invariant inv: 0 ≤ rr ≤ 5000;
- */
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int S1 = 1; */
-/*@ ghost int S2 = 0; */
-/*@ ghost int S3 = 0; */
-/*@ ghost int S4 = 0; */
-/*@ ghost int S5 = 0; */
-/*@ ghost int S6 = 0; */
-/*@ ghost int S7 = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_opa;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, S3, S4, S5, S6,
- S7;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_out:
- ensures 0 ≡ S2;
-
- behavior buch_state_S3_in:
- assumes 1 ≡ S2 ∧ r ≥ 0;
- ensures 1 ≡ S3;
-
- behavior buch_state_S3_out:
- assumes 0 ≡ S2 ∨ ¬(r ≥ 0);
- ensures 0 ≡ S3;
-
- behavior buch_state_S4_out:
- ensures 0 ≡ S4;
-
- behavior buch_state_S5_out:
- ensures 0 ≡ S5;
-
- behavior buch_state_S6_out:
- ensures 0 ≡ S6;
-
- behavior buch_state_S7_out:
- ensures 0 ≡ S7;
- */
-void opa_pre_func(int r)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int S3_tmp; */
- /*@ ghost int S4_tmp; */
- /*@ ghost int S5_tmp; */
- /*@ ghost int S6_tmp; */
- /*@ ghost int S7_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_opa;
- S1_tmp = S1;
- S2_tmp = S2;
- S3_tmp = S3;
- S4_tmp = S4;
- S5_tmp = S5;
- S6_tmp = S6;
- S7_tmp = S7;
- S7_tmp = 0;
- S6_tmp = 0;
- S5_tmp = 0;
- S4_tmp = 0;
- if (S2 == 1)
- if (r >= 0) S3_tmp = 1; else S3_tmp = 0;
- else S3_tmp = 0;
- S2_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- S3 = S3_tmp;
- S4 = S4_tmp;
- S5 = S5_tmp;
- S6 = S6_tmp;
- S7 = S7_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_test_acces_params2_0.i (no preprocessing)
+[wp] /tmp/aorai_test_acces_params2_0.i:3: Warning:
+ Global invariant not handled yet ('inv' ignored)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires
- 1 ≡ S3 ∧ 0 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ S4 ∧ 0 ≡ S5 ∧
- 0 ≡ S6 ∧ 0 ≡ S7;
- requires 1 ≡ S3 ⇒ res ≤ 5000;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_opa;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, S3, S4, S5, S6,
- S7;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_out:
- ensures 0 ≡ S2;
-
- behavior buch_state_S3_out:
- ensures 0 ≡ S3;
-
- behavior buch_state_S4_in:
- assumes 1 ≡ S3 ∧ res ≤ 5000;
- ensures 1 ≡ S4;
-
- behavior buch_state_S4_out:
- assumes 0 ≡ S3 ∨ ¬(res ≤ 5000);
- ensures 0 ≡ S4;
-
- behavior buch_state_S5_out:
- ensures 0 ≡ S5;
-
- behavior buch_state_S6_out:
- ensures 0 ≡ S6;
-
- behavior buch_state_S7_out:
- ensures 0 ≡ S7;
- */
-void opa_post_func(int res)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int S3_tmp; */
- /*@ ghost int S4_tmp; */
- /*@ ghost int S5_tmp; */
- /*@ ghost int S6_tmp; */
- /*@ ghost int S7_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_opa;
- S1_tmp = S1;
- S2_tmp = S2;
- S3_tmp = S3;
- S4_tmp = S4;
- S5_tmp = S5;
- S6_tmp = S6;
- S7_tmp = S7;
- S7_tmp = 0;
- S6_tmp = 0;
- S5_tmp = 0;
- if (S3 == 1)
- if (res <= 5000) S4_tmp = 1; else S4_tmp = 0;
- else S4_tmp = 0;
- S3_tmp = 0;
- S2_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- S3 = S3_tmp;
- S4 = S4_tmp;
- S5 = S5_tmp;
- S6 = S6_tmp;
- S7 = S7_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opa_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ S2 ∧ 0 ≡ S1 ∧ 0 ≡ S3 ∧ 0 ≡ S4 ∧ 0 ≡ S5 ∧
- 0 ≡ S6 ∧ 0 ≡ S7;
- requires 1 ≡ S2 ⇒ r ≥ 0;
- requires r < 5000;
-
- behavior j:
- ensures \result ≡ \old(r)+1;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ S4 ⇒ \result ≤ 5000;
- ensures
- 0 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ S3 ∧ 0 ≡ S5 ∧ 0 ≡ S6 ∧
- 0 ≡ S7;
- ensures 1 ≡ S4;
- */
-int opa(int r)
-{
- int __retres;
- opa_pre_func(r);
- __retres = r + 1;
- opa_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params2_0.i, line 41)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params2_0.i, line 42)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_acces_params2_0.i, line 47)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_test_acces_params2_0.i, line 50)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_in' (file /tmp/aorai_test_acces_params2_0.i, line 54)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_test_acces_params2_0.i, line 58)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_test_acces_params2_0.i, line 61)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S5_out' (file /tmp/aorai_test_acces_params2_0.i, line 64)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S6_out' (file /tmp/aorai_test_acces_params2_0.i, line 67)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S7_out' (file /tmp/aorai_test_acces_params2_0.i, line 70)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_acces_params2_0.i, line 43)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S7_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_opb;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, S3, S4, S5, S6,
- S7;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_out:
- ensures 0 ≡ S2;
-
- behavior buch_state_S3_out:
- ensures 0 ≡ S3;
-
- behavior buch_state_S4_out:
- ensures 0 ≡ S4;
-
- behavior buch_state_S5_in:
- assumes 1 ≡ S4;
- ensures 1 ≡ S5;
-
- behavior buch_state_S5_out:
- assumes 0 ≡ S4;
- ensures 0 ≡ S5;
-
- behavior buch_state_S6_out:
- ensures 0 ≡ S6;
-
- behavior buch_state_S7_out:
- ensures 0 ≡ S7;
- */
-void opb_pre_func(void)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int S3_tmp; */
- /*@ ghost int S4_tmp; */
- /*@ ghost int S5_tmp; */
- /*@ ghost int S6_tmp; */
- /*@ ghost int S7_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_opb;
- S1_tmp = S1;
- S2_tmp = S2;
- S3_tmp = S3;
- S4_tmp = S4;
- S5_tmp = S5;
- S6_tmp = S6;
- S7_tmp = S7;
- S7_tmp = 0;
- S6_tmp = 0;
- if (S4 == 1) S5_tmp = 1; else S5_tmp = 0;
- S4_tmp = 0;
- S3_tmp = 0;
- S2_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- S3 = S3_tmp;
- S4 = S4_tmp;
- S5 = S5_tmp;
- S6 = S6_tmp;
- S7 = S7_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opa_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ S5 ∧ 0 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ S3 ∧ 0 ≡ S4 ∧
- 0 ≡ S6 ∧ 0 ≡ S7;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_opb;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, S3, S4, S5, S6,
- S7;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_out:
- ensures 0 ≡ S2;
-
- behavior buch_state_S3_out:
- ensures 0 ≡ S3;
-
- behavior buch_state_S4_out:
- ensures 0 ≡ S4;
-
- behavior buch_state_S5_out:
- ensures 0 ≡ S5;
-
- behavior buch_state_S6_in:
- assumes 1 ≡ S5;
- ensures 1 ≡ S6;
-
- behavior buch_state_S6_out:
- assumes 0 ≡ S5;
- ensures 0 ≡ S6;
-
- behavior buch_state_S7_out:
- ensures 0 ≡ S7;
- */
-void opb_post_func(void)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int S3_tmp; */
- /*@ ghost int S4_tmp; */
- /*@ ghost int S5_tmp; */
- /*@ ghost int S6_tmp; */
- /*@ ghost int S7_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_opb;
- S1_tmp = S1;
- S2_tmp = S2;
- S3_tmp = S3;
- S4_tmp = S4;
- S5_tmp = S5;
- S6_tmp = S6;
- S7_tmp = S7;
- S7_tmp = 0;
- if (S5 == 1) S6_tmp = 1; else S6_tmp = 0;
- S5_tmp = 0;
- S4_tmp = 0;
- S3_tmp = 0;
- S2_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- S3 = S3_tmp;
- S4 = S4_tmp;
- S5 = S5_tmp;
- S6 = S6_tmp;
- S7 = S7_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params2_0.i, line 115)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params2_0.i, line 116)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_acces_params2_0.i, line 121)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_test_acces_params2_0.i, line 124)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_test_acces_params2_0.i, line 127)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S4_in' (file /tmp/aorai_test_acces_params2_0.i, line 131)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_test_acces_params2_0.i, line 135)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S5_out' (file /tmp/aorai_test_acces_params2_0.i, line 138)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S6_out' (file /tmp/aorai_test_acces_params2_0.i, line 141)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S7_out' (file /tmp/aorai_test_acces_params2_0.i, line 144)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_acces_params2_0.i, line 117)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S4_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S7_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ S4 ∧ 0 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ S3 ∧ 0 ≡ S5 ∧
- 0 ≡ S6 ∧ 0 ≡ S7;
- requires rr ≥ 1 ∧ rr ≤ 5000;
-
- behavior f:
- ensures rr ≥ 3 ∧ rr ≤ 5000;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ S3 ∧ 0 ≡ S4 ∧ 0 ≡ S5 ∧
- 0 ≡ S7;
- ensures 1 ≡ S6;
- */
-void opb(void)
-{
- opb_pre_func();
- if (rr < 4998) rr += 2;
- opb_post_func();
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opa'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_opc;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, S3, S4, S5, S6,
- S7;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_out:
- ensures 0 ≡ S2;
-
- behavior buch_state_S3_out:
- ensures 0 ≡ S3;
-
- behavior buch_state_S4_out:
- ensures 0 ≡ S4;
-
- behavior buch_state_S5_out:
- ensures 0 ≡ S5;
-
- behavior buch_state_S6_out:
- ensures 0 ≡ S6;
-
- behavior buch_state_S7_out:
- ensures 0 ≡ S7;
- */
-void opc_pre_func(void)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int S3_tmp; */
- /*@ ghost int S4_tmp; */
- /*@ ghost int S5_tmp; */
- /*@ ghost int S6_tmp; */
- /*@ ghost int S7_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_opc;
- S1_tmp = S1;
- S2_tmp = S2;
- S3_tmp = S3;
- S4_tmp = S4;
- S5_tmp = S5;
- S6_tmp = S6;
- S7_tmp = S7;
- S7_tmp = 0;
- S6_tmp = 0;
- S5_tmp = 0;
- S4_tmp = 0;
- S3_tmp = 0;
- S2_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- S3 = S3_tmp;
- S4 = S4_tmp;
- S5 = S5_tmp;
- S6 = S6_tmp;
- S7 = S7_tmp;
- return;
-}
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires \false;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_opc;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, S3, S4, S5, S6,
- S7;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_out:
- ensures 0 ≡ S2;
-
- behavior buch_state_S3_out:
- ensures 0 ≡ S3;
-
- behavior buch_state_S4_out:
- ensures 0 ≡ S4;
-
- behavior buch_state_S5_out:
- ensures 0 ≡ S5;
-
- behavior buch_state_S6_out:
- ensures 0 ≡ S6;
-
- behavior buch_state_S7_out:
- ensures 0 ≡ S7;
- */
-void opc_post_func(void)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int S3_tmp; */
- /*@ ghost int S4_tmp; */
- /*@ ghost int S5_tmp; */
- /*@ ghost int S6_tmp; */
- /*@ ghost int S7_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_opc;
- S1_tmp = S1;
- S2_tmp = S2;
- S3_tmp = S3;
- S4_tmp = S4;
- S5_tmp = S5;
- S6_tmp = S6;
- S7_tmp = S7;
- S7_tmp = 0;
- S6_tmp = 0;
- S5_tmp = 0;
- S4_tmp = 0;
- S3_tmp = 0;
- S2_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- S3 = S3_tmp;
- S4 = S4_tmp;
- S5 = S5_tmp;
- S6 = S6_tmp;
- S7 = S7_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opb_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires \false;
-
- behavior d:
- ensures rr ≡ 600;
-
- behavior Buchi_behavior_out_0:
- ensures 0 ≡ S1;
-
- behavior Buchi_behavior_out_1:
- ensures 0 ≡ S2;
-
- behavior Buchi_behavior_out_2:
- ensures 0 ≡ S3;
-
- behavior Buchi_behavior_out_3:
- ensures 0 ≡ S4;
-
- behavior Buchi_behavior_out_4:
- ensures 0 ≡ S5;
-
- behavior Buchi_behavior_out_5:
- ensures 0 ≡ S6;
-
- behavior Buchi_behavior_out_6:
- ensures 0 ≡ S7;
- */
-void opc(void)
-{
- opc_pre_func();
- rr = 600;
- opc_post_func();
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params2_0.i, line 210)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params2_0.i, line 211)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_acces_params2_0.i, line 216)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_test_acces_params2_0.i, line 219)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_test_acces_params2_0.i, line 222)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_test_acces_params2_0.i, line 225)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S5_in' (file /tmp/aorai_test_acces_params2_0.i, line 229)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S5_out' (file /tmp/aorai_test_acces_params2_0.i, line 233)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S6_out' (file /tmp/aorai_test_acces_params2_0.i, line 236)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S7_out' (file /tmp/aorai_test_acces_params2_0.i, line 239)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_acces_params2_0.i, line 212)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S5_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S7_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, S3, S4, S5, S6,
- S7;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_in:
- assumes 1 ≡ S1;
- ensures 1 ≡ S2;
-
- behavior buch_state_S2_out:
- assumes 0 ≡ S1;
- ensures 0 ≡ S2;
-
- behavior buch_state_S3_out:
- ensures 0 ≡ S3;
-
- behavior buch_state_S4_out:
- ensures 0 ≡ S4;
-
- behavior buch_state_S5_out:
- ensures 0 ≡ S5;
-
- behavior buch_state_S6_out:
- ensures 0 ≡ S6;
-
- behavior buch_state_S7_out:
- ensures 0 ≡ S7;
- */
-void main_pre_func(void)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int S3_tmp; */
- /*@ ghost int S4_tmp; */
- /*@ ghost int S5_tmp; */
- /*@ ghost int S6_tmp; */
- /*@ ghost int S7_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- S1_tmp = S1;
- S2_tmp = S2;
- S3_tmp = S3;
- S4_tmp = S4;
- S5_tmp = S5;
- S6_tmp = S6;
- S7_tmp = S7;
- S7_tmp = 0;
- S6_tmp = 0;
- S5_tmp = 0;
- S4_tmp = 0;
- S3_tmp = 0;
- if (S1 == 1) S2_tmp = 1; else S2_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- S3 = S3_tmp;
- S4 = S4_tmp;
- S5 = S5_tmp;
- S6 = S6_tmp;
- S7 = S7_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opb_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ S6 ∧ 0 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ S3 ∧ 0 ≡ S4 ∧
- 0 ≡ S5 ∧ 0 ≡ S7;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, S3, S4, S5, S6,
- S7;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_out:
- ensures 0 ≡ S2;
-
- behavior buch_state_S3_out:
- ensures 0 ≡ S3;
-
- behavior buch_state_S4_out:
- ensures 0 ≡ S4;
-
- behavior buch_state_S5_out:
- ensures 0 ≡ S5;
-
- behavior buch_state_S6_out:
- ensures 0 ≡ S6;
-
- behavior buch_state_S7_in:
- assumes 1 ≡ S6;
- ensures 1 ≡ S7;
-
- behavior buch_state_S7_out:
- assumes 0 ≡ S6;
- ensures 0 ≡ S7;
- */
-void main_post_func(int res)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int S3_tmp; */
- /*@ ghost int S4_tmp; */
- /*@ ghost int S5_tmp; */
- /*@ ghost int S6_tmp; */
- /*@ ghost int S7_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- S1_tmp = S1;
- S2_tmp = S2;
- S3_tmp = S3;
- S4_tmp = S4;
- S5_tmp = S5;
- S6_tmp = S6;
- S7_tmp = S7;
- if (S6 == 1) S7_tmp = 1; else S7_tmp = 0;
- S6_tmp = 0;
- S5_tmp = 0;
- S4_tmp = 0;
- S3_tmp = 0;
- S2_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- S3 = S3_tmp;
- S4 = S4_tmp;
- S5 = S5_tmp;
- S6 = S6_tmp;
- S7 = S7_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params2_0.i, line 283)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params2_0.i, line 284)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_acces_params2_0.i, line 289)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_test_acces_params2_0.i, line 292)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_test_acces_params2_0.i, line 295)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_test_acces_params2_0.i, line 298)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S5_out' (file /tmp/aorai_test_acces_params2_0.i, line 301)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S6_in' (file /tmp/aorai_test_acces_params2_0.i, line 305)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S6_out' (file /tmp/aorai_test_acces_params2_0.i, line 309)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S7_out' (file /tmp/aorai_test_acces_params2_0.i, line 312)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_acces_params2_0.i, line 285)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S6_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S7_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ S3 ∧ 0 ≡ S4 ∧ 0 ≡ S5 ∧
- 0 ≡ S6 ∧ 0 ≡ S7;
- requires rr ≡ 1;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ S3 ∧ 0 ≡ S4 ∧ 0 ≡ S5 ∧
- 0 ≡ S6;
- ensures 1 ≡ S7;
- */
-int main(void)
-{
- int __retres;
- main_pre_func();
- if (rr < 5000) rr = opa(rr);
- opb();
- goto L6;
- opc();
- L6: __retres = 1;
- main_post_func(__retres);
- return __retres;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opb'
+--------------------------------------------------------------------------------
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'opc_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params2_0.i, line 375)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params2_0.i, line 376)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_acces_params2_0.i, line 381)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_test_acces_params2_0.i, line 384)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_test_acces_params2_0.i, line 387)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_test_acces_params2_0.i, line 390)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S5_out' (file /tmp/aorai_test_acces_params2_0.i, line 393)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S6_out' (file /tmp/aorai_test_acces_params2_0.i, line 396)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S7_out' (file /tmp/aorai_test_acces_params2_0.i, line 399)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_acces_params2_0.i, line 377)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S7_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'opc_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params2_0.i, line 440)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params2_0.i, line 441)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_acces_params2_0.i, line 446)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_test_acces_params2_0.i, line 449)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_test_acces_params2_0.i, line 452)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_test_acces_params2_0.i, line 455)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S5_out' (file /tmp/aorai_test_acces_params2_0.i, line 458)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S6_out' (file /tmp/aorai_test_acces_params2_0.i, line 461)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S7_out' (file /tmp/aorai_test_acces_params2_0.i, line 464)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_acces_params2_0.i, line 442)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S7_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'opc'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params2_0.i, line 538)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params2_0.i, line 539)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_acces_params2_0.i, line 544)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_in' (file /tmp/aorai_test_acces_params2_0.i, line 548)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_test_acces_params2_0.i, line 552)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_test_acces_params2_0.i, line 555)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_test_acces_params2_0.i, line 558)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S5_out' (file /tmp/aorai_test_acces_params2_0.i, line 561)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S6_out' (file /tmp/aorai_test_acces_params2_0.i, line 564)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S7_out' (file /tmp/aorai_test_acces_params2_0.i, line 567)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_acces_params2_0.i, line 540)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S7_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params2_0.i, line 611)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_acces_params2_0.i, line 612)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_acces_params2_0.i, line 617)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_test_acces_params2_0.i, line 620)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S3_out' (file /tmp/aorai_test_acces_params2_0.i, line 623)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S4_out' (file /tmp/aorai_test_acces_params2_0.i, line 626)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S5_out' (file /tmp/aorai_test_acces_params2_0.i, line 629)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S6_out' (file /tmp/aorai_test_acces_params2_0.i, line 632)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S7_in' (file /tmp/aorai_test_acces_params2_0.i, line 636)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S7_out' (file /tmp/aorai_test_acces_params2_0.i, line 640)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_acces_params2_0.i, line 613)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S7_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S7_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 160 Completely validated
+ 160 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/test_boucle.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/test_boucle.res.oracle
index da1fcef5be47d91894510004a4838fb0164d6fda..9567a3129718303ffaa6e5377250f7355f8b15fd 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/test_boucle.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/test_boucle.res.oracle
@@ -1,421 +1,202 @@
[kernel] Parsing tests/aorai/test_boucle.c (with preprocessing)
-tests/aorai/test_boucle.c:16:[kernel] warning: Calling undeclared function call_to_an_undefined_function. Old style K&R code?
+[kernel:typing:implicit-function-declaration] tests/aorai/test_boucle.c:16: Warning:
+ Calling undeclared function call_to_an_undefined_function. Old style K&R code?
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_test_boucle0.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_a_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_a_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_a_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_a_post_func_post : Valid
-[wp] [Qed] Goal typed_a_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_a_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_a_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_a_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_a_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_a_post_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_a_post_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_a_post_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_a_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_a_post_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_a_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_a_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_a_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_a_pre_func_post : Valid
-[wp] [Qed] Goal typed_a_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_a_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_a_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_a_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_a_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_a_pre_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_a_pre_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_a_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_a_pre_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_a_pre_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_b_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_b_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_b_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_b_post_func_post : Valid
-[wp] [Qed] Goal typed_b_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_b_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_b_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_b_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_b_post_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_b_post_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_b_post_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_b_post_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_b_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_b_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_b_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_b_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_b_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_b_pre_func_post : Valid
-[wp] [Qed] Goal typed_b_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_b_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_b_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_b_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_b_pre_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_b_pre_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_b_pre_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_b_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_b_pre_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_b_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S1_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_a = 2,
- op_b = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-extern int call_to_an_undefined_function();
+[kernel] Parsing /tmp/aorai_test_boucle_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[kernel:annot:missing-spec] /tmp/aorai_test_boucle_0.i:80: Warning:
+ Neither code nor specification for function call_to_an_undefined_function, generating default assigns from the prototype
+[report] Computing properties status...
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int T0_S2 = 0; */
-/*@ ghost int T0_init = 1; */
-/*@ ghost int accept_S1 = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_a;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1;
-
- behavior buch_state_T0_S2_out:
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ accept_S1 ∨ 1 ≡ T0_S2;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ accept_S1 ∧ 0 ≡ T0_S2;
- ensures 0 ≡ accept_S1;
- */
-void a_pre_func(void)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_a;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- if (T0_S2 == 1) accept_S1_tmp = 1;
- else
- if (accept_S1 == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- T0_init_tmp = 0;
- T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'call_to_an_undefined_function'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ accept_S1 ∧ 0 ≡ T0_S2 ∧ 0 ≡ T0_init;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_a;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1;
-
- behavior buch_state_T0_S2_out:
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ accept_S1;
- */
-void a_post_func(int res)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_a;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- if (accept_S1 == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- T0_init_tmp = 0;
- T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- return;
-}
+[ - ] Assigns nothing
+ tried with Inferred annotations.
+[ - ] Froms (file /tmp/aorai_test_boucle_0.i, line 2)
+ tried with Inferred annotations.
+[ - ] Default behavior
+ tried with Frama-C kernel.
-/*@ requires (1 ≡ T0_S2 ∨ 1 ≡ accept_S1) ∧ 0 ≡ T0_init;
- requires 1 ≡ accept_S1 ∨ 0 ≡ accept_S1;
- requires 1 ≡ T0_S2 ∨ 0 ≡ T0_S2;
- requires \true;
- ensures 0 ≤ \result ≤ 1;
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ T0_S2 ∧ 0 ≡ T0_init;
- ensures 1 ≡ accept_S1;
- */
-int a(void)
-{
- int __retres;
- a_pre_func();
- __retres = 1;
- a_post_func(__retres);
- return __retres;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'a_pre_func'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_b;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ accept_S1 ∨ 1 ≡ T0_S2;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ accept_S1 ∧ 0 ≡ T0_S2;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
- */
-void b_pre_func(void)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_b;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (T0_S2 == 1) T0_S2_tmp = 1;
- else
- if (accept_S1 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_0.i, line 36)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_0.i, line 37)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_boucle_0.i, line 42)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_boucle_0.i, line 45)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_boucle_0.i, line 49)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_boucle_0.i, line 53)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle_0.i, line 38)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires 1 ≡ T0_S2 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S1;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_b;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ T0_S2;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ T0_S2;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
- */
-void b_post_func(int res)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_b;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (T0_S2 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'a_post_func'
+--------------------------------------------------------------------------------
-/*@ requires (1 ≡ T0_S2 ∨ 1 ≡ accept_S1) ∧ 0 ≡ T0_init;
- requires 1 ≡ accept_S1 ∨ 0 ≡ accept_S1;
- requires 1 ≡ T0_S2 ∨ 0 ≡ T0_S2;
- requires \true;
- ensures 1 ≤ \result ≤ 2;
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ T0_init ∧ 0 ≡ accept_S1;
- ensures 1 ≡ T0_S2;
- */
-int b(void)
-{
- int __retres;
- b_pre_func();
- call_to_an_undefined_function();
- __retres = 2;
- b_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_0.i, line 79)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_0.i, line 80)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_boucle_0.i, line 85)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_boucle_0.i, line 88)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_boucle_0.i, line 92)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_boucle_0.i, line 96)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle_0.i, line 81)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1;
-
- behavior buch_state_T0_S2_out:
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ T0_init;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ T0_init;
- ensures 0 ≡ accept_S1;
- */
-void main_pre_func(void)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- if (T0_init == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- T0_init_tmp = 0;
- T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'b_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ accept_S1 ∧ 0 ≡ T0_S2 ∧ 0 ≡ T0_init;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1;
-
- behavior buch_state_T0_S2_out:
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ accept_S1;
- */
-void main_post_func(int res)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- if (accept_S1 == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- T0_init_tmp = 0;
- T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_0.i, line 139)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_0.i, line 140)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_boucle_0.i, line 146)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_boucle_0.i, line 150)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_boucle_0.i, line 153)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_boucle_0.i, line 156)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle_0.i, line 141)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires 1 ≡ T0_init ∧ 0 ≡ T0_S2 ∧ 0 ≡ accept_S1;
- requires \true;
- ensures 0 ≤ \result ≤ 1;
-
- behavior aorai_acceptance:
- ensures 1 ≡ accept_S1;
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ T0_S2 ∧ 0 ≡ T0_init;
- ensures 1 ≡ accept_S1;
- */
-int main(void)
-{
- int aorai_Loop_Init_26;
- int x;
- int tmp_1;
- main_pre_func();
- x = a();
- /*@ ghost aorai_Loop_Init_26 = 1; */
- aorai_loop_26:
- /*@ loop invariant i: 0 ≤ x ≤ 11;
- loop invariant Aorai: 1 ≡ T0_S2 ∨ 0 ≡ T0_S2;
- loop invariant Aorai: 0 ≡ T0_init;
- loop invariant Aorai: 1 ≡ accept_S1 ∨ 0 ≡ accept_S1;
- loop invariant Aorai: 1 ≡ T0_S2 ∨ 1 ≡ accept_S1;
- loop invariant
- Aorai:
- aorai_Loop_Init_26 ≢ 0 ⇒
- \at(1 ≡ T0_init,Pre) ⇒ 0 ≡ T0_S2;
- loop invariant Aorai: aorai_Loop_Init_26 ≡ 0 ⇒ 0 ≡ accept_S1;
- */
- while (1) {
- if (! (x < 10)) goto while_0_break;
- /*@ ghost aorai_Loop_Init_26 = 0; */
- {
- int tmp_0;
- tmp_0 = b();
- x += tmp_0;
- }
- }
- while_0_break: ;
- tmp_1 = a();
- main_post_func(tmp_1);
- return tmp_1;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'b_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_0.i, line 181)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_0.i, line 182)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_boucle_0.i, line 188)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_boucle_0.i, line 192)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_boucle_0.i, line 195)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_boucle_0.i, line 198)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle_0.i, line 183)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_0.i, line 242)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_0.i, line 243)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_boucle_0.i, line 248)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_boucle_0.i, line 251)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_boucle_0.i, line 255)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_boucle_0.i, line 259)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle_0.i, line 244)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_0.i, line 284)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_0.i, line 285)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_boucle_0.i, line 290)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_boucle_0.i, line 293)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_boucle_0.i, line 297)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_boucle_0.i, line 301)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle_0.i, line 286)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 72 Completely validated
+ 3 To be validated
+ 75 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/test_boucle1.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/test_boucle1.res.oracle
index b08aaf3b180a7b6796e6cc1cb244013567aaaba8..be82e861730fc8d8955ea495a0b3b9f493f70d96 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/test_boucle1.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/test_boucle1.res.oracle
@@ -1,604 +1,271 @@
[kernel] Parsing tests/aorai/test_boucle1.c (with preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_test_boucle10.i (no preprocessing)
-/tmp/aorai_test_boucle10.i:3:[wp] warning: Global invariant not handled yet ('inv_cpt' ignored)
-/tmp/aorai_test_boucle10.i:6:[wp] warning: Global invariant not handled yet ('inv_status' ignored)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_commit_trans_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_commit_trans_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_commit_trans_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_commit_trans_post_func_post : Valid
-[wp] [Qed] Goal typed_commit_trans_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_commit_trans_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_commit_trans_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_commit_trans_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_commit_trans_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_commit_trans_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_commit_trans_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_commit_trans_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_commit_trans_post_func_buch_state_accept_S2_in_post : Valid
-[wp] [Qed] Goal typed_commit_trans_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_commit_trans_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_commit_trans_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_commit_trans_post_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_commit_trans_post_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_commit_trans_post_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_commit_trans_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_commit_trans_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_commit_trans_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_commit_trans_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_commit_trans_pre_func_post : Valid
-[wp] [Qed] Goal typed_commit_trans_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_commit_trans_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_commit_trans_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_commit_trans_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_commit_trans_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_commit_trans_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_commit_trans_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_commit_trans_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_commit_trans_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_commit_trans_pre_func_buch_state_accept_S2_in_post : Valid
-[wp] [Qed] Goal typed_commit_trans_pre_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_commit_trans_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_commit_trans_pre_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_commit_trans_pre_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_commit_trans_pre_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_post : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_buch_state_accept_S2_in_post : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_buch_state_accept_S4_in_post : Valid
-[wp] [Qed] Goal typed_init_trans_post_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_init_trans_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_init_trans_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_init_trans_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_init_trans_pre_func_post : Valid
-[wp] [Qed] Goal typed_init_trans_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_init_trans_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_init_trans_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_init_trans_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_init_trans_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_init_trans_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_init_trans_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_init_trans_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_init_trans_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_init_trans_pre_func_buch_state_accept_S2_in_post : Valid
-[wp] [Qed] Goal typed_init_trans_pre_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_init_trans_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_init_trans_pre_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_init_trans_pre_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_init_trans_pre_func_buch_state_accept_S3_out_post : Valid
-[wp] Computing [100 goals...]
-[wp] [Qed] Goal typed_main_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S2_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S3_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S2_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S3_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_commit_trans = 2,
- op_init_trans = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-int cpt = 3;
-/*@ global invariant inv_cpt: 0 ≤ cpt ≤ 3;
- */
-int status = 0;
-/*@ global invariant inv_status: 0 ≤ status ≤ 1;
- */
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int accept_S1 = 0; */
-/*@ ghost int accept_S2 = 0; */
-/*@ ghost int accept_S3 = 0; */
-/*@ ghost int accept_S4 = 0; */
-/*@ ghost int accept_init = 1; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_commit_trans;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S1, accept_S2,
- accept_S3, accept_S4, accept_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_in:
- assumes 1 ≡ accept_S4;
- ensures 1 ≡ accept_S2;
-
- behavior buch_state_accept_S2_out:
- assumes 0 ≡ accept_S4;
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void commit_trans_pre_func(void)
-{
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_commit_trans;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- if (accept_S4 == 1) accept_S2_tmp = 1; else accept_S2_tmp = 0;
- accept_S1_tmp = 0;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_test_boucle1_0.i (no preprocessing)
+[wp] /tmp/aorai_test_boucle1_0.i:3: Warning:
+ Global invariant not handled yet ('inv_cpt' ignored)
+[wp] /tmp/aorai_test_boucle1_0.i:6: Warning:
+ Global invariant not handled yet ('inv_status' ignored)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires
- 1 ≡ accept_S2 ∧ 0 ≡ accept_S1 ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_S4 ∧ 0 ≡ accept_init;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_commit_trans;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S1, accept_S2,
- accept_S3, accept_S4, accept_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_in:
- assumes 1 ≡ accept_S2;
- ensures 1 ≡ accept_S2;
-
- behavior buch_state_accept_S2_out:
- assumes 0 ≡ accept_S2;
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void commit_trans_post_func(int res)
-{
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_commit_trans;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- if (accept_S2 == 1) accept_S2_tmp = 1; else accept_S2_tmp = 0;
- accept_S1_tmp = 0;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'commit_trans_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ accept_S4 ∧ 0 ≡ accept_S1 ∧ 0 ≡ accept_S2 ∧
- 0 ≡ accept_S3 ∧ 0 ≡ accept_init;
- requires \true;
-
- behavior a:
- ensures 0 ≤ \result ≤ 1;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ accept_S1 ∧ 0 ≡ accept_S3 ∧ 0 ≡ accept_S4 ∧
- 0 ≡ accept_init;
- ensures 1 ≡ accept_S2;
- */
-int commit_trans(void)
-{
- int __retres;
- commit_trans_pre_func();
- __retres = 1;
- commit_trans_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle1_0.i, line 41)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle1_0.i, line 42)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_boucle1_0.i, line 47)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_in' (file /tmp/aorai_test_boucle1_0.i, line 51)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_boucle1_0.i, line 55)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_boucle1_0.i, line 58)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_test_boucle1_0.i, line 61)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_test_boucle1_0.i, line 64)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle1_0.i, line 43)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_init_trans;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S1, accept_S2,
- accept_S3, accept_S4, accept_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_in:
- assumes 1 ≡ accept_S2;
- ensures 1 ≡ accept_S2;
-
- behavior buch_state_accept_S2_out:
- assumes 0 ≡ accept_S2;
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void init_trans_pre_func(void)
-{
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_init_trans;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- if (accept_S2 == 1) accept_S2_tmp = 1; else accept_S2_tmp = 0;
- accept_S1_tmp = 0;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'commit_trans_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ accept_S2 ∧ 0 ≡ accept_S1 ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_S4 ∧ 0 ≡ accept_init;
- requires 1 ≡ accept_S2 ⇒ status ≡ 0 ∨ status ≢ 0;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_init_trans;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S1, accept_S2,
- accept_S3, accept_S4, accept_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_in:
- assumes 1 ≡ accept_S2 ∧ status ≡ 0;
- ensures 1 ≡ accept_S2;
-
- behavior buch_state_accept_S2_out:
- assumes 0 ≡ accept_S2 ∨ ¬(status ≡ 0);
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_in:
- assumes 1 ≡ accept_S2 ∧ status ≢ 0;
- ensures 1 ≡ accept_S4;
-
- behavior buch_state_accept_S4_out:
- assumes 0 ≡ accept_S2 ∨ status ≡ 0;
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void init_trans_post_func(int res)
-{
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_init_trans;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- if (accept_S2 == 1)
- if (status != 0) accept_S4_tmp = 1; else accept_S4_tmp = 0;
- else accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- if (accept_S2 == 1)
- if (status == 0) accept_S2_tmp = 1; else accept_S2_tmp = 0;
- else accept_S2_tmp = 0;
- accept_S1_tmp = 0;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle1_0.i, line 100)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle1_0.i, line 101)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_boucle1_0.i, line 106)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_in' (file /tmp/aorai_test_boucle1_0.i, line 110)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_boucle1_0.i, line 114)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_boucle1_0.i, line 117)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_test_boucle1_0.i, line 120)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_test_boucle1_0.i, line 123)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle1_0.i, line 102)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ accept_S2 ∧ 0 ≡ accept_S1 ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_S4 ∧ 0 ≡ accept_init;
- requires \true;
-
- behavior a:
- ensures 0 ≤ \result ≤ 1;
-
- behavior Buchi_property_behavior:
- ensures
- (1 ≡ accept_S2 ⇒ status ≡ 0) ∧
- (1 ≡ accept_S4 ⇒ status ≢ 0);
- ensures 1 ≡ accept_S2 ∨ 0 ≡ accept_S2;
- ensures 1 ≡ accept_S4 ∨ 0 ≡ accept_S4;
- ensures 0 ≡ accept_S1 ∧ 0 ≡ accept_S3 ∧ 0 ≡ accept_init;
- ensures 1 ≡ accept_S2 ∨ 1 ≡ accept_S4;
- */
-int init_trans(void)
-{
- int __retres;
- init_trans_pre_func();
- __retres = 1;
- init_trans_post_func(__retres);
- return __retres;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'commit_trans'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S1, accept_S2,
- accept_S3, accept_S4, accept_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_in:
- assumes 1 ≡ accept_init;
- ensures 1 ≡ accept_S2;
-
- behavior buch_state_accept_S2_out:
- assumes 0 ≡ accept_init;
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void main_pre_func(void)
-{
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- if (accept_init == 1) accept_S2_tmp = 1; else accept_S2_tmp = 0;
- accept_S1_tmp = 0;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ accept_S2 ∧ 0 ≡ accept_S1 ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_S4 ∧ 0 ≡ accept_init;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S1, accept_S2,
- accept_S3, accept_S4, accept_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ accept_S2;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ accept_S2;
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_in:
- assumes 1 ≡ accept_S2;
- ensures 1 ≡ accept_S2;
-
- behavior buch_state_accept_S2_out:
- assumes 0 ≡ accept_S2;
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_in:
- assumes 1 ≡ accept_S2;
- ensures 1 ≡ accept_S3;
-
- behavior buch_state_accept_S3_out:
- assumes 0 ≡ accept_S2;
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void main_post_func(int res)
-{
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- accept_S4_tmp = 0;
- if (accept_S2 == 1) accept_S3_tmp = 1; else accept_S3_tmp = 0;
- if (accept_S2 == 1) accept_S2_tmp = 1; else accept_S2_tmp = 0;
- if (accept_S2 == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'init_trans_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ accept_init ∧ 0 ≡ accept_S1 ∧ 0 ≡ accept_S2 ∧
- 0 ≡ accept_S3 ∧ 0 ≡ accept_S4;
- requires \true;
-
- behavior a:
- ensures 0 ≤ \result ≤ 1;
-
- behavior aorai_acceptance:
- ensures
- 1 ≡ accept_S1 ∨ 1 ≡ accept_S2 ∨ 1 ≡ accept_S3 ∨
- 1 ≡ accept_S4 ∨ 1 ≡ accept_init;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ accept_S1 ∨ 0 ≡ accept_S1;
- ensures 1 ≡ accept_S2 ∨ 0 ≡ accept_S2;
- ensures 1 ≡ accept_S3 ∨ 0 ≡ accept_S3;
- ensures 0 ≡ accept_S4 ∧ 0 ≡ accept_init;
- ensures 1 ≡ accept_S1 ∨ 1 ≡ accept_S2 ∨ 1 ≡ accept_S3;
- */
-int main(void)
-{
- int aorai_Loop_Init_32;
- int __retres;
- main_pre_func();
- cpt = 3;
- status = 0;
- /*@ ghost aorai_Loop_Init_32 = 1; */
- aorai_loop_32:
- /*@ loop invariant
- i:
- 0 ≤ status ≤ 1 ∧ 0 ≤ cpt ≤ 3 ∧
- (cpt ≡ 0 ⇒ status ≡ 0);
- loop invariant Aorai: 0 ≡ accept_S1;
- loop invariant Aorai: 1 ≡ accept_S2;
- loop invariant Aorai: 0 ≡ accept_S3;
- loop invariant Aorai: 0 ≡ accept_S4;
- loop invariant Aorai: 0 ≡ accept_init;
- */
- while (1) {
- if (! (cpt > 0)) goto while_0_break;
- /*@ ghost aorai_Loop_Init_32 = 0; */
- status = init_trans();
- if (status) {
- status = commit_trans();
- if (status) goto label_ok;
- }
- cpt --;
- }
- while_0_break: ;
- __retres = 0;
- goto return_label;
- label_ok: __retres = 1;
- return_label: main_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle1_0.i, line 179)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle1_0.i, line 180)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_boucle1_0.i, line 185)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_in' (file /tmp/aorai_test_boucle1_0.i, line 189)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_boucle1_0.i, line 193)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_boucle1_0.i, line 196)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_test_boucle1_0.i, line 199)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_test_boucle1_0.i, line 202)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle1_0.i, line 181)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'init_trans_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle1_0.i, line 239)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle1_0.i, line 240)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_boucle1_0.i, line 245)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_in' (file /tmp/aorai_test_boucle1_0.i, line 249)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_boucle1_0.i, line 253)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_boucle1_0.i, line 256)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_in' (file /tmp/aorai_test_boucle1_0.i, line 260)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_test_boucle1_0.i, line 264)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_test_boucle1_0.i, line 267)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle1_0.i, line 241)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'init_trans'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle1_0.i, line 328)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle1_0.i, line 329)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_boucle1_0.i, line 334)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_in' (file /tmp/aorai_test_boucle1_0.i, line 338)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_boucle1_0.i, line 342)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_boucle1_0.i, line 345)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_test_boucle1_0.i, line 348)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_test_boucle1_0.i, line 351)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle1_0.i, line 330)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle1_0.i, line 387)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle1_0.i, line 388)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_boucle1_0.i, line 394)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_boucle1_0.i, line 398)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_in' (file /tmp/aorai_test_boucle1_0.i, line 402)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_boucle1_0.i, line 406)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_in' (file /tmp/aorai_test_boucle1_0.i, line 410)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_boucle1_0.i, line 414)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_test_boucle1_0.i, line 417)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_test_boucle1_0.i, line 420)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle1_0.i, line 389)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 105 Completely validated
+ 105 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/test_boucle2.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/test_boucle2.res.oracle
index ed96de3b6af2a9f36f0fc45ba036b3fb2cfe4538..48e6eb0c130b4263741c8bcde3c67edba3fa0daf 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/test_boucle2.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/test_boucle2.res.oracle
@@ -1,631 +1,285 @@
[kernel] Parsing tests/aorai/test_boucle2.c (with preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_test_boucle20.i (no preprocessing)
-/tmp/aorai_test_boucle20.i:4:[wp] warning: Global invariant not handled yet ('inv' ignored)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_main_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_all_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S5_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S5_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opa_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_opa_post_func_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_S3_in_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_S5_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_S5_out_post : Valid
-[wp] Computing [100 goals...]
-[wp] [Qed] Goal typed_opb_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opb_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_opb_post_func_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_S5_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_S5_in_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_S4_in_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_S5_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_main = 2,
- op_opa = 1,
- op_opb = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-int status = 0;
-int rr = 1;
-/*@ global invariant inv: 0 ≤ rr ≤ 50;
- */
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int T0_S2 = 0; */
-/*@ ghost int T0_init = 1; */
-/*@ ghost int accept_S3 = 0; */
-/*@ ghost int accept_S4 = 0; */
-/*@ ghost int accept_S5 = 0; */
-/*@ ghost int accept_all = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_opa;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S3,
- accept_S4, accept_S5, accept_all;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ T0_S2;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ T0_S2;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_out:
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
- */
-void opa_pre_func(void)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_all_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_opa;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_all_tmp = accept_all;
- accept_all_tmp = 0;
- accept_S5_tmp = 0;
- accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- T0_init_tmp = 0;
- if (T0_S2 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_all = accept_all_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_test_boucle2_0.i (no preprocessing)
+[wp] /tmp/aorai_test_boucle2_0.i:4: Warning:
+ Global invariant not handled yet ('inv' ignored)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires
- 1 ≡ T0_S2 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_S4 ∧ 0 ≡ accept_S5 ∧ 0 ≡ accept_all;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_opa;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S3,
- accept_S4, accept_S5, accept_all;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ T0_S2;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ T0_S2;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S3_in:
- assumes 1 ≡ T0_S2 ∧ rr ≡ 51;
- ensures 1 ≡ accept_S3;
-
- behavior buch_state_accept_S3_out:
- assumes 0 ≡ T0_S2 ∨ ¬(rr ≡ 51);
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_out:
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
- */
-void opa_post_func(void)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_all_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_opa;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_all_tmp = accept_all;
- accept_all_tmp = 0;
- accept_S5_tmp = 0;
- accept_S4_tmp = 0;
- if (T0_S2 == 1)
- if (rr == 51) accept_S3_tmp = 1; else accept_S3_tmp = 0;
- else accept_S3_tmp = 0;
- T0_init_tmp = 0;
- if (T0_S2 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_all = accept_all_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opa_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ T0_S2 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_S4 ∧ 0 ≡ accept_S5 ∧ 0 ≡ accept_all;
- requires rr < 50;
-
- behavior j:
- ensures rr < 51;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ accept_S3 ⇒ rr ≡ 51;
- ensures 1 ≡ T0_S2 ∨ 0 ≡ T0_S2;
- ensures 1 ≡ accept_S3 ∨ 0 ≡ accept_S3;
- ensures
- 0 ≡ T0_init ∧ 0 ≡ accept_S4 ∧ 0 ≡ accept_S5 ∧
- 0 ≡ accept_all;
- ensures 1 ≡ T0_S2 ∨ 1 ≡ accept_S3;
- */
-void opa(void)
-{
- opa_pre_func();
- rr ++;
- opa_post_func();
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle2_0.i, line 40)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle2_0.i, line 41)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_boucle2_0.i, line 47)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_boucle2_0.i, line 51)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_boucle2_0.i, line 54)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_boucle2_0.i, line 57)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_test_boucle2_0.i, line 60)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_test_boucle2_0.i, line 63)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_test_boucle2_0.i, line 66)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle2_0.i, line 42)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_opb;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S3,
- accept_S4, accept_S5, accept_all;
-
- behavior buch_state_T0_S2_out:
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_in:
- assumes 1 ≡ accept_S3;
- ensures 1 ≡ accept_S4;
-
- behavior buch_state_accept_S4_out:
- assumes 0 ≡ accept_S3;
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_out:
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
- */
-void opb_pre_func(void)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_all_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_opb;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_all_tmp = accept_all;
- accept_all_tmp = 0;
- accept_S5_tmp = 0;
- if (accept_S3 == 1) accept_S4_tmp = 1; else accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- T0_init_tmp = 0;
- T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_all = accept_all_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opa_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ accept_S4 ∧ 0 ≡ T0_S2 ∧ 0 ≡ T0_init ∧
- 0 ≡ accept_S3 ∧ 0 ≡ accept_S5 ∧ 0 ≡ accept_all;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_opb;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S3,
- accept_S4, accept_S5, accept_all;
-
- behavior buch_state_T0_S2_out:
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_in:
- assumes 1 ≡ accept_S4;
- ensures 1 ≡ accept_S5;
-
- behavior buch_state_accept_S5_out:
- assumes 0 ≡ accept_S4;
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
- */
-void opb_post_func(void)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_all_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_opb;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_all_tmp = accept_all;
- accept_all_tmp = 0;
- if (accept_S4 == 1) accept_S5_tmp = 1; else accept_S5_tmp = 0;
- accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- T0_init_tmp = 0;
- T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_all = accept_all_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle2_0.i, line 106)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle2_0.i, line 107)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_boucle2_0.i, line 113)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_boucle2_0.i, line 117)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_boucle2_0.i, line 120)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_in' (file /tmp/aorai_test_boucle2_0.i, line 124)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_boucle2_0.i, line 128)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_test_boucle2_0.i, line 131)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_test_boucle2_0.i, line 134)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_test_boucle2_0.i, line 137)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle2_0.i, line 108)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ accept_S3 ∧ 0 ≡ T0_S2 ∧ 0 ≡ T0_init ∧
- 0 ≡ accept_S4 ∧ 0 ≡ accept_S5 ∧ 0 ≡ accept_all;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ T0_S2 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_S4 ∧ 0 ≡ accept_all;
- ensures 1 ≡ accept_S5;
- */
-void opb(void)
-{
- opb_pre_func();
- status = 1;
- opb_post_func();
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opa'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S3,
- accept_S4, accept_S5, accept_all;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ T0_init;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ T0_init;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_out:
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
- */
-void main_pre_func(void)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_all_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_all_tmp = accept_all;
- accept_all_tmp = 0;
- accept_S5_tmp = 0;
- accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- T0_init_tmp = 0;
- if (T0_init == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_all = accept_all_tmp;
- return;
-}
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ accept_S5 ∧ 0 ≡ T0_S2 ∧ 0 ≡ T0_init ∧
- 0 ≡ accept_S3 ∧ 0 ≡ accept_S4 ∧ 0 ≡ accept_all;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S3,
- accept_S4, accept_S5, accept_all;
-
- behavior buch_state_T0_S2_out:
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_out:
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_all_in:
- assumes 1 ≡ accept_S5;
- ensures 1 ≡ accept_all;
-
- behavior buch_state_accept_all_out:
- assumes 0 ≡ accept_S5;
- ensures 0 ≡ accept_all;
- */
-void main_post_func(int res)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_all_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_all_tmp = accept_all;
- if (accept_S5 == 1) accept_all_tmp = 1; else accept_all_tmp = 0;
- accept_S5_tmp = 0;
- accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- T0_init_tmp = 0;
- T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_all = accept_all_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opb_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ T0_init ∧ 0 ≡ T0_S2 ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_S4 ∧ 0 ≡ accept_S5 ∧ 0 ≡ accept_all;
-
- behavior aorai_acceptance:
- ensures
- 1 ≡ accept_S3 ∨ 1 ≡ accept_S4 ∨ 1 ≡ accept_S5 ∨
- 1 ≡ accept_all;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ T0_S2 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_S4 ∧ 0 ≡ accept_S5;
- ensures 1 ≡ accept_all;
- */
-int main(void)
-{
- int aorai_Loop_Init_26;
- int __retres;
- /*@ ghost int tmp; */
- main_pre_func();
- /*@ ghost aorai_Loop_Init_26 = 1; */
- aorai_loop_26:
- /*@ loop invariant 0 ≤ rr ≤ 50;
- loop invariant Aorai: 1 ≡ T0_S2 ∨ 0 ≡ T0_S2;
- loop invariant Aorai: 0 ≡ T0_init;
- loop invariant Aorai: 1 ≡ accept_S3 ∨ 0 ≡ accept_S3;
- loop invariant Aorai: 0 ≡ accept_S4;
- loop invariant Aorai: 0 ≡ accept_S5;
- loop invariant Aorai: 0 ≡ accept_all;
- loop invariant Aorai: 1 ≡ T0_S2 ∨ 1 ≡ accept_S3;
- loop invariant
- Aorai:
- aorai_Loop_Init_26 ≢ 0 ⇒
- \at(1 ≡ T0_init,Pre) ⇒ 0 ≡ accept_S3;
- */
- while (1) {
- if (! (rr < 50)) goto while_0_break;
- /*@ ghost aorai_Loop_Init_26 = 0; */
- opa();
- }
- while_0_break: ;
- opb();
- /*@ ghost tmp = 1; */
- /*@ ghost tmp = 0; */
- __retres = 1;
- main_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle2_0.i, line 199)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle2_0.i, line 200)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_boucle2_0.i, line 205)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_boucle2_0.i, line 208)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_boucle2_0.i, line 211)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_in' (file /tmp/aorai_test_boucle2_0.i, line 215)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_test_boucle2_0.i, line 219)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_test_boucle2_0.i, line 222)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_test_boucle2_0.i, line 225)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle2_0.i, line 201)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'opb_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle2_0.i, line 265)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle2_0.i, line 266)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_boucle2_0.i, line 271)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_boucle2_0.i, line 274)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_boucle2_0.i, line 277)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_test_boucle2_0.i, line 280)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_in' (file /tmp/aorai_test_boucle2_0.i, line 284)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_test_boucle2_0.i, line 288)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_test_boucle2_0.i, line 291)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle2_0.i, line 267)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'opb'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle2_0.i, line 346)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle2_0.i, line 347)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_boucle2_0.i, line 353)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_boucle2_0.i, line 357)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_boucle2_0.i, line 360)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_boucle2_0.i, line 363)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_test_boucle2_0.i, line 366)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_test_boucle2_0.i, line 369)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_test_boucle2_0.i, line 372)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle2_0.i, line 348)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle2_0.i, line 412)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle2_0.i, line 413)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_boucle2_0.i, line 418)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_boucle2_0.i, line 421)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_boucle2_0.i, line 424)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_test_boucle2_0.i, line 427)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_test_boucle2_0.i, line 430)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_in' (file /tmp/aorai_test_boucle2_0.i, line 434)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_test_boucle2_0.i, line 438)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle2_0.i, line 414)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 113 Completely validated
+ 113 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/test_boucle3.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/test_boucle3.res.oracle
index f5fe45a55d0956768eb9685301ad887c4fbd7773..f1db04a551b9397c7add257cd7922c10badc7f6a 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/test_boucle3.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/test_boucle3.res.oracle
@@ -1,608 +1,269 @@
[kernel] Parsing tests/aorai/test_boucle3.c (with preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_test_boucle30.i (no preprocessing)
-/tmp/aorai_test_boucle30.i:4:[wp] warning: Global invariant not handled yet ('inv' ignored)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_main_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_S4_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T1_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_S4_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_all_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T1_S2_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_S4_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T1_S2_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opa_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_opa_post_func_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_T0_S4_in_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_T1_S2_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_T1_S2_in_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_T0_S4_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_T0_S4_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_T0_S4_in_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_T1_S2_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_T1_S2_in_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_all_out_post : Valid
-[wp] Computing [100 goals...]
-[wp] [Qed] Goal typed_opb_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opb_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_opb_post_func_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_T0_S4_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_T0_S4_in_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_T1_S2_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_T0_S4_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_S3_in_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_T1_S2_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_main = 2,
- op_opa = 1,
- op_opb = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-int status = 0;
-int rr = 1;
-/*@ global invariant inv: 0 ≤ rr ≤ 50;
- */
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int T0_S4 = 0; */
-/*@ ghost int T0_init = 1; */
-/*@ ghost int T1_S2 = 0; */
-/*@ ghost int accept_S3 = 0; */
-/*@ ghost int accept_all = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_opa;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S4, T0_init, T1_S2,
- accept_S3, accept_all;
-
- behavior buch_state_T0_S4_in:
- assumes 1 ≡ T0_S4;
- ensures 1 ≡ T0_S4;
-
- behavior buch_state_T0_S4_out:
- assumes 0 ≡ T0_S4;
- ensures 0 ≡ T0_S4;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_T1_S2_in:
- assumes 1 ≡ T1_S2;
- ensures 1 ≡ T1_S2;
-
- behavior buch_state_T1_S2_out:
- assumes 0 ≡ T1_S2;
- ensures 0 ≡ T1_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
- */
-void opa_pre_func(void)
-{
- /*@ ghost int T0_S4_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int T1_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_all_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_opa;
- T0_S4_tmp = T0_S4;
- T0_init_tmp = T0_init;
- T1_S2_tmp = T1_S2;
- accept_S3_tmp = accept_S3;
- accept_all_tmp = accept_all;
- accept_all_tmp = 0;
- accept_S3_tmp = 0;
- if (T1_S2 == 1) T1_S2_tmp = 1; else T1_S2_tmp = 0;
- T0_init_tmp = 0;
- if (T0_S4 == 1) T0_S4_tmp = 1; else T0_S4_tmp = 0;
- T0_S4 = T0_S4_tmp;
- T0_init = T0_init_tmp;
- T1_S2 = T1_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_all = accept_all_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_test_boucle3_0.i (no preprocessing)
+[wp] /tmp/aorai_test_boucle3_0.i:4: Warning:
+ Global invariant not handled yet ('inv' ignored)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires
- (1 ≡ T0_S4 ∨ 1 ≡ T1_S2) ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_all;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_opa;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S4, T0_init, T1_S2,
- accept_S3, accept_all;
-
- behavior buch_state_T0_S4_in:
- assumes 1 ≡ T0_S4;
- ensures 1 ≡ T0_S4;
-
- behavior buch_state_T0_S4_out:
- assumes 0 ≡ T0_S4;
- ensures 0 ≡ T0_S4;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_T1_S2_in:
- assumes 1 ≡ T1_S2;
- ensures 1 ≡ T1_S2;
-
- behavior buch_state_T1_S2_out:
- assumes 0 ≡ T1_S2;
- ensures 0 ≡ T1_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
- */
-void opa_post_func(void)
-{
- /*@ ghost int T0_S4_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int T1_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_all_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_opa;
- T0_S4_tmp = T0_S4;
- T0_init_tmp = T0_init;
- T1_S2_tmp = T1_S2;
- accept_S3_tmp = accept_S3;
- accept_all_tmp = accept_all;
- accept_all_tmp = 0;
- accept_S3_tmp = 0;
- if (T1_S2 == 1) T1_S2_tmp = 1; else T1_S2_tmp = 0;
- T0_init_tmp = 0;
- if (T0_S4 == 1) T0_S4_tmp = 1; else T0_S4_tmp = 0;
- T0_S4 = T0_S4_tmp;
- T0_init = T0_init_tmp;
- T1_S2 = T1_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_all = accept_all_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opa_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- (1 ≡ T0_S4 ∨ 1 ≡ T1_S2) ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_all;
- requires 1 ≡ T1_S2 ∨ 0 ≡ T1_S2;
- requires 1 ≡ T0_S4 ∨ 0 ≡ T0_S4;
- requires rr < 50;
-
- behavior j:
- ensures rr < 51;
-
- behavior Buchi_behavior_in_0:
- assumes 1 ≡ T0_S4;
- ensures 1 ≡ T0_S4;
-
- behavior Buchi_behavior_in_1:
- assumes 1 ≡ T1_S2;
- ensures 1 ≡ T1_S2;
-
- behavior Buchi_behavior_out_0:
- assumes 0 ≡ T0_S4;
- ensures 0 ≡ T0_S4;
-
- behavior Buchi_behavior_out_1:
- ensures 0 ≡ T0_init;
-
- behavior Buchi_behavior_out_2:
- assumes 0 ≡ T1_S2;
- ensures 0 ≡ T1_S2;
-
- behavior Buchi_behavior_out_3:
- ensures 0 ≡ accept_S3;
-
- behavior Buchi_behavior_out_4:
- ensures 0 ≡ accept_all;
- */
-void opa(void)
-{
- opa_pre_func();
- rr ++;
- opa_post_func();
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle3_0.i, line 39)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle3_0.i, line 40)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S4_in' (file /tmp/aorai_test_boucle3_0.i, line 46)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S4_out' (file /tmp/aorai_test_boucle3_0.i, line 50)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_boucle3_0.i, line 53)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_S2_in' (file /tmp/aorai_test_boucle3_0.i, line 57)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_S2_out' (file /tmp/aorai_test_boucle3_0.i, line 61)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_boucle3_0.i, line 64)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_test_boucle3_0.i, line 67)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle3_0.i, line 41)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S4_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_opb;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S4, T0_init, T1_S2,
- accept_S3, accept_all;
-
- behavior buch_state_T0_S4_out:
- ensures 0 ≡ T0_S4;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_T1_S2_out:
- ensures 0 ≡ T1_S2;
-
- behavior buch_state_accept_S3_in:
- assumes 1 ≡ T1_S2 ∧ rr ≡ 51;
- ensures 1 ≡ accept_S3;
-
- behavior buch_state_accept_S3_out:
- assumes 0 ≡ T1_S2 ∨ ¬(rr ≡ 51);
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
- */
-void opb_pre_func(void)
-{
- /*@ ghost int T0_S4_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int T1_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_all_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_opb;
- T0_S4_tmp = T0_S4;
- T0_init_tmp = T0_init;
- T1_S2_tmp = T1_S2;
- accept_S3_tmp = accept_S3;
- accept_all_tmp = accept_all;
- accept_all_tmp = 0;
- if (T1_S2 == 1)
- if (rr == 51) accept_S3_tmp = 1; else accept_S3_tmp = 0;
- else accept_S3_tmp = 0;
- T1_S2_tmp = 0;
- T0_init_tmp = 0;
- T0_S4_tmp = 0;
- T0_S4 = T0_S4_tmp;
- T0_init = T0_init_tmp;
- T1_S2 = T1_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_all = accept_all_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opa_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ accept_S3 ∧ 0 ≡ T0_S4 ∧ 0 ≡ T0_init ∧ 0 ≡ T1_S2 ∧
- 0 ≡ accept_all;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_opb;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S4, T0_init, T1_S2,
- accept_S3, accept_all;
-
- behavior buch_state_T0_S4_in:
- assumes 1 ≡ accept_S3;
- ensures 1 ≡ T0_S4;
-
- behavior buch_state_T0_S4_out:
- assumes 0 ≡ accept_S3;
- ensures 0 ≡ T0_S4;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_T1_S2_out:
- ensures 0 ≡ T1_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
- */
-void opb_post_func(void)
-{
- /*@ ghost int T0_S4_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int T1_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_all_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_opb;
- T0_S4_tmp = T0_S4;
- T0_init_tmp = T0_init;
- T1_S2_tmp = T1_S2;
- accept_S3_tmp = accept_S3;
- accept_all_tmp = accept_all;
- accept_all_tmp = 0;
- accept_S3_tmp = 0;
- T1_S2_tmp = 0;
- T0_init_tmp = 0;
- if (accept_S3 == 1) T0_S4_tmp = 1; else T0_S4_tmp = 0;
- T0_S4 = T0_S4_tmp;
- T0_init = T0_init_tmp;
- T1_S2 = T1_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_all = accept_all_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle3_0.i, line 102)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle3_0.i, line 103)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S4_in' (file /tmp/aorai_test_boucle3_0.i, line 109)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S4_out' (file /tmp/aorai_test_boucle3_0.i, line 113)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_boucle3_0.i, line 116)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_S2_in' (file /tmp/aorai_test_boucle3_0.i, line 120)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_S2_out' (file /tmp/aorai_test_boucle3_0.i, line 124)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_boucle3_0.i, line 127)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_test_boucle3_0.i, line 130)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle3_0.i, line 104)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S4_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ T1_S2 ∧ 0 ≡ T0_S4 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_all;
- requires 1 ≡ T1_S2 ⇒ rr ≡ 51;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ T0_init ∧ 0 ≡ T1_S2 ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_all;
- ensures 1 ≡ T0_S4;
- */
-void opb(void)
-{
- opb_pre_func();
- status = 1;
- opb_post_func();
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opa'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S4, T0_init, T1_S2,
- accept_S3, accept_all;
-
- behavior buch_state_T0_S4_out:
- ensures 0 ≡ T0_S4;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_T1_S2_in:
- assumes 1 ≡ T0_init;
- ensures 1 ≡ T1_S2;
-
- behavior buch_state_T1_S2_out:
- assumes 0 ≡ T0_init;
- ensures 0 ≡ T1_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
- */
-void main_pre_func(void)
-{
- /*@ ghost int T0_S4_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int T1_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_all_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- T0_S4_tmp = T0_S4;
- T0_init_tmp = T0_init;
- T1_S2_tmp = T1_S2;
- accept_S3_tmp = accept_S3;
- accept_all_tmp = accept_all;
- accept_all_tmp = 0;
- accept_S3_tmp = 0;
- if (T0_init == 1) T1_S2_tmp = 1; else T1_S2_tmp = 0;
- T0_init_tmp = 0;
- T0_S4_tmp = 0;
- T0_S4 = T0_S4_tmp;
- T0_init = T0_init_tmp;
- T1_S2 = T1_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_all = accept_all_tmp;
- return;
-}
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ T0_S4 ∧ 0 ≡ T0_init ∧ 0 ≡ T1_S2 ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_all;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S4, T0_init, T1_S2,
- accept_S3, accept_all;
-
- behavior buch_state_T0_S4_in:
- assumes 1 ≡ T0_S4;
- ensures 1 ≡ T0_S4;
-
- behavior buch_state_T0_S4_out:
- assumes 0 ≡ T0_S4;
- ensures 0 ≡ T0_S4;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_T1_S2_out:
- ensures 0 ≡ T1_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_all_in:
- assumes 1 ≡ T0_S4;
- ensures 1 ≡ accept_all;
-
- behavior buch_state_accept_all_out:
- assumes 0 ≡ T0_S4;
- ensures 0 ≡ accept_all;
- */
-void main_post_func(int res)
-{
- /*@ ghost int T0_S4_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int T1_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_all_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- T0_S4_tmp = T0_S4;
- T0_init_tmp = T0_init;
- T1_S2_tmp = T1_S2;
- accept_S3_tmp = accept_S3;
- accept_all_tmp = accept_all;
- if (T0_S4 == 1) accept_all_tmp = 1; else accept_all_tmp = 0;
- accept_S3_tmp = 0;
- T1_S2_tmp = 0;
- T0_init_tmp = 0;
- if (T0_S4 == 1) T0_S4_tmp = 1; else T0_S4_tmp = 0;
- T0_S4 = T0_S4_tmp;
- T0_init = T0_init_tmp;
- T1_S2 = T1_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_all = accept_all_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opb_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ T0_init ∧ 0 ≡ T0_S4 ∧ 0 ≡ T1_S2 ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_all;
-
- behavior aorai_acceptance:
- ensures 1 ≡ accept_S3 ∨ 1 ≡ accept_all;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ T0_S4 ∨ 0 ≡ T0_S4;
- ensures 1 ≡ accept_all ∨ 0 ≡ accept_all;
- ensures 0 ≡ T0_init ∧ 0 ≡ T1_S2 ∧ 0 ≡ accept_S3;
- ensures 1 ≡ T0_S4 ∨ 1 ≡ accept_all;
- */
-int main(void)
-{
- int aorai_Loop_Init_41;
- int aorai_Loop_Init_31;
- int __retres;
- main_pre_func();
- /*@ ghost aorai_Loop_Init_31 = 1; */
- aorai_loop_31:
- /*@ loop invariant 0 ≤ rr ≤ 50;
- loop invariant Aorai: 0 ≡ T0_S4;
- loop invariant Aorai: 0 ≡ T0_init;
- loop invariant Aorai: 1 ≡ T1_S2;
- loop invariant Aorai: 0 ≡ accept_S3;
- loop invariant Aorai: 0 ≡ accept_all;
- */
- while (1) {
- if (! (rr < 50)) goto while_0_break;
- /*@ ghost aorai_Loop_Init_31 = 0; */
- opa();
- }
- while_0_break: ;
- opb();
- rr = 0;
- /*@ ghost aorai_Loop_Init_41 = 1; */
- aorai_loop_41:
- /*@ loop invariant Aorai: 1 ≡ T0_S4;
- loop invariant Aorai: 0 ≡ T0_init;
- loop invariant Aorai: 0 ≡ T1_S2;
- loop invariant Aorai: 0 ≡ accept_S3;
- loop invariant Aorai: 0 ≡ accept_all;
- */
- while (1) {
- if (! (rr < 50)) goto while_1_break;
- /*@ ghost aorai_Loop_Init_41 = 0; */
- opa();
- }
- while_1_break: ;
- __retres = 1;
- main_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle3_0.i, line 205)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle3_0.i, line 206)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S4_out' (file /tmp/aorai_test_boucle3_0.i, line 211)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_boucle3_0.i, line 214)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_S2_out' (file /tmp/aorai_test_boucle3_0.i, line 217)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_in' (file /tmp/aorai_test_boucle3_0.i, line 221)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_boucle3_0.i, line 225)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_test_boucle3_0.i, line 228)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle3_0.i, line 207)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'opb_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle3_0.i, line 263)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle3_0.i, line 264)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S4_in' (file /tmp/aorai_test_boucle3_0.i, line 270)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S4_out' (file /tmp/aorai_test_boucle3_0.i, line 274)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_boucle3_0.i, line 277)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_S2_out' (file /tmp/aorai_test_boucle3_0.i, line 280)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_boucle3_0.i, line 283)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_test_boucle3_0.i, line 286)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle3_0.i, line 265)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S4_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'opb'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle3_0.i, line 337)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle3_0.i, line 338)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S4_out' (file /tmp/aorai_test_boucle3_0.i, line 343)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_boucle3_0.i, line 346)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_S2_in' (file /tmp/aorai_test_boucle3_0.i, line 350)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_S2_out' (file /tmp/aorai_test_boucle3_0.i, line 354)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_boucle3_0.i, line 357)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_test_boucle3_0.i, line 360)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle3_0.i, line 339)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle3_0.i, line 395)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle3_0.i, line 396)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S4_in' (file /tmp/aorai_test_boucle3_0.i, line 402)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S4_out' (file /tmp/aorai_test_boucle3_0.i, line 406)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_boucle3_0.i, line 409)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_S2_out' (file /tmp/aorai_test_boucle3_0.i, line 412)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_boucle3_0.i, line 415)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_in' (file /tmp/aorai_test_boucle3_0.i, line 419)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_test_boucle3_0.i, line 423)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle3_0.i, line 397)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S4_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 105 Completely validated
+ 105 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/test_boucle_rechercheTableau.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/test_boucle_rechercheTableau.res.oracle
index bf30d3ed3da4f90707f9b37ba4d1ce7ec0001c5f..a3741cc74d3f24b2bbcb09bc9bf86b9c76024138 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/test_boucle_rechercheTableau.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/test_boucle_rechercheTableau.res.oracle
@@ -1,436 +1,208 @@
[kernel] Parsing tests/aorai/test_boucle_rechercheTableau.c (with preprocessing)
-tests/aorai/test_boucle_rechercheTableau.c:17:[kernel] warning: parsing obsolete ACSL construct '\valid_range(addr,min,max)'. '\valid(addr+(min..max))' should be used instead.
-tests/aorai/test_boucle_rechercheTableau.c:7:[kernel] warning: parsing obsolete ACSL construct '\valid_range(addr,min,max)'. '\valid(addr+(min..max))' should be used instead.
+[kernel] tests/aorai/test_boucle_rechercheTableau.c:17: Warning:
+ parsing obsolete ACSL construct '\valid_range(addr,min,max)'. '\valid(addr+(min..max))' should be used instead.
+[kernel] tests/aorai/test_boucle_rechercheTableau.c:7: Warning:
+ parsing obsolete ACSL construct '\valid_range(addr,min,max)'. '\valid(addr+(min..max))' should be used instead.
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_test_boucle_rechercheTableau0.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_foo_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_foo_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_foo_post_func_post : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_foo_post_func_buch_state_End_out_post : Valid
-[wp] [Qed] Goal typed_foo_post_func_buch_state_End_in_post : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_foo_post_func_buch_state_WillDoFoo_out_post : Valid
-[wp] [Qed] Goal typed_foo_post_func_buch_state_Idle_out_post : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_post : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_buch_state_Idle_out_post : Valid
-[wp] [Qed] Goal typed_foo_pre_func_buch_state_End_out_post : Valid
-[wp] [Qed] Goal typed_foo_pre_func_buch_state_End_in_post : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_buch_state_WillDoFoo_out_post : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_post : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_buch_state_Idle_out_post : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_buch_state_End_out_post : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_buch_state_End_in_post : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_buch_state_WillDoFoo_out_post : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_buch_state_WillDoFoo_in_post : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_post : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_buch_state_Idle_out_post : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_buch_state_Idle_in_post : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_buch_state_End_out_post : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_buch_state_WillDoFoo_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_End_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_End_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_WillDoFoo_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_Idle_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_Idle_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_Idle_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_End_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_WillDoFoo_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_foo = 2,
- op_isPresent = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int End = 0; */
-/*@ ghost int Idle = 1; */
-/*@ ghost int WillDoFoo = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_isPresent;
- assigns aorai_CurOpStatus, aorai_CurOperation, End, Idle, WillDoFoo;
-
- behavior buch_state_End_out:
- ensures 0 ≡ End;
-
- behavior buch_state_Idle_in:
- assumes 1 ≡ Idle;
- ensures 1 ≡ Idle;
-
- behavior buch_state_Idle_out:
- assumes 0 ≡ Idle;
- ensures 0 ≡ Idle;
-
- behavior buch_state_WillDoFoo_out:
- ensures 0 ≡ WillDoFoo;
- */
-void isPresent_pre_func(int *t, int max, int val)
-{
- /*@ ghost int End_tmp; */
- /*@ ghost int Idle_tmp; */
- /*@ ghost int WillDoFoo_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_isPresent;
- End_tmp = End;
- Idle_tmp = Idle;
- WillDoFoo_tmp = WillDoFoo;
- WillDoFoo_tmp = 0;
- if (Idle == 1) Idle_tmp = 1; else Idle_tmp = 0;
- End_tmp = 0;
- End = End_tmp;
- Idle = Idle_tmp;
- WillDoFoo = WillDoFoo_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_test_boucle_rechercheTableau_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires 1 ≡ Idle ∧ 0 ≡ End ∧ 0 ≡ WillDoFoo;
- requires 1 ≡ Idle ⇒ res ≢ -1 ∨ res ≡ -1;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_isPresent;
- assigns aorai_CurOpStatus, aorai_CurOperation, End, Idle, WillDoFoo;
-
- behavior buch_state_End_in:
- assumes 1 ≡ Idle ∧ res ≢ -1;
- ensures 1 ≡ End;
-
- behavior buch_state_End_out:
- assumes 0 ≡ Idle ∨ ¬(res ≢ -1);
- ensures 0 ≡ End;
-
- behavior buch_state_Idle_out:
- ensures 0 ≡ Idle;
-
- behavior buch_state_WillDoFoo_in:
- assumes 1 ≡ Idle ∧ res ≡ -1;
- ensures 1 ≡ WillDoFoo;
-
- behavior buch_state_WillDoFoo_out:
- assumes 0 ≡ Idle ∨ ¬(res ≡ -1);
- ensures 0 ≡ WillDoFoo;
- */
-void isPresent_post_func(int res)
-{
- /*@ ghost int End_tmp; */
- /*@ ghost int Idle_tmp; */
- /*@ ghost int WillDoFoo_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_isPresent;
- End_tmp = End;
- Idle_tmp = Idle;
- WillDoFoo_tmp = WillDoFoo;
- if (Idle == 1)
- if (res == -1) WillDoFoo_tmp = 1; else WillDoFoo_tmp = 0;
- else WillDoFoo_tmp = 0;
- Idle_tmp = 0;
- if (Idle == 1)
- if (res != -1) End_tmp = 1; else End_tmp = 0;
- else End_tmp = 0;
- End = End_tmp;
- Idle = Idle_tmp;
- WillDoFoo = WillDoFoo_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'isPresent_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ Idle ∧ 0 ≡ End ∧ 0 ≡ WillDoFoo;
- requires \valid(t+(0 .. max));
- requires max ≥ 0;
- ensures (0 ≤ \result ≤ \old(max)) ∨ \result ≡ -1;
- ensures 0 ≤ \result ≤ \old(max) ⇒ *(\old(t)+\result) ≡ \old(val);
- ensures
- \result ≡ -1 ⇒
- (∀ ℤ j; 0 ≤ j ≤ \old(max) ⇒ *(\old(t)+j) ≢ \old(val));
-
- behavior Buchi_property_behavior:
- ensures
- (1 ≡ End ⇒ \result ≢ -1) ∧
- (1 ≡ WillDoFoo ⇒ \result ≡ -1);
- ensures 1 ≡ End ∨ 0 ≡ End;
- ensures 1 ≡ WillDoFoo ∨ 0 ≡ WillDoFoo;
- ensures 0 ≡ Idle;
- ensures 1 ≡ End ∨ 1 ≡ WillDoFoo;
- */
-int isPresent(int *t, int max, int val)
-{
- int aorai_Loop_Init_32;
- int __retres;
- int i;
- isPresent_pre_func(t,max,val);
- i = 0;
- /*@ ghost aorai_Loop_Init_32 = 1; */
- aorai_loop_32:
- /*@ loop invariant
- inv:
- 0 ≤ i ≤ max ∧ \valid(t+(0 .. max)) ∧ max ≥ 0 ∧
- (∀ ℤ j; 0 ≤ j ≤ i-1 ⇒ *(t+j) ≢ val);
- loop invariant Aorai: 0 ≡ End;
- loop invariant Aorai: 1 ≡ Idle;
- loop invariant Aorai: 0 ≡ WillDoFoo;
- loop variant (v: max-i);
- */
- while (1) {
- if (i < max) {
- if (! (*(t + i) != val)) goto while_0_break;
- }
- else goto while_0_break;
- /*@ ghost aorai_Loop_Init_32 = 0; */
- i ++;
- }
- while_0_break: ;
- if (*(t + i) == val) {
- __retres = i;
- goto return_label;
- }
- __retres = -1;
- return_label: isPresent_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 33)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 34)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_out' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 38)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_in' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 42)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_out' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 46)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_out' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 49)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 35)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_End_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_foo;
- assigns aorai_CurOpStatus, aorai_CurOperation, End, Idle, WillDoFoo;
-
- behavior buch_state_End_in:
- assumes 1 ≡ WillDoFoo;
- ensures 1 ≡ End;
-
- behavior buch_state_End_out:
- assumes 0 ≡ WillDoFoo;
- ensures 0 ≡ End;
-
- behavior buch_state_Idle_out:
- ensures 0 ≡ Idle;
-
- behavior buch_state_WillDoFoo_out:
- ensures 0 ≡ WillDoFoo;
- */
-void foo_pre_func(void)
-{
- /*@ ghost int End_tmp; */
- /*@ ghost int Idle_tmp; */
- /*@ ghost int WillDoFoo_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_foo;
- End_tmp = End;
- Idle_tmp = Idle;
- WillDoFoo_tmp = WillDoFoo;
- WillDoFoo_tmp = 0;
- Idle_tmp = 0;
- if (WillDoFoo == 1) End_tmp = 1; else End_tmp = 0;
- End = End_tmp;
- Idle = Idle_tmp;
- WillDoFoo = WillDoFoo_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'isPresent_post_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ End ∧ 0 ≡ Idle ∧ 0 ≡ WillDoFoo;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_foo;
- assigns aorai_CurOpStatus, aorai_CurOperation, End, Idle, WillDoFoo;
-
- behavior buch_state_End_in:
- assumes 1 ≡ End;
- ensures 1 ≡ End;
-
- behavior buch_state_End_out:
- assumes 0 ≡ End;
- ensures 0 ≡ End;
-
- behavior buch_state_Idle_out:
- ensures 0 ≡ Idle;
-
- behavior buch_state_WillDoFoo_out:
- ensures 0 ≡ WillDoFoo;
- */
-void foo_post_func(void)
-{
- /*@ ghost int End_tmp; */
- /*@ ghost int Idle_tmp; */
- /*@ ghost int WillDoFoo_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_foo;
- End_tmp = End;
- Idle_tmp = Idle;
- WillDoFoo_tmp = WillDoFoo;
- WillDoFoo_tmp = 0;
- Idle_tmp = 0;
- if (End == 1) End_tmp = 1; else End_tmp = 0;
- End = End_tmp;
- Idle = Idle_tmp;
- WillDoFoo = WillDoFoo_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 75)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 76)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_in' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 81)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_out' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 85)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_out' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 88)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_in' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 92)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_out' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 96)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 77)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_End_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_End_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires 1 ≡ WillDoFoo ∧ 0 ≡ End ∧ 0 ≡ Idle;
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ Idle ∧ 0 ≡ WillDoFoo;
- ensures 1 ≡ End;
- */
-void foo(void)
-{
- foo_pre_func();
- foo_post_func();
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'foo_pre_func'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, End, Idle, WillDoFoo;
-
- behavior buch_state_End_out:
- ensures 0 ≡ End;
-
- behavior buch_state_Idle_in:
- assumes 1 ≡ Idle;
- ensures 1 ≡ Idle;
-
- behavior buch_state_Idle_out:
- assumes 0 ≡ Idle;
- ensures 0 ≡ Idle;
-
- behavior buch_state_WillDoFoo_out:
- ensures 0 ≡ WillDoFoo;
- */
-void main_pre_func(int argc, char **argv)
-{
- /*@ ghost int End_tmp; */
- /*@ ghost int Idle_tmp; */
- /*@ ghost int WillDoFoo_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- End_tmp = End;
- Idle_tmp = Idle;
- WillDoFoo_tmp = WillDoFoo;
- WillDoFoo_tmp = 0;
- if (Idle == 1) Idle_tmp = 1; else Idle_tmp = 0;
- End_tmp = 0;
- End = End_tmp;
- Idle = Idle_tmp;
- WillDoFoo = WillDoFoo_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 176)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 177)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_in' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 182)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_out' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 186)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_out' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 189)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_out' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 192)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 178)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_End_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_End_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires 1 ≡ End ∧ 0 ≡ Idle ∧ 0 ≡ WillDoFoo;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, End, Idle, WillDoFoo;
-
- behavior buch_state_End_in:
- assumes 1 ≡ End;
- ensures 1 ≡ End;
-
- behavior buch_state_End_out:
- assumes 0 ≡ End;
- ensures 0 ≡ End;
-
- behavior buch_state_Idle_out:
- ensures 0 ≡ Idle;
-
- behavior buch_state_WillDoFoo_out:
- ensures 0 ≡ WillDoFoo;
- */
-void main_post_func(int res)
-{
- /*@ ghost int End_tmp; */
- /*@ ghost int Idle_tmp; */
- /*@ ghost int WillDoFoo_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- End_tmp = End;
- Idle_tmp = Idle;
- WillDoFoo_tmp = WillDoFoo;
- WillDoFoo_tmp = 0;
- Idle_tmp = 0;
- if (End == 1) End_tmp = 1; else End_tmp = 0;
- End = End_tmp;
- Idle = Idle_tmp;
- WillDoFoo = WillDoFoo_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'foo_post_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ Idle ∧ 0 ≡ End ∧ 0 ≡ WillDoFoo;
-
- behavior aorai_acceptance:
- ensures 1 ≡ End;
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ Idle ∧ 0 ≡ WillDoFoo;
- ensures 1 ≡ End;
- */
-int main(int argc, char **argv)
-{
- int __retres;
- int tab[4];
- int r;
- main_pre_func(argc,argv);
- tab[0] = 10;
- tab[1] = 20;
- tab[2] = 33;
- tab[3] = 15;
- r = isPresent(tab,3,33);
- if (r == -1) foo();
- __retres = 1;
- main_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 217)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 218)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_in' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 223)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_out' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 227)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_out' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 230)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_out' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 233)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 219)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_End_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_End_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'foo'
+--------------------------------------------------------------------------------
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 270)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 271)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_out' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 275)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_in' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 279)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_out' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 283)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_out' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 286)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 272)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_End_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 311)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 312)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_in' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 317)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_out' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 321)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_out' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 324)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_out' (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 327)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_boucle_rechercheTableau_0.i, line 313)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_End_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_End_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 76 Completely validated
+ 76 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/test_factorial.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/test_factorial.res.oracle
index 246b748a70d9af01d11ebb1ce45a294160c870d7..8aa9c7d22fc21cfb6c3b20441862b0f4a86c4ec7 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/test_factorial.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/test_factorial.res.oracle
@@ -1,512 +1,205 @@
[kernel] Parsing tests/aorai/test_factorial.c (with preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_test_factorial0.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_decode_int_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_post : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_assign_part9 : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_buch_state_accept_S2_in_post : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_post : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_post : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_buch_state_accept_S2_in_post : Valid
-[wp] [Qed] Goal typed_factorial_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_factorial_post_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_factorial_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_post : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_buch_state_accept_S2_in_post : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part9 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S2_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_init_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_decode_int = 2,
- op_factorial = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int accept_S1 = 0; */
-/*@ ghost int accept_S2 = 0; */
-/*@ ghost int accept_init = 1; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_decode_int;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S1, accept_S2,
- accept_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void decode_int_pre_func(char *s)
-{
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_decode_int;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- accept_S2_tmp = 0;
- if (accept_S1 == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_test_factorial_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires 1 ≡ accept_S1 ∧ 0 ≡ accept_S2 ∧ 0 ≡ accept_init;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_decode_int;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S1, accept_S2,
- accept_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ accept_S2;
-
- behavior buch_state_accept_S2_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void decode_int_post_func(int res)
-{
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_decode_int;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- if (accept_S1 == 1) accept_S2_tmp = 1; else accept_S2_tmp = 0;
- if (accept_S1 == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'decode_int_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ accept_S1 ∧ 0 ≡ accept_S2 ∧ 0 ≡ accept_init;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ accept_S1 ∨ 0 ≡ accept_S1;
- ensures 1 ≡ accept_S2 ∨ 0 ≡ accept_S2;
- ensures 0 ≡ accept_init;
- ensures 1 ≡ accept_S1 ∨ 1 ≡ accept_S2;
- */
-int decode_int(char *s)
-{
- int aorai_Loop_Init_81;
- int __retres;
- int intmax;
- int cutlim;
- int cutoff;
- int value;
- char c;
- decode_int_pre_func(s);
- intmax = ~ (1 << (sizeof(int) * (unsigned int)8 - (unsigned int)1));
- cutlim = intmax % 10;
- cutoff = intmax / 10;
- value = 0;
- /*@ ghost aorai_Loop_Init_81 = 1; */
- aorai_loop_81:
- /*@ loop invariant Aorai: 1 ≡ accept_S1;
- loop invariant Aorai: 0 ≡ accept_S2;
- loop invariant Aorai: 0 ≡ accept_init;
- */
- while (1) {
- {
- char *tmp;
- /*@ ghost aorai_Loop_Init_81 = 0; */
- tmp = s;
- s ++;
- c = *tmp;
- if (! c) goto while_0_break;
- {
- int v;
- v = 0;
- switch ((int)c) {
- case '0': v = 0;
- goto switch_1_break;
- case '1': v = 1;
- goto switch_1_break;
- case '2': v = 2;
- goto switch_1_break;
- case '3': v = 3;
- goto switch_1_break;
- case '4': v = 4;
- goto switch_1_break;
- case '5': v = 5;
- goto switch_1_break;
- case '6': v = 6;
- goto switch_1_break;
- case '7': v = 7;
- goto switch_1_break;
- case '8': v = 8;
- goto switch_1_break;
- case '9': v = 9;
- goto switch_1_break;
- default: ;
- __retres = -1;
- goto return_label;
- }
- switch_1_break: ;
- if (value > cutoff) {
- __retres = -1;
- goto return_label;
- }
- else
- if (value == cutoff)
- if (v > cutlim) {
- __retres = -1;
- goto return_label;
- }
- value = value * 10 + v;
- }
- }
- }
- while_0_break: ;
- __retres = value;
- return_label: decode_int_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial_0.i, line 33)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial_0.i, line 34)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_factorial_0.i, line 40)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_factorial_0.i, line 44)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_factorial_0.i, line 47)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_test_factorial_0.i, line 50)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_factorial_0.i, line 35)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_factorial;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S1, accept_S2,
- accept_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_in:
- assumes 1 ≡ accept_S2 ∨ 1 ≡ accept_S1;
- ensures 1 ≡ accept_S2;
-
- behavior buch_state_accept_S2_out:
- assumes 0 ≡ accept_S2 ∧ 0 ≡ accept_S1;
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void factorial_pre_func(int value)
-{
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_factorial;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- if (accept_S1 == 1) accept_S2_tmp = 1;
- else
- if (accept_S2 == 1) accept_S2_tmp = 1; else accept_S2_tmp = 0;
- accept_S1_tmp = 0;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'decode_int_post_func'
+--------------------------------------------------------------------------------
-/*@ requires (1 ≡ accept_S1 ∨ 1 ≡ accept_S2) ∧ 0 ≡ accept_init;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_factorial;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S1, accept_S2,
- accept_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ accept_S2 ∨ 1 ≡ accept_S1;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ accept_S2 ∧ 0 ≡ accept_S1;
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_in:
- assumes 1 ≡ accept_S2 ∨ 1 ≡ accept_S1;
- ensures 1 ≡ accept_S2;
-
- behavior buch_state_accept_S2_out:
- assumes 0 ≡ accept_S2 ∧ 0 ≡ accept_S1;
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void factorial_post_func(int res)
-{
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_factorial;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- if (accept_S1 == 1) accept_S2_tmp = 1;
- else
- if (accept_S2 == 1) accept_S2_tmp = 1; else accept_S2_tmp = 0;
- if (accept_S1 == 1) accept_S1_tmp = 1;
- else
- if (accept_S2 == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial_0.i, line 75)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial_0.i, line 76)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_factorial_0.i, line 82)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_factorial_0.i, line 86)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_in' (file /tmp/aorai_test_factorial_0.i, line 90)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_factorial_0.i, line 94)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_test_factorial_0.i, line 97)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_factorial_0.i, line 77)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires (1 ≡ accept_S1 ∨ 1 ≡ accept_S2) ∧ 0 ≡ accept_init;
- requires 1 ≡ accept_S2 ∨ 0 ≡ accept_S2;
- requires 1 ≡ accept_S1 ∨ 0 ≡ accept_S1;
- requires 0 ≤ value ≤ 12;
- decreases value;
- ensures \result ≥ 1;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ accept_S1 ∨ 0 ≡ accept_S1;
- ensures 1 ≡ accept_S2 ∨ 0 ≡ accept_S2;
- ensures 0 ≡ accept_init;
- ensures 1 ≡ accept_S1 ∨ 1 ≡ accept_S2;
- */
-int factorial(int value)
-{
- int tmp_0;
- factorial_pre_func(value);
- if (value > 0) {
- int tmp;
- tmp = factorial(value - 1);
- tmp_0 = tmp * value;
- }
- else tmp_0 = 1;
- factorial_post_func(tmp_0);
- return tmp_0;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'decode_int'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S1, accept_S2,
- accept_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ accept_init;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ accept_init;
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void main_pre_func(int argc, char **argv)
-{
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- accept_S2_tmp = 0;
- if (accept_init == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires 1 ≡ accept_S1 ∧ 0 ≡ accept_S2 ∧ 0 ≡ accept_init;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S1, accept_S2,
- accept_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ accept_S2;
-
- behavior buch_state_accept_S2_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void main_post_func(int res)
-{
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- if (accept_S1 == 1) accept_S2_tmp = 1; else accept_S2_tmp = 0;
- if (accept_S1 == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'factorial_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ accept_init ∧ 0 ≡ accept_S1 ∧ 0 ≡ accept_S2;
- requires argc ≡ 2;
- ensures \result ≡ 0 ∨ \result ≡ 1;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ accept_S1 ∨ 0 ≡ accept_S1;
- ensures 1 ≡ accept_S2 ∨ 0 ≡ accept_S2;
- ensures 0 ≡ accept_init;
- ensures 1 ≡ accept_S1 ∨ 1 ≡ accept_S2;
- */
-int main(int argc, char **argv)
-{
- int __retres;
- int value;
- main_pre_func(argc,argv);
- if (argc != 2) {
- __retres = 1;
- goto return_label;
- }
- else {
- value = decode_int(*(argv + 1));
- if (value < 0) {
- __retres = 1;
- goto return_label;
- }
- else
- if (value > 12) {
- __retres = 1;
- goto return_label;
- }
- }
- factorial(value);
- __retres = 0;
- return_label: main_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial_0.i, line 199)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial_0.i, line 200)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_factorial_0.i, line 205)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_in' (file /tmp/aorai_test_factorial_0.i, line 209)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_factorial_0.i, line 213)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_test_factorial_0.i, line 216)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_factorial_0.i, line 201)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'factorial_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial_0.i, line 242)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial_0.i, line 243)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_factorial_0.i, line 249)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_factorial_0.i, line 253)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_in' (file /tmp/aorai_test_factorial_0.i, line 257)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_factorial_0.i, line 261)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_test_factorial_0.i, line 264)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_factorial_0.i, line 244)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial_0.i, line 317)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial_0.i, line 318)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_factorial_0.i, line 324)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_factorial_0.i, line 328)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_factorial_0.i, line 331)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_test_factorial_0.i, line 334)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_factorial_0.i, line 319)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial_0.i, line 359)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial_0.i, line 360)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_factorial_0.i, line 366)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_factorial_0.i, line 370)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_in' (file /tmp/aorai_test_factorial_0.i, line 374)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_factorial_0.i, line 378)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_test_factorial_0.i, line 381)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_factorial_0.i, line 361)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 79 Completely validated
+ 79 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/test_factorial2.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/test_factorial2.res.oracle
index 4944a79ee26faa16a15db9ab2edfb30644fefc90..d944c627895f896805e42b475bd6dbde213a7337 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/test_factorial2.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/test_factorial2.res.oracle
@@ -1,509 +1,205 @@
[kernel] Parsing tests/aorai/test_factorial2.c (with preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_test_factorial20.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_decode_int_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_post : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_buch_state_S1_in_post : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_assign_part9 : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_buch_state_main_0_out_post : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_buch_state_S2_in_post : Valid
-[wp] [Qed] Goal typed_decode_int_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_post : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_buch_state_S1_in_post : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_decode_int_pre_func_buch_state_main_0_out_post : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_post : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_buch_state_S2_in_post : Valid
-[wp] [Qed] Goal typed_factorial_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_factorial_post_func_buch_state_S1_in_post : Valid
-[wp] [Qed] Goal typed_factorial_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_factorial_post_func_buch_state_main_0_out_post : Valid
-[wp] [Qed] Goal typed_factorial_post_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_post : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_buch_state_S2_in_post : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_buch_state_main_0_out_post : Valid
-[wp] [Qed] Goal typed_factorial_pre_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S1_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part9 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_main_0_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S2_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S1_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_main_0_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_decode_int = 2,
- op_factorial = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int S1 = 0; */
-/*@ ghost int S2 = 0; */
-/*@ ghost int main_0 = 1; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_decode_int;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, main_0;
-
- behavior buch_state_S1_in:
- assumes 1 ≡ S1;
- ensures 1 ≡ S1;
-
- behavior buch_state_S1_out:
- assumes 0 ≡ S1;
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_out:
- ensures 0 ≡ S2;
-
- behavior buch_state_main_0_out:
- ensures 0 ≡ main_0;
- */
-void decode_int_pre_func(char *s)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int main_0_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_decode_int;
- S1_tmp = S1;
- S2_tmp = S2;
- main_0_tmp = main_0;
- main_0_tmp = 0;
- S2_tmp = 0;
- if (S1 == 1) S1_tmp = 1; else S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- main_0 = main_0_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_test_factorial2_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires 1 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ main_0;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_decode_int;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, main_0;
-
- behavior buch_state_S1_in:
- assumes 1 ≡ S1;
- ensures 1 ≡ S1;
-
- behavior buch_state_S1_out:
- assumes 0 ≡ S1;
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_in:
- assumes 1 ≡ S1 ∧ 1 ≢ 0;
- ensures 1 ≡ S2;
-
- behavior buch_state_S2_out:
- assumes 0 ≡ S1 ∨ 1 ≡ 0;
- ensures 0 ≡ S2;
-
- behavior buch_state_main_0_out:
- ensures 0 ≡ main_0;
- */
-void decode_int_post_func(int res)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int main_0_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_decode_int;
- S1_tmp = S1;
- S2_tmp = S2;
- main_0_tmp = main_0;
- main_0_tmp = 0;
- if (S1 == 1) S2_tmp = 1; else S2_tmp = 0;
- if (S1 == 1) S1_tmp = 1; else S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- main_0 = main_0_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'decode_int_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ main_0;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ S2 ⇒ 1 ≢ 0;
- ensures 1 ≡ S1 ∨ 0 ≡ S1;
- ensures 1 ≡ S2 ∨ 0 ≡ S2;
- ensures 0 ≡ main_0;
- ensures 1 ≡ S1 ∨ 1 ≡ S2;
- */
-int decode_int(char *s)
-{
- int aorai_Loop_Init_81;
- int __retres;
- int intmax;
- int cutlim;
- int cutoff;
- int value;
- char c;
- decode_int_pre_func(s);
- intmax = ~ (1 << (sizeof(int) * (unsigned int)8 - (unsigned int)1));
- cutlim = intmax % 10;
- cutoff = intmax / 10;
- value = 0;
- /*@ ghost aorai_Loop_Init_81 = 1; */
- aorai_loop_81:
- /*@ loop invariant Aorai: 1 ≡ S1;
- loop invariant Aorai: 0 ≡ S2;
- loop invariant Aorai: 0 ≡ main_0;
- */
- while (1) {
- {
- char *tmp;
- /*@ ghost aorai_Loop_Init_81 = 0; */
- tmp = s;
- s ++;
- c = *tmp;
- if (! c) goto while_0_break;
- {
- int v;
- v = 0;
- switch ((int)c) {
- case '0': v = 0;
- goto switch_1_break;
- case '1': v = 1;
- goto switch_1_break;
- case '2': v = 2;
- goto switch_1_break;
- case '3': v = 3;
- goto switch_1_break;
- case '4': v = 4;
- goto switch_1_break;
- case '5': v = 5;
- goto switch_1_break;
- case '6': v = 6;
- goto switch_1_break;
- case '7': v = 7;
- goto switch_1_break;
- case '8': v = 8;
- goto switch_1_break;
- case '9': v = 9;
- goto switch_1_break;
- default: ;
- __retres = -1;
- goto return_label;
- }
- switch_1_break: ;
- if (value > cutoff) {
- __retres = -1;
- goto return_label;
- }
- else
- if (value == cutoff)
- if (v > cutlim) {
- __retres = -1;
- goto return_label;
- }
- value = value * 10 + v;
- }
- }
- }
- while_0_break: ;
- __retres = value;
- return_label: decode_int_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial2_0.i, line 33)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial2_0.i, line 34)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_in' (file /tmp/aorai_test_factorial2_0.i, line 39)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_factorial2_0.i, line 43)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_test_factorial2_0.i, line 46)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_main_0_out' (file /tmp/aorai_test_factorial2_0.i, line 49)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_factorial2_0.i, line 35)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_main_0_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_factorial;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, main_0;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_in:
- assumes 1 ≡ S2 ∨ (1 ≡ S1 ∧ 1 ≢ 0);
- ensures 1 ≡ S2;
-
- behavior buch_state_S2_out:
- assumes 0 ≡ S2 ∧ (0 ≡ S1 ∨ 1 ≡ 0);
- ensures 0 ≡ S2;
-
- behavior buch_state_main_0_out:
- ensures 0 ≡ main_0;
- */
-void factorial_pre_func(int value)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int main_0_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_factorial;
- S1_tmp = S1;
- S2_tmp = S2;
- main_0_tmp = main_0;
- main_0_tmp = 0;
- if (S1 == 1) S2_tmp = 1;
- else
- if (S2 == 1) S2_tmp = 1; else S2_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- main_0 = main_0_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'decode_int_post_func'
+--------------------------------------------------------------------------------
-/*@ requires (1 ≡ S1 ∨ 1 ≡ S2) ∧ 0 ≡ main_0;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_factorial;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, main_0;
-
- behavior buch_state_S1_in:
- assumes 1 ≡ S2 ∨ 1 ≡ S1;
- ensures 1 ≡ S1;
-
- behavior buch_state_S1_out:
- assumes 0 ≡ S2 ∧ 0 ≡ S1;
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_in:
- assumes 1 ≡ S2 ∨ (1 ≡ S1 ∧ 1 ≢ 0);
- ensures 1 ≡ S2;
-
- behavior buch_state_S2_out:
- assumes 0 ≡ S2 ∧ (0 ≡ S1 ∨ 1 ≡ 0);
- ensures 0 ≡ S2;
-
- behavior buch_state_main_0_out:
- ensures 0 ≡ main_0;
- */
-void factorial_post_func(int res)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int main_0_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_factorial;
- S1_tmp = S1;
- S2_tmp = S2;
- main_0_tmp = main_0;
- main_0_tmp = 0;
- if (S1 == 1) S2_tmp = 1;
- else
- if (S2 == 1) S2_tmp = 1; else S2_tmp = 0;
- if (S1 == 1) S1_tmp = 1;
- else
- if (S2 == 1) S1_tmp = 1; else S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- main_0 = main_0_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial2_0.i, line 74)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial2_0.i, line 75)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_in' (file /tmp/aorai_test_factorial2_0.i, line 80)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_factorial2_0.i, line 84)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_in' (file /tmp/aorai_test_factorial2_0.i, line 88)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_test_factorial2_0.i, line 92)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_main_0_out' (file /tmp/aorai_test_factorial2_0.i, line 95)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_factorial2_0.i, line 76)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_main_0_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires (1 ≡ S1 ∨ 1 ≡ S2) ∧ 0 ≡ main_0;
- requires 1 ≡ S1 ⇒ 1 ≢ 0;
- requires 1 ≡ S2 ∨ 0 ≡ S2;
- requires 1 ≡ S1 ∨ 0 ≡ S1;
- requires 0 ≤ value ≤ 12;
- decreases value;
- ensures \result ≥ 1;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ S1 ∨ 0 ≡ S1;
- ensures 1 ≡ S2 ∨ 0 ≡ S2;
- ensures 0 ≡ main_0;
- ensures 1 ≡ S1 ∨ 1 ≡ S2;
- */
-int factorial(int value)
-{
- int tmp_0;
- factorial_pre_func(value);
- if (value > 0) {
- int tmp;
- tmp = factorial(value - 1);
- tmp_0 = tmp * value;
- }
- else tmp_0 = 1;
- factorial_post_func(tmp_0);
- return tmp_0;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'decode_int'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, main_0;
-
- behavior buch_state_S1_in:
- assumes 1 ≡ main_0;
- ensures 1 ≡ S1;
-
- behavior buch_state_S1_out:
- assumes 0 ≡ main_0;
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_out:
- ensures 0 ≡ S2;
-
- behavior buch_state_main_0_out:
- ensures 0 ≡ main_0;
- */
-void main_pre_func(int argc, char **argv)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int main_0_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- S1_tmp = S1;
- S2_tmp = S2;
- main_0_tmp = main_0;
- main_0_tmp = 0;
- S2_tmp = 0;
- if (main_0 == 1) S1_tmp = 1; else S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- main_0 = main_0_tmp;
- return;
-}
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires 1 ≡ S1 ∧ 0 ≡ S2 ∧ 0 ≡ main_0;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, S2, main_0;
-
- behavior buch_state_S1_in:
- assumes 1 ≡ S1;
- ensures 1 ≡ S1;
-
- behavior buch_state_S1_out:
- assumes 0 ≡ S1;
- ensures 0 ≡ S1;
-
- behavior buch_state_S2_in:
- assumes 1 ≡ S1 ∧ 1 ≢ 0;
- ensures 1 ≡ S2;
-
- behavior buch_state_S2_out:
- assumes 0 ≡ S1 ∨ 1 ≡ 0;
- ensures 0 ≡ S2;
-
- behavior buch_state_main_0_out:
- ensures 0 ≡ main_0;
- */
-void main_post_func(int res)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int S2_tmp; */
- /*@ ghost int main_0_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- S1_tmp = S1;
- S2_tmp = S2;
- main_0_tmp = main_0;
- main_0_tmp = 0;
- if (S1 == 1) S2_tmp = 1; else S2_tmp = 0;
- if (S1 == 1) S1_tmp = 1; else S1_tmp = 0;
- S1 = S1_tmp;
- S2 = S2_tmp;
- main_0 = main_0_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'factorial_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ main_0 ∧ 0 ≡ S1 ∧ 0 ≡ S2;
- requires argc ≡ 2;
- ensures \result ≡ 0 ∨ \result ≡ 1;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ S2 ⇒ 1 ≢ 0;
- ensures 1 ≡ S1 ∨ 0 ≡ S1;
- ensures 1 ≡ S2 ∨ 0 ≡ S2;
- ensures 0 ≡ main_0;
- ensures 1 ≡ S1 ∨ 1 ≡ S2;
- */
-int main(int argc, char **argv)
-{
- int __retres;
- int value;
- main_pre_func(argc,argv);
- if (argc != 2) {
- __retres = 1;
- goto return_label;
- }
- else {
- value = decode_int(*(argv + 1));
- if (value < 0) {
- __retres = 1;
- goto return_label;
- }
- else
- if (value > 12) {
- __retres = 1;
- goto return_label;
- }
- }
- factorial(value);
- __retres = 0;
- return_label: main_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial2_0.i, line 198)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial2_0.i, line 199)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_factorial2_0.i, line 203)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_in' (file /tmp/aorai_test_factorial2_0.i, line 207)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_test_factorial2_0.i, line 211)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_main_0_out' (file /tmp/aorai_test_factorial2_0.i, line 214)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_factorial2_0.i, line 200)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_main_0_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'factorial_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial2_0.i, line 239)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial2_0.i, line 240)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_in' (file /tmp/aorai_test_factorial2_0.i, line 245)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_factorial2_0.i, line 249)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_in' (file /tmp/aorai_test_factorial2_0.i, line 253)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_test_factorial2_0.i, line 257)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_main_0_out' (file /tmp/aorai_test_factorial2_0.i, line 260)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_factorial2_0.i, line 241)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_main_0_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial2_0.i, line 312)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial2_0.i, line 313)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_in' (file /tmp/aorai_test_factorial2_0.i, line 318)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_factorial2_0.i, line 322)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_test_factorial2_0.i, line 325)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_main_0_out' (file /tmp/aorai_test_factorial2_0.i, line 328)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_factorial2_0.i, line 314)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_main_0_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial2_0.i, line 353)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_factorial2_0.i, line 354)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_in' (file /tmp/aorai_test_factorial2_0.i, line 359)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_factorial2_0.i, line 363)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_in' (file /tmp/aorai_test_factorial2_0.i, line 367)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S2_out' (file /tmp/aorai_test_factorial2_0.i, line 371)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_main_0_out' (file /tmp/aorai_test_factorial2_0.i, line 374)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_factorial2_0.i, line 355)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_main_0_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 79 Completely validated
+ 79 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/test_recursion1.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/test_recursion1.res.oracle
index 143f3333da9b923a6a9e50fec6c98bf48bd19bc8..b9ef68d70690ea18ecebe6ceb96effba2321c8a5 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/test_recursion1.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/test_recursion1.res.oracle
@@ -1,446 +1,214 @@
[kernel] Parsing tests/aorai/test_recursion1.c (with preprocessing)
-tests/aorai/test_recursion1.c:21:[kernel] warning: parsing obsolete ACSL construct '\valid_range(addr,min,max)'. '\valid(addr+(min..max))' should be used instead.
-tests/aorai/test_recursion1.c:42:[kernel] warning: parsing obsolete ACSL construct '\valid_range(addr,min,max)'. '\valid(addr+(min..max))' should be used instead.
-tests/aorai/test_recursion1.c:54:[kernel] warning: parsing obsolete ACSL construct '\valid_range(addr,min,max)'. '\valid(addr+(min..max))' should be used instead.
+[kernel] tests/aorai/test_recursion1.c:21: Warning:
+ parsing obsolete ACSL construct '\valid_range(addr,min,max)'. '\valid(addr+(min..max))' should be used instead.
+[kernel] tests/aorai/test_recursion1.c:42: Warning:
+ parsing obsolete ACSL construct '\valid_range(addr,min,max)'. '\valid(addr+(min..max))' should be used instead.
+[kernel] tests/aorai/test_recursion1.c:54: Warning:
+ parsing obsolete ACSL construct '\valid_range(addr,min,max)'. '\valid(addr+(min..max))' should be used instead.
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_test_recursion10.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: No definition for 'string_len' interpreted as reads nothing
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_countOne_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_count_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_count_post_func_post : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_count_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_count_pre_func_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part9 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S1_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_count = 2,
- op_countOne = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@
-axiomatic string_len {
- logic ℤ string_len{L}(char *s) ;
-
- axiom strlen0{L}: ∀ char *s; \valid{L}(s) ⇒ string_len{L}(s) ≥ 0;
-
- axiom strlen1{L}:
- ∀ char *s;
- \valid{L}(s) ∧ *(s+0) ≡ '\000' ⇒ string_len{L}(s) ≡ 0;
-
- axiom strlen2{L}:
- ∀ char *s; \valid{L}(s) ⇒ *(s+string_len{L}(s)) ≡ '\000';
-
- axiom strlen3{L}:
- ∀ char *s;
- \valid{L}(s) ∧ *(s+0) ≢ '\000' ⇒
- string_len{L}(s) ≡ 1+string_len{L}(s+1) ∧ \valid{L}(s+1);
-
- axiom strlen4{L}:
- ∀ char *s;
- \valid{L}(s) ⇒
- (∀ ℤ i; 0 ≤ i < string_len{L}(s) ⇒ *(s+i) ≢ '\000');
-
- }
- */
-/*@
-predicate valid_string{L}(char *s) =
- \valid{L}(s) ∧ \valid{L}(s+(0 .. string_len{L}(s)));
- */
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int T0_S2 = 0; */
-/*@ ghost int T0_init = 1; */
-/*@ ghost int accept_S1 = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_countOne;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ T0_S2;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ T0_S2;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
- */
-void countOne_pre_func(char *argv)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_countOne;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (T0_S2 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_test_recursion1_0.i (no preprocessing)
+[wp] Warning: No definition for 'string_len' interpreted as reads nothing
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
+--------------------------------------------------------------------------------
+--- Global Properties
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ T0_S2 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S1;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_countOne;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ T0_S2;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ T0_S2;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
- */
-void countOne_post_func(int res)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_countOne;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (T0_S2 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- return;
-}
+[ Extern ] Axiom 'strlen0'
+ Unverifiable but considered Valid.
+[ Extern ] Axiom 'strlen1'
+ Unverifiable but considered Valid.
+[ Extern ] Axiom 'strlen2'
+ Unverifiable but considered Valid.
+[ Extern ] Axiom 'strlen3'
+ Unverifiable but considered Valid.
+[ Extern ] Axiom 'strlen4'
+ Unverifiable but considered Valid.
+[ Valid ] Axiomatic 'string_len'
+ by Frama-C kernel.
-/*@ requires 1 ≡ T0_S2 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S1;
- requires valid_string(argv);
- ensures \result ≡ string_len(\old(argv));
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ T0_init ∧ 0 ≡ accept_S1;
- ensures 1 ≡ T0_S2;
- */
-int countOne(char *argv)
-{
- int __retres;
- int r;
- int tmp;
- countOne_pre_func(argv);
- r = 0;
- if ((int)*(argv + 0) == 0) {
- __retres = 0;
- goto return_label;
- }
- r ++;
- tmp = countOne(argv + 1);
- r += tmp;
- __retres = r;
- return_label: countOne_post_func(__retres);
- return __retres;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'countOne_pre_func'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_count;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
- */
-void count_pre_func(int argc, char **argv)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_count;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (accept_S1 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion1_0.i, line 61)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion1_0.i, line 62)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_recursion1_0.i, line 68)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_recursion1_0.i, line 72)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_recursion1_0.i, line 75)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_recursion1_0.i, line 78)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion1_0.i, line 63)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires 1 ≡ T0_S2 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S1;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_count;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1;
-
- behavior buch_state_T0_S2_out:
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ T0_S2;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ T0_S2;
- ensures 0 ≡ accept_S1;
- */
-void count_post_func(int res)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_count;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- if (T0_S2 == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- T0_init_tmp = 0;
- T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'countOne_post_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ accept_S1 ∧ 0 ≡ T0_S2 ∧ 0 ≡ T0_init;
- requires
- argc > 0 ∧ \valid(argv) ∧ \valid(argv+(0 .. argc)) ∧
- (∀ ℤ i; 0 ≤ i < argc ⇒ valid_string(*(argv+i)));
- ensures \result ≥ 0;
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ T0_S2 ∧ 0 ≡ T0_init;
- ensures 1 ≡ accept_S1;
- */
-int count(int argc, char **argv)
-{
- int s;
- count_pre_func(argc,argv);
- s = countOne(*(argv + 0));
- if (argc > 1) {
- int tmp_0;
- tmp_0 = count(argc - 1,argv + 1);
- s += tmp_0;
- }
- count_post_func(s);
- return s;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion1_0.i, line 103)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion1_0.i, line 104)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_recursion1_0.i, line 110)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_recursion1_0.i, line 114)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_recursion1_0.i, line 117)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_recursion1_0.i, line 120)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion1_0.i, line 105)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1;
-
- behavior buch_state_T0_S2_out:
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ T0_init;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ T0_init;
- ensures 0 ≡ accept_S1;
- */
-void main_pre_func(int argc, char **argv)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- if (T0_init == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- T0_init_tmp = 0;
- T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'count_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ accept_S1 ∧ 0 ≡ T0_S2 ∧ 0 ≡ T0_init;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ accept_S1;
- */
-void main_post_func(int res)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- if (accept_S1 == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (accept_S1 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion1_0.i, line 173)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion1_0.i, line 174)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_recursion1_0.i, line 180)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_recursion1_0.i, line 184)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_recursion1_0.i, line 187)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_recursion1_0.i, line 190)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion1_0.i, line 175)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires 1 ≡ T0_init ∧ 0 ≡ T0_S2 ∧ 0 ≡ accept_S1;
- requires
- argc ≥ 0 ∧ (argc > 0 ⇒ \valid(argv)) ∧
- \valid(argv+(0 .. argc)) ∧
- (∀ ℤ i; 0 ≤ i < argc ⇒ valid_string(*(argv+i)));
- ensures \result ≡ 1;
-
- behavior aorai_acceptance:
- ensures 1 ≡ accept_S1;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ T0_S2 ∨ 0 ≡ T0_S2;
- ensures 1 ≡ accept_S1 ∨ 0 ≡ accept_S1;
- ensures 0 ≡ T0_init;
- ensures 1 ≡ T0_S2 ∨ 1 ≡ accept_S1;
- */
-int main(int argc, char **argv)
-{
- int __retres;
- int somme;
- main_pre_func(argc,argv);
- somme = 0;
- if (argc > 0) somme = count(argc,argv);
- __retres = 1;
- main_post_func(__retres);
- return __retres;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'count_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion1_0.i, line 215)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion1_0.i, line 216)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_recursion1_0.i, line 221)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_recursion1_0.i, line 224)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_recursion1_0.i, line 228)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_recursion1_0.i, line 232)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion1_0.i, line 217)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion1_0.i, line 279)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion1_0.i, line 280)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_recursion1_0.i, line 285)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_recursion1_0.i, line 288)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_recursion1_0.i, line 292)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_recursion1_0.i, line 296)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion1_0.i, line 281)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion1_0.i, line 321)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion1_0.i, line 322)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_recursion1_0.i, line 328)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_recursion1_0.i, line 332)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_recursion1_0.i, line 335)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_recursion1_0.i, line 339)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_recursion1_0.i, line 343)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion1_0.i, line 323)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 75 Completely validated
+ 5 Considered valid
+ 80 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/test_recursion2.0.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/test_recursion2.0.res.oracle
index 11708e2d1cea3cd908a55cc8fc3f9e4db16be754..292d8b7027adbc657d49e8c2cfdf2b2e6e948118 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/test_recursion2.0.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/test_recursion2.0.res.oracle
@@ -1,555 +1,241 @@
[kernel] Parsing tests/aorai/test_recursion2.c (with preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_test_recursion20.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: No definition for 'string_len' interpreted as reads nothing
-[wp] warning: No definition for 'sum_tab' interpreted as reads nothing
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_count_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_count_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_count_post_func_post : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_T1_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_S1_in_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_accept_T2_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_count_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_count_pre_func_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_S1_in_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_accept_T2_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_T1_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T1_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_T2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_T2_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T1_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part9 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_T2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T1_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T1_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_post : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_buch_state_T1_out_post : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_buch_state_T1_in_post : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_buch_state_accept_T2_out_post : Valid
-[wp] Computing [100 goals...]
-[wp] [Qed] Goal typed_sumOne_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_post : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_assign_part9 : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_buch_state_accept_T2_out_post : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_buch_state_T1_out_post : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_buch_state_T1_in_post : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_buch_state_T0_init_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_count = 2,
- op_main = 1,
- op_sumOne = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@
-axiomatic string_len {
- logic ℤ string_len{L}(char *s) ;
-
- axiom strlen0{L}: ∀ char *s; \valid{L}(s) ⇒ string_len{L}(s) ≥ 0;
-
- axiom strlen1{L}:
- ∀ char *s;
- \valid{L}(s) ∧ *(s+0) ≡ '\000' ⇒ string_len{L}(s) ≡ 0;
-
- axiom strlen2{L}:
- ∀ char *s; \valid{L}(s) ⇒ *(s+string_len{L}(s)) ≡ '\000';
-
- axiom strlen3{L}:
- ∀ char *s;
- \valid{L}(s) ∧ *(s+0) ≢ '\000' ⇒
- string_len{L}(s) ≡ 1+string_len{L}(s+1) ∧ \valid{L}(s+1);
-
- axiom strlen4{L}:
- ∀ char *s;
- \valid{L}(s) ⇒
- (∀ ℤ i; 0 ≤ i < string_len{L}(s) ⇒ *(s+i) ≢ '\000');
-
- }
- */
-/*@
-predicate valid_string{L}(char *s) =
- \valid{L}(s) ∧ \valid{L}(s+(0 .. string_len{L}(s)));
- */
-/*@
-axiomatic sum_tab {
- logic ℤ sum_tab{L}(char *t, ℤ l, ℤ i) ;
-
- axiom sum_tab0{L}:
- ∀ char *t, ℤ l;
- \valid{L}(t+(0 .. l)) ⇒ sum_tab{L}(t, l, 0) ≡ *(t+0);
-
- axiom sum_tabi{L}:
- ∀ char *t, ℤ l, ℤ i;
- \valid{L}(t+(0 .. l)) ∧ 0 < i ≤ l ⇒
- sum_tab{L}(t, l, i) ≡ sum_tab{L}(t, l, i-1)+*(t+i);
-
- axiom sum_tabn{L}:
- ∀ char *t, ℤ l;
- \valid{L}(t+(0 .. l)) ∧ l > 0 ∧ l ≡ string_len{L}(t) ⇒
- sum_tab{L}(t, l, l) ≡ sum_tab{L}(t, l, l-1);
-
- }
- */
-int global_argc = 0;
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int S1 = 0; */
-/*@ ghost int T0_init = 1; */
-/*@ ghost int T1 = 0; */
-/*@ ghost int accept_T2 = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_count;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, T0_init, T1,
- accept_T2;
-
- behavior buch_state_S1_in:
- assumes (1 ≡ T1 ∧ global_argc > 0) ∨ 1 ≡ S1;
- ensures 1 ≡ S1;
-
- behavior buch_state_S1_out:
- assumes (0 ≡ T1 ∨ ¬(global_argc > 0)) ∧ 0 ≡ S1;
- ensures 0 ≡ S1;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_T1_out:
- ensures 0 ≡ T1;
-
- behavior buch_state_accept_T2_out:
- ensures 0 ≡ accept_T2;
- */
-void count_pre_func(char *argv)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int T1_tmp; */
- /*@ ghost int accept_T2_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_count;
- S1_tmp = S1;
- T0_init_tmp = T0_init;
- T1_tmp = T1;
- accept_T2_tmp = accept_T2;
- accept_T2_tmp = 0;
- T1_tmp = 0;
- T0_init_tmp = 0;
- if (S1 == 1) S1_tmp = 1;
- else
- if (T1 == 1)
- if (global_argc > 0) S1_tmp = 1; else S1_tmp = 0;
- else S1_tmp = 0;
- S1 = S1_tmp;
- T0_init = T0_init_tmp;
- T1 = T1_tmp;
- accept_T2 = accept_T2_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_test_recursion2_0.i (no preprocessing)
+[wp] Warning: No definition for 'string_len' interpreted as reads nothing
+[wp] Warning: No definition for 'sum_tab' interpreted as reads nothing
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
+--------------------------------------------------------------------------------
+--- Global Properties
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ S1 ∧ 0 ≡ T0_init ∧ 0 ≡ T1 ∧ 0 ≡ accept_T2;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_count;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, T0_init, T1,
- accept_T2;
-
- behavior buch_state_S1_in:
- assumes 1 ≡ S1;
- ensures 1 ≡ S1;
-
- behavior buch_state_S1_out:
- assumes 0 ≡ S1;
- ensures 0 ≡ S1;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_T1_out:
- ensures 0 ≡ T1;
-
- behavior buch_state_accept_T2_out:
- ensures 0 ≡ accept_T2;
- */
-void count_post_func(int res)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int T1_tmp; */
- /*@ ghost int accept_T2_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_count;
- S1_tmp = S1;
- T0_init_tmp = T0_init;
- T1_tmp = T1;
- accept_T2_tmp = accept_T2;
- accept_T2_tmp = 0;
- T1_tmp = 0;
- T0_init_tmp = 0;
- if (S1 == 1) S1_tmp = 1; else S1_tmp = 0;
- S1 = S1_tmp;
- T0_init = T0_init_tmp;
- T1 = T1_tmp;
- accept_T2 = accept_T2_tmp;
- return;
-}
+[ Extern ] Axiom 'strlen0'
+ Unverifiable but considered Valid.
+[ Extern ] Axiom 'strlen1'
+ Unverifiable but considered Valid.
+[ Extern ] Axiom 'strlen2'
+ Unverifiable but considered Valid.
+[ Extern ] Axiom 'strlen3'
+ Unverifiable but considered Valid.
+[ Extern ] Axiom 'strlen4'
+ Unverifiable but considered Valid.
+[ Extern ] Axiom 'sum_tab0'
+ Unverifiable but considered Valid.
+[ Extern ] Axiom 'sum_tabi'
+ Unverifiable but considered Valid.
+[ Extern ] Axiom 'sum_tabn'
+ Unverifiable but considered Valid.
+[ Valid ] Axiomatic 'string_len'
+ by Frama-C kernel.
+[ Valid ] Axiomatic 'sum_tab'
+ by Frama-C kernel.
-/*@ requires (1 ≡ S1 ∨ 1 ≡ T1) ∧ 0 ≡ T0_init ∧ 0 ≡ accept_T2;
- requires 1 ≡ T1 ⇒ global_argc > 0;
- requires 1 ≡ T1 ∨ 0 ≡ T1;
- requires 1 ≡ S1 ∨ 0 ≡ S1;
- requires valid_string(argv);
- ensures \result ≡ string_len(\old(argv));
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ T0_init ∧ 0 ≡ T1 ∧ 0 ≡ accept_T2;
- ensures 1 ≡ S1;
- */
-int count(char *argv)
-{
- int __retres;
- int tmp;
- count_pre_func(argv);
- if ((int)*(argv + 0) == 0) {
- __retres = 0;
- goto return_label;
- }
- tmp = count(argv + 1);
- __retres = 1 + tmp;
- return_label: count_post_func(__retres);
- return __retres;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'count_pre_func'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_sumOne;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, T0_init, T1,
- accept_T2;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_T1_in:
- assumes 1 ≡ S1;
- ensures 1 ≡ T1;
-
- behavior buch_state_T1_out:
- assumes 0 ≡ S1;
- ensures 0 ≡ T1;
-
- behavior buch_state_accept_T2_out:
- ensures 0 ≡ accept_T2;
- */
-void sumOne_pre_func(char *t, int length)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int T1_tmp; */
- /*@ ghost int accept_T2_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_sumOne;
- S1_tmp = S1;
- T0_init_tmp = T0_init;
- T1_tmp = T1;
- accept_T2_tmp = accept_T2;
- accept_T2_tmp = 0;
- if (S1 == 1) T1_tmp = 1; else T1_tmp = 0;
- T0_init_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- T0_init = T0_init_tmp;
- T1 = T1_tmp;
- accept_T2 = accept_T2_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_0.i, line 83)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_0.i, line 84)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_in' (file /tmp/aorai_test_recursion2_0.i, line 90)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_recursion2_0.i, line 94)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_recursion2_0.i, line 97)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_out' (file /tmp/aorai_test_recursion2_0.i, line 100)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_T2_out' (file /tmp/aorai_test_recursion2_0.i, line 103)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion2_0.i, line 85)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_T2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires 1 ≡ T1 ∧ 0 ≡ S1 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_T2;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_sumOne;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, T0_init, T1,
- accept_T2;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_T1_in:
- assumes 1 ≡ T1;
- ensures 1 ≡ T1;
-
- behavior buch_state_T1_out:
- assumes 0 ≡ T1;
- ensures 0 ≡ T1;
-
- behavior buch_state_accept_T2_out:
- ensures 0 ≡ accept_T2;
- */
-void sumOne_post_func(int res)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int T1_tmp; */
- /*@ ghost int accept_T2_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_sumOne;
- S1_tmp = S1;
- T0_init_tmp = T0_init;
- T1_tmp = T1;
- accept_T2_tmp = accept_T2;
- accept_T2_tmp = 0;
- if (T1 == 1) T1_tmp = 1; else T1_tmp = 0;
- T0_init_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- T0_init = T0_init_tmp;
- T1 = T1_tmp;
- accept_T2 = accept_T2_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'count_post_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ S1 ∧ 0 ≡ T0_init ∧ 0 ≡ T1 ∧ 0 ≡ accept_T2;
- requires valid_string(t) ∧ length ≥ 0 ∧ length ≡ string_len(t);
- ensures \result ≡ sum_tab(\old(t), \old(length), \old(length));
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ S1 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_T2;
- ensures 1 ≡ T1;
- */
-int sumOne(char *t, int length)
-{
- int aorai_Loop_Init_42;
- int sum;
- int i;
- sumOne_pre_func(t,length);
- sum = 0;
- i = 0;
- i = 0;
- /*@ ghost aorai_Loop_Init_42 = 1; */
- aorai_loop_42:
- /*@ loop invariant ranges: 0 ≤ i ≤ length;
- loop invariant sumValue0: i ≡ 0 ⇒ sum ≡ 0;
- loop invariant sumValuei: i > 0 ⇒ sum ≡ sum_tab(t, length, i-1);
- loop invariant Aorai: 0 ≡ S1;
- loop invariant Aorai: 0 ≡ T0_init;
- loop invariant Aorai: 1 ≡ T1;
- loop invariant Aorai: 0 ≡ accept_T2;
- */
- while (1) {
- if (! (i < length)) goto while_0_break;
- /*@ ghost aorai_Loop_Init_42 = 0; */
- sum += (int)*(t + i);
- i ++;
- }
- while_0_break: ;
- sumOne_post_func(sum);
- return sum;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_0.i, line 132)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_0.i, line 133)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_in' (file /tmp/aorai_test_recursion2_0.i, line 139)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_recursion2_0.i, line 143)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_recursion2_0.i, line 146)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_out' (file /tmp/aorai_test_recursion2_0.i, line 149)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_T2_out' (file /tmp/aorai_test_recursion2_0.i, line 152)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion2_0.i, line 134)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_T2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, T0_init, T1,
- accept_T2;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_T1_in:
- assumes 1 ≡ T0_init;
- ensures 1 ≡ T1;
-
- behavior buch_state_T1_out:
- assumes 0 ≡ T0_init;
- ensures 0 ≡ T1;
-
- behavior buch_state_accept_T2_out:
- ensures 0 ≡ accept_T2;
- */
-void main_pre_func(int argc, char **argv)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int T1_tmp; */
- /*@ ghost int accept_T2_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- S1_tmp = S1;
- T0_init_tmp = T0_init;
- T1_tmp = T1;
- accept_T2_tmp = accept_T2;
- accept_T2_tmp = 0;
- if (T0_init == 1) T1_tmp = 1; else T1_tmp = 0;
- T0_init_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- T0_init = T0_init_tmp;
- T1 = T1_tmp;
- accept_T2 = accept_T2_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'sumOne_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ T1 ∧ 0 ≡ S1 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_T2;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, T0_init, T1,
- accept_T2;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_T1_in:
- assumes 1 ≡ T1;
- ensures 1 ≡ T1;
-
- behavior buch_state_T1_out:
- assumes 0 ≡ T1;
- ensures 0 ≡ T1;
-
- behavior buch_state_accept_T2_in:
- assumes 1 ≡ T1;
- ensures 1 ≡ accept_T2;
-
- behavior buch_state_accept_T2_out:
- assumes 0 ≡ T1;
- ensures 0 ≡ accept_T2;
- */
-void main_post_func(int res)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int T1_tmp; */
- /*@ ghost int accept_T2_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- S1_tmp = S1;
- T0_init_tmp = T0_init;
- T1_tmp = T1;
- accept_T2_tmp = accept_T2;
- if (T1 == 1) accept_T2_tmp = 1; else accept_T2_tmp = 0;
- if (T1 == 1) T1_tmp = 1; else T1_tmp = 0;
- T0_init_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- T0_init = T0_init_tmp;
- T1 = T1_tmp;
- accept_T2 = accept_T2_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_0.i, line 208)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_0.i, line 209)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_recursion2_0.i, line 214)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_recursion2_0.i, line 217)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_in' (file /tmp/aorai_test_recursion2_0.i, line 221)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_out' (file /tmp/aorai_test_recursion2_0.i, line 225)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_T2_out' (file /tmp/aorai_test_recursion2_0.i, line 228)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion2_0.i, line 210)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_T2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires 1 ≡ T0_init ∧ 0 ≡ S1 ∧ 0 ≡ T1 ∧ 0 ≡ accept_T2;
- requires
- argc ≥ 0 ∧ (argc > 0 ⇒ \valid(argv) ∧ valid_string(*(argv+0)));
- ensures \result ≡ 1;
-
- behavior aorai_acceptance:
- ensures 1 ≡ accept_T2;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ T1 ∨ 0 ≡ T1;
- ensures 1 ≡ accept_T2 ∨ 0 ≡ accept_T2;
- ensures 0 ≡ S1 ∧ 0 ≡ T0_init;
- ensures 1 ≡ T1 ∨ 1 ≡ accept_T2;
- */
-int main(int argc, char **argv)
-{
- int __retres;
- int sum;
- int length;
- main_pre_func(argc,argv);
- sum = 0;
- global_argc = argc;
- if (argc > 0) {
- length = count(*(argv + 0));
- sum = sumOne(*(argv + 0),length);
- }
- __retres = 1;
- main_post_func(__retres);
- return __retres;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'sumOne_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_0.i, line 257)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_0.i, line 258)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_recursion2_0.i, line 263)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_recursion2_0.i, line 266)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_in' (file /tmp/aorai_test_recursion2_0.i, line 270)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_out' (file /tmp/aorai_test_recursion2_0.i, line 274)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_T2_out' (file /tmp/aorai_test_recursion2_0.i, line 277)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion2_0.i, line 259)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_T2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_0.i, line 339)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_0.i, line 340)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_recursion2_0.i, line 345)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_recursion2_0.i, line 348)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_in' (file /tmp/aorai_test_recursion2_0.i, line 352)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_out' (file /tmp/aorai_test_recursion2_0.i, line 356)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_T2_out' (file /tmp/aorai_test_recursion2_0.i, line 359)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion2_0.i, line 341)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_T2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_0.i, line 388)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_0.i, line 389)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_recursion2_0.i, line 394)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_recursion2_0.i, line 397)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_in' (file /tmp/aorai_test_recursion2_0.i, line 401)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_out' (file /tmp/aorai_test_recursion2_0.i, line 405)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_T2_in' (file /tmp/aorai_test_recursion2_0.i, line 409)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_T2_out' (file /tmp/aorai_test_recursion2_0.i, line 413)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion2_0.i, line 390)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_T2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_T2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 88 Completely validated
+ 8 Considered valid
+ 96 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/test_recursion2.1.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/test_recursion2.1.res.oracle
index 3147fb0b473ab66376dd1d39b5ea0587311839a1..e3739901a99b40eac83930d2e181680bd47a03e6 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/test_recursion2.1.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/test_recursion2.1.res.oracle
@@ -1,559 +1,241 @@
[kernel] Parsing tests/aorai/test_recursion2.c (with preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_test_recursion21.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: No definition for 'string_len' interpreted as reads nothing
-[wp] warning: No definition for 'sum_tab' interpreted as reads nothing
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_count_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_count_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_count_post_func_post : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_T1_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_S1_in_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_accept_T2_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_count_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_count_pre_func_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_S1_in_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_accept_T2_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_T1_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_T2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_T2_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T1_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T1_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part9 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_T2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T1_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T1_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_post : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_buch_state_T1_out_post : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_buch_state_T1_in_post : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_sumOne_post_func_buch_state_accept_T2_out_post : Valid
-[wp] Computing [100 goals...]
-[wp] [Qed] Goal typed_sumOne_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_post : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_assign_part9 : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_buch_state_accept_T2_out_post : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_buch_state_T1_out_post : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_buch_state_T1_in_post : Valid
-[wp] [Qed] Goal typed_sumOne_pre_func_buch_state_T0_init_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_count = 2,
- op_main = 1,
- op_sumOne = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@
-axiomatic string_len {
- logic ℤ string_len{L}(char *s) ;
-
- axiom strlen0{L}: ∀ char *s; \valid{L}(s) ⇒ string_len{L}(s) ≥ 0;
-
- axiom strlen1{L}:
- ∀ char *s;
- \valid{L}(s) ∧ *(s+0) ≡ '\000' ⇒ string_len{L}(s) ≡ 0;
-
- axiom strlen2{L}:
- ∀ char *s; \valid{L}(s) ⇒ *(s+string_len{L}(s)) ≡ '\000';
-
- axiom strlen3{L}:
- ∀ char *s;
- \valid{L}(s) ∧ *(s+0) ≢ '\000' ⇒
- string_len{L}(s) ≡ 1+string_len{L}(s+1) ∧ \valid{L}(s+1);
-
- axiom strlen4{L}:
- ∀ char *s;
- \valid{L}(s) ⇒
- (∀ ℤ i; 0 ≤ i < string_len{L}(s) ⇒ *(s+i) ≢ '\000');
-
- }
- */
-/*@
-predicate valid_string{L}(char *s) =
- \valid{L}(s) ∧ \valid{L}(s+(0 .. string_len{L}(s)));
- */
-/*@
-axiomatic sum_tab {
- logic ℤ sum_tab{L}(char *t, ℤ l, ℤ i) ;
-
- axiom sum_tab0{L}:
- ∀ char *t, ℤ l;
- \valid{L}(t+(0 .. l)) ⇒ sum_tab{L}(t, l, 0) ≡ *(t+0);
-
- axiom sum_tabi{L}:
- ∀ char *t, ℤ l, ℤ i;
- \valid{L}(t+(0 .. l)) ∧ 0 < i ≤ l ⇒
- sum_tab{L}(t, l, i) ≡ sum_tab{L}(t, l, i-1)+*(t+i);
-
- axiom sum_tabn{L}:
- ∀ char *t, ℤ l;
- \valid{L}(t+(0 .. l)) ∧ l > 0 ∧ l ≡ string_len{L}(t) ⇒
- sum_tab{L}(t, l, l) ≡ sum_tab{L}(t, l, l-1);
-
- }
- */
-int global_argc = 0;
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int S1 = 0; */
-/*@ ghost int T0_init = 1; */
-/*@ ghost int T1 = 0; */
-/*@ ghost int accept_T2 = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_count;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, T0_init, T1,
- accept_T2;
-
- behavior buch_state_S1_in:
- assumes (1 ≡ T1 ∧ global_argc > 0) ∨ 1 ≡ S1;
- ensures 1 ≡ S1;
-
- behavior buch_state_S1_out:
- assumes (0 ≡ T1 ∨ ¬(global_argc > 0)) ∧ 0 ≡ S1;
- ensures 0 ≡ S1;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_T1_out:
- ensures 0 ≡ T1;
-
- behavior buch_state_accept_T2_out:
- ensures 0 ≡ accept_T2;
- */
-void count_pre_func(char *argv)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int T1_tmp; */
- /*@ ghost int accept_T2_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_count;
- S1_tmp = S1;
- T0_init_tmp = T0_init;
- T1_tmp = T1;
- accept_T2_tmp = accept_T2;
- accept_T2_tmp = 0;
- T1_tmp = 0;
- T0_init_tmp = 0;
- if (S1 == 1) S1_tmp = 1;
- else
- if (T1 == 1)
- if (global_argc > 0) S1_tmp = 1; else S1_tmp = 0;
- else S1_tmp = 0;
- S1 = S1_tmp;
- T0_init = T0_init_tmp;
- T1 = T1_tmp;
- accept_T2 = accept_T2_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_test_recursion2_1.i (no preprocessing)
+[wp] Warning: No definition for 'string_len' interpreted as reads nothing
+[wp] Warning: No definition for 'sum_tab' interpreted as reads nothing
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
+--------------------------------------------------------------------------------
+--- Global Properties
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ S1 ∧ 0 ≡ T0_init ∧ 0 ≡ T1 ∧ 0 ≡ accept_T2;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_count;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, T0_init, T1,
- accept_T2;
-
- behavior buch_state_S1_in:
- assumes 1 ≡ S1;
- ensures 1 ≡ S1;
-
- behavior buch_state_S1_out:
- assumes 0 ≡ S1;
- ensures 0 ≡ S1;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_T1_out:
- ensures 0 ≡ T1;
-
- behavior buch_state_accept_T2_out:
- ensures 0 ≡ accept_T2;
- */
-void count_post_func(int res)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int T1_tmp; */
- /*@ ghost int accept_T2_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_count;
- S1_tmp = S1;
- T0_init_tmp = T0_init;
- T1_tmp = T1;
- accept_T2_tmp = accept_T2;
- accept_T2_tmp = 0;
- T1_tmp = 0;
- T0_init_tmp = 0;
- if (S1 == 1) S1_tmp = 1; else S1_tmp = 0;
- S1 = S1_tmp;
- T0_init = T0_init_tmp;
- T1 = T1_tmp;
- accept_T2 = accept_T2_tmp;
- return;
-}
+[ Extern ] Axiom 'strlen0'
+ Unverifiable but considered Valid.
+[ Extern ] Axiom 'strlen1'
+ Unverifiable but considered Valid.
+[ Extern ] Axiom 'strlen2'
+ Unverifiable but considered Valid.
+[ Extern ] Axiom 'strlen3'
+ Unverifiable but considered Valid.
+[ Extern ] Axiom 'strlen4'
+ Unverifiable but considered Valid.
+[ Extern ] Axiom 'sum_tab0'
+ Unverifiable but considered Valid.
+[ Extern ] Axiom 'sum_tabi'
+ Unverifiable but considered Valid.
+[ Extern ] Axiom 'sum_tabn'
+ Unverifiable but considered Valid.
+[ Valid ] Axiomatic 'string_len'
+ by Frama-C kernel.
+[ Valid ] Axiomatic 'sum_tab'
+ by Frama-C kernel.
-/*@ requires (1 ≡ S1 ∨ 1 ≡ T1) ∧ 0 ≡ T0_init ∧ 0 ≡ accept_T2;
- requires 1 ≡ T1 ⇒ global_argc > 0;
- requires 1 ≡ T1 ∨ 0 ≡ T1;
- requires 1 ≡ S1 ∨ 0 ≡ S1;
- requires valid_string(argv);
- ensures \result ≡ string_len(\old(argv));
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ T0_init ∧ 0 ≡ T1 ∧ 0 ≡ accept_T2;
- ensures 1 ≡ S1;
- */
-int count(char *argv)
-{
- int __retres;
- int tmp;
- count_pre_func(argv);
- if ((int)*(argv + 0) == 0) {
- __retres = 0;
- goto return_label;
- }
- tmp = count(argv + 1);
- __retres = 1 + tmp;
- return_label: count_post_func(__retres);
- return __retres;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'count_pre_func'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_sumOne;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, T0_init, T1,
- accept_T2;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_T1_in:
- assumes 1 ≡ S1;
- ensures 1 ≡ T1;
-
- behavior buch_state_T1_out:
- assumes 0 ≡ S1;
- ensures 0 ≡ T1;
-
- behavior buch_state_accept_T2_out:
- ensures 0 ≡ accept_T2;
- */
-void sumOne_pre_func(char *t, int length)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int T1_tmp; */
- /*@ ghost int accept_T2_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_sumOne;
- S1_tmp = S1;
- T0_init_tmp = T0_init;
- T1_tmp = T1;
- accept_T2_tmp = accept_T2;
- accept_T2_tmp = 0;
- if (S1 == 1) T1_tmp = 1; else T1_tmp = 0;
- T0_init_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- T0_init = T0_init_tmp;
- T1 = T1_tmp;
- accept_T2 = accept_T2_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_1.i, line 83)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_1.i, line 84)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_in' (file /tmp/aorai_test_recursion2_1.i, line 90)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_recursion2_1.i, line 94)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_recursion2_1.i, line 97)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_out' (file /tmp/aorai_test_recursion2_1.i, line 100)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_T2_out' (file /tmp/aorai_test_recursion2_1.i, line 103)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion2_1.i, line 85)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_T2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires 1 ≡ T1 ∧ 0 ≡ S1 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_T2;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_sumOne;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, T0_init, T1,
- accept_T2;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_T1_in:
- assumes 1 ≡ T1;
- ensures 1 ≡ T1;
-
- behavior buch_state_T1_out:
- assumes 0 ≡ T1;
- ensures 0 ≡ T1;
-
- behavior buch_state_accept_T2_out:
- ensures 0 ≡ accept_T2;
- */
-void sumOne_post_func(int res)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int T1_tmp; */
- /*@ ghost int accept_T2_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_sumOne;
- S1_tmp = S1;
- T0_init_tmp = T0_init;
- T1_tmp = T1;
- accept_T2_tmp = accept_T2;
- accept_T2_tmp = 0;
- if (T1 == 1) T1_tmp = 1; else T1_tmp = 0;
- T0_init_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- T0_init = T0_init_tmp;
- T1 = T1_tmp;
- accept_T2 = accept_T2_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'count_post_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ S1 ∧ 0 ≡ T0_init ∧ 0 ≡ T1 ∧ 0 ≡ accept_T2;
- requires valid_string(t) ∧ length ≥ 0 ∧ length ≡ string_len(t);
- ensures \result ≡ sum_tab(\old(t), \old(length), \old(length));
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ S1 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_T2;
- ensures 1 ≡ T1;
- */
-int sumOne(char *t, int length)
-{
- int aorai_Loop_Init_42;
- int sum;
- int i;
- sumOne_pre_func(t,length);
- sum = 0;
- i = 0;
- i = 0;
- /*@ ghost aorai_Loop_Init_42 = 1; */
- aorai_loop_42:
- /*@ loop invariant ranges: 0 ≤ i ≤ length;
- loop invariant sumValue0: i ≡ 0 ⇒ sum ≡ 0;
- loop invariant sumValuei: i > 0 ⇒ sum ≡ sum_tab(t, length, i-1);
- loop invariant Aorai: 0 ≡ S1;
- loop invariant Aorai: 0 ≡ T0_init;
- loop invariant Aorai: 1 ≡ T1;
- loop invariant Aorai: 0 ≡ accept_T2;
- */
- while (1) {
- if (! (i < length)) goto while_0_break;
- /*@ ghost aorai_Loop_Init_42 = 0; */
- sum += (int)*(t + i);
- i ++;
- }
- while_0_break: ;
- sumOne_post_func(sum);
- return sum;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_1.i, line 132)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_1.i, line 133)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_in' (file /tmp/aorai_test_recursion2_1.i, line 139)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_recursion2_1.i, line 143)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_recursion2_1.i, line 146)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_out' (file /tmp/aorai_test_recursion2_1.i, line 149)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_T2_out' (file /tmp/aorai_test_recursion2_1.i, line 152)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion2_1.i, line 134)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_T2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, T0_init, T1,
- accept_T2;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_T1_in:
- assumes 1 ≡ T0_init;
- ensures 1 ≡ T1;
-
- behavior buch_state_T1_out:
- assumes 0 ≡ T0_init;
- ensures 0 ≡ T1;
-
- behavior buch_state_accept_T2_out:
- ensures 0 ≡ accept_T2;
- */
-void main_pre_func(int argc, char **argv)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int T1_tmp; */
- /*@ ghost int accept_T2_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- S1_tmp = S1;
- T0_init_tmp = T0_init;
- T1_tmp = T1;
- accept_T2_tmp = accept_T2;
- accept_T2_tmp = 0;
- if (T0_init == 1) T1_tmp = 1; else T1_tmp = 0;
- T0_init_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- T0_init = T0_init_tmp;
- T1 = T1_tmp;
- accept_T2 = accept_T2_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'sumOne_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ T1 ∧ 0 ≡ S1 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_T2;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, T0_init, T1,
- accept_T2;
-
- behavior buch_state_S1_out:
- ensures 0 ≡ S1;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_T1_in:
- assumes 1 ≡ T1;
- ensures 1 ≡ T1;
-
- behavior buch_state_T1_out:
- assumes 0 ≡ T1;
- ensures 0 ≡ T1;
-
- behavior buch_state_accept_T2_in:
- assumes 1 ≡ T1 ∧ res ≡ 1;
- ensures 1 ≡ accept_T2;
-
- behavior buch_state_accept_T2_out:
- assumes 0 ≡ T1 ∨ ¬(res ≡ 1);
- ensures 0 ≡ accept_T2;
- */
-void main_post_func(int res)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int T1_tmp; */
- /*@ ghost int accept_T2_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- S1_tmp = S1;
- T0_init_tmp = T0_init;
- T1_tmp = T1;
- accept_T2_tmp = accept_T2;
- if (T1 == 1)
- if (res == 1) accept_T2_tmp = 1; else accept_T2_tmp = 0;
- else accept_T2_tmp = 0;
- if (T1 == 1) T1_tmp = 1; else T1_tmp = 0;
- T0_init_tmp = 0;
- S1_tmp = 0;
- S1 = S1_tmp;
- T0_init = T0_init_tmp;
- T1 = T1_tmp;
- accept_T2 = accept_T2_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_1.i, line 208)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_1.i, line 209)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_recursion2_1.i, line 214)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_recursion2_1.i, line 217)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_in' (file /tmp/aorai_test_recursion2_1.i, line 221)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_out' (file /tmp/aorai_test_recursion2_1.i, line 225)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_T2_out' (file /tmp/aorai_test_recursion2_1.i, line 228)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion2_1.i, line 210)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_T2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires 1 ≡ T0_init ∧ 0 ≡ S1 ∧ 0 ≡ T1 ∧ 0 ≡ accept_T2;
- requires
- argc ≥ 0 ∧ (argc > 0 ⇒ \valid(argv) ∧ valid_string(*(argv+0)));
- ensures \result ≡ 1;
-
- behavior aorai_acceptance:
- ensures 1 ≡ accept_T2;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ accept_T2 ⇒ \result ≡ 1;
- ensures 1 ≡ T1 ∨ 0 ≡ T1;
- ensures 1 ≡ accept_T2 ∨ 0 ≡ accept_T2;
- ensures 0 ≡ S1 ∧ 0 ≡ T0_init;
- ensures 1 ≡ T1 ∨ 1 ≡ accept_T2;
- */
-int main(int argc, char **argv)
-{
- int __retres;
- int sum;
- int length;
- main_pre_func(argc,argv);
- sum = 0;
- global_argc = argc;
- if (argc > 0) {
- length = count(*(argv + 0));
- sum = sumOne(*(argv + 0),length);
- }
- __retres = 1;
- main_post_func(__retres);
- return __retres;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'sumOne_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_1.i, line 257)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_1.i, line 258)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_recursion2_1.i, line 263)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_recursion2_1.i, line 266)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_in' (file /tmp/aorai_test_recursion2_1.i, line 270)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_out' (file /tmp/aorai_test_recursion2_1.i, line 274)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_T2_out' (file /tmp/aorai_test_recursion2_1.i, line 277)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion2_1.i, line 259)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_T2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_1.i, line 339)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_1.i, line 340)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_recursion2_1.i, line 345)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_recursion2_1.i, line 348)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_in' (file /tmp/aorai_test_recursion2_1.i, line 352)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_out' (file /tmp/aorai_test_recursion2_1.i, line 356)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_T2_out' (file /tmp/aorai_test_recursion2_1.i, line 359)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion2_1.i, line 341)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_T2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_1.i, line 388)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion2_1.i, line 389)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_recursion2_1.i, line 394)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_recursion2_1.i, line 397)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_in' (file /tmp/aorai_test_recursion2_1.i, line 401)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T1_out' (file /tmp/aorai_test_recursion2_1.i, line 405)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_T2_in' (file /tmp/aorai_test_recursion2_1.i, line 409)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_T2_out' (file /tmp/aorai_test_recursion2_1.i, line 413)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion2_1.i, line 390)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_T2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_T2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 88 Completely validated
+ 8 Considered valid
+ 96 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/test_recursion4.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/test_recursion4.res.oracle
index 742aff39a927383abfbbb2be8d371c6be872186a..2ea10b05de8ed0e9a4a751b56f0b3729d3ec64e5 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/test_recursion4.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/test_recursion4.res.oracle
@@ -1,446 +1,204 @@
[kernel] Parsing tests/aorai/test_recursion4.c (with preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_test_recursion40.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_foo_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_foo_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_foo_post_func_post : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_foo_post_func_buch_state_End_out_post : Valid
-[wp] [Qed] Goal typed_foo_post_func_buch_state_End_in_post : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_foo_post_func_buch_state_WillDoFoo_out_post : Valid
-[wp] [Qed] Goal typed_foo_post_func_buch_state_Idle_out_post : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_post : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_buch_state_Idle_out_post : Valid
-[wp] [Qed] Goal typed_foo_pre_func_buch_state_End_out_post : Valid
-[wp] [Qed] Goal typed_foo_pre_func_buch_state_End_in_post : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_buch_state_WillDoFoo_out_post : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_post : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_buch_state_End_in_post : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_buch_state_WillDoFoo_out_post : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_buch_state_WillDoFoo_in_post : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_buch_state_Idle_out_post : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_buch_state_End_out_post : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_post : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_buch_state_Idle_out_post : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_buch_state_Idle_in_post : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_buch_state_End_out_post : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_buch_state_WillDoFoo_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_End_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_End_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_WillDoFoo_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_Idle_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_Idle_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_Idle_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_End_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_WillDoFoo_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_foo = 2,
- op_isPresent = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-#pragma JessieIntegerModel(math)
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int End = 0; */
-/*@ ghost int Idle = 1; */
-/*@ ghost int WillDoFoo = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_isPresent;
- assigns aorai_CurOpStatus, aorai_CurOperation, End, Idle, WillDoFoo;
-
- behavior buch_state_End_out:
- ensures 0 ≡ End;
-
- behavior buch_state_Idle_in:
- assumes 1 ≡ Idle;
- ensures 1 ≡ Idle;
-
- behavior buch_state_Idle_out:
- assumes 0 ≡ Idle;
- ensures 0 ≡ Idle;
-
- behavior buch_state_WillDoFoo_out:
- ensures 0 ≡ WillDoFoo;
- */
-void isPresent_pre_func(int *t, int size, int val)
-{
- /*@ ghost int End_tmp; */
- /*@ ghost int Idle_tmp; */
- /*@ ghost int WillDoFoo_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_isPresent;
- End_tmp = End;
- Idle_tmp = Idle;
- WillDoFoo_tmp = WillDoFoo;
- WillDoFoo_tmp = 0;
- if (Idle == 1) Idle_tmp = 1; else Idle_tmp = 0;
- End_tmp = 0;
- End = End_tmp;
- Idle = Idle_tmp;
- WillDoFoo = WillDoFoo_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_test_recursion4_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires 1 ≡ End ∨ 1 ≡ Idle ∨ 1 ≡ WillDoFoo;
- requires 1 ≡ End ⇒ res ≢ -1;
- requires 1 ≡ Idle ⇒ res ≢ -1 ∨ res ≡ -1;
- requires 1 ≡ WillDoFoo ⇒ res ≡ -1;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_isPresent;
- assigns aorai_CurOpStatus, aorai_CurOperation, End, Idle, WillDoFoo;
-
- behavior buch_state_End_in:
- assumes (1 ≡ Idle ∧ res ≢ -1) ∨ (1 ≡ End ∧ res ≢ -1);
- ensures 1 ≡ End;
-
- behavior buch_state_End_out:
- assumes
- (0 ≡ Idle ∨ ¬(res ≢ -1)) ∧ (0 ≡ End ∨ ¬(res ≢ -1));
- ensures 0 ≡ End;
-
- behavior buch_state_Idle_out:
- ensures 0 ≡ Idle;
-
- behavior buch_state_WillDoFoo_in:
- assumes
- (1 ≡ WillDoFoo ∧ res ≡ -1) ∨ (1 ≡ Idle ∧ res ≡ -1);
- ensures 1 ≡ WillDoFoo;
-
- behavior buch_state_WillDoFoo_out:
- assumes
- (0 ≡ WillDoFoo ∨ ¬(res ≡ -1)) ∧
- (0 ≡ Idle ∨ ¬(res ≡ -1));
- ensures 0 ≡ WillDoFoo;
- */
-void isPresent_post_func(int res)
-{
- /*@ ghost int End_tmp; */
- /*@ ghost int Idle_tmp; */
- /*@ ghost int WillDoFoo_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_isPresent;
- End_tmp = End;
- Idle_tmp = Idle;
- WillDoFoo_tmp = WillDoFoo;
- if (Idle == 1) {
- if (res == -1) WillDoFoo_tmp = 1; else goto _LAND;
- }
- else {
- _LAND: ;
- if (WillDoFoo == 1)
- if (res == -1) WillDoFoo_tmp = 1; else WillDoFoo_tmp = 0;
- else WillDoFoo_tmp = 0;
- }
- Idle_tmp = 0;
- if (End == 1) {
- if (res != -1) End_tmp = 1; else goto _LAND_0;
- }
- else {
- _LAND_0: ;
- if (Idle == 1)
- if (res != -1) End_tmp = 1; else End_tmp = 0;
- else End_tmp = 0;
- }
- End = End_tmp;
- Idle = Idle_tmp;
- WillDoFoo = WillDoFoo_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'isPresent_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ Idle ∧ 0 ≡ End ∧ 0 ≡ WillDoFoo;
- requires \valid(t+(0 .. size-1));
- requires size ≥ 0;
- decreases size;
- ensures -1 ≤ \result < \old(size);
-
- behavior found:
- ensures 0 ≤ \result ⇒ *(\old(t)+\result) ≡ \old(val);
-
- behavior notIn:
- ensures
- \result ≡ -1 ⇒
- (∀ ℤ i; 0 ≤ i < \old(size) ⇒ *(\old(t)+i) ≢ \old(val));
-
- behavior Buchi_property_behavior:
- ensures
- (1 ≡ End ⇒ \result ≢ -1) ∧
- (1 ≡ WillDoFoo ⇒ \result ≡ -1);
- ensures 1 ≡ End ∨ 0 ≡ End;
- ensures 1 ≡ WillDoFoo ∨ 0 ≡ WillDoFoo;
- ensures 0 ≡ Idle;
- ensures 1 ≡ End ∨ 1 ≡ WillDoFoo;
- */
-int isPresent(int *t, int size, int val)
-{
- int __retres;
- int r;
- int tmp;
- isPresent_pre_func(t,size,val);
- if (size == 0) {
- __retres = -1;
- goto return_label;
- }
- if (*(t + 0) == val) {
- __retres = 0;
- goto return_label;
- }
- tmp = isPresent(t + 1,size - 1,val);
- r = 1 + tmp;
- if (r == 0) r = -1;
- __retres = r;
- return_label: isPresent_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion4_0.i, line 34)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion4_0.i, line 35)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_out' (file /tmp/aorai_test_recursion4_0.i, line 39)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_in' (file /tmp/aorai_test_recursion4_0.i, line 43)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_out' (file /tmp/aorai_test_recursion4_0.i, line 47)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_out' (file /tmp/aorai_test_recursion4_0.i, line 50)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion4_0.i, line 36)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_End_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_foo;
- assigns aorai_CurOpStatus, aorai_CurOperation, End, Idle, WillDoFoo;
-
- behavior buch_state_End_in:
- assumes 1 ≡ WillDoFoo;
- ensures 1 ≡ End;
-
- behavior buch_state_End_out:
- assumes 0 ≡ WillDoFoo;
- ensures 0 ≡ End;
-
- behavior buch_state_Idle_out:
- ensures 0 ≡ Idle;
-
- behavior buch_state_WillDoFoo_out:
- ensures 0 ≡ WillDoFoo;
- */
-void foo_pre_func(void)
-{
- /*@ ghost int End_tmp; */
- /*@ ghost int Idle_tmp; */
- /*@ ghost int WillDoFoo_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_foo;
- End_tmp = End;
- Idle_tmp = Idle;
- WillDoFoo_tmp = WillDoFoo;
- WillDoFoo_tmp = 0;
- Idle_tmp = 0;
- if (WillDoFoo == 1) End_tmp = 1; else End_tmp = 0;
- End = End_tmp;
- Idle = Idle_tmp;
- WillDoFoo = WillDoFoo_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'isPresent_post_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ End ∧ 0 ≡ Idle ∧ 0 ≡ WillDoFoo;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_foo;
- assigns aorai_CurOpStatus, aorai_CurOperation, End, Idle, WillDoFoo;
-
- behavior buch_state_End_in:
- assumes 1 ≡ End;
- ensures 1 ≡ End;
-
- behavior buch_state_End_out:
- assumes 0 ≡ End;
- ensures 0 ≡ End;
-
- behavior buch_state_Idle_out:
- ensures 0 ≡ Idle;
-
- behavior buch_state_WillDoFoo_out:
- ensures 0 ≡ WillDoFoo;
- */
-void foo_post_func(void)
-{
- /*@ ghost int End_tmp; */
- /*@ ghost int Idle_tmp; */
- /*@ ghost int WillDoFoo_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_foo;
- End_tmp = End;
- Idle_tmp = Idle;
- WillDoFoo_tmp = WillDoFoo;
- WillDoFoo_tmp = 0;
- Idle_tmp = 0;
- if (End == 1) End_tmp = 1; else End_tmp = 0;
- End = End_tmp;
- Idle = Idle_tmp;
- WillDoFoo = WillDoFoo_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion4_0.i, line 78)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion4_0.i, line 79)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_in' (file /tmp/aorai_test_recursion4_0.i, line 84)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_out' (file /tmp/aorai_test_recursion4_0.i, line 89)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_out' (file /tmp/aorai_test_recursion4_0.i, line 92)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_in' (file /tmp/aorai_test_recursion4_0.i, line 97)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_out' (file /tmp/aorai_test_recursion4_0.i, line 103)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion4_0.i, line 80)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_End_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_End_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires 1 ≡ WillDoFoo ∧ 0 ≡ End ∧ 0 ≡ Idle;
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ Idle ∧ 0 ≡ WillDoFoo;
- ensures 1 ≡ End;
- */
-void foo(void)
-{
- foo_pre_func();
- foo_post_func();
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'foo_pre_func'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, End, Idle, WillDoFoo;
-
- behavior buch_state_End_out:
- ensures 0 ≡ End;
-
- behavior buch_state_Idle_in:
- assumes 1 ≡ Idle;
- ensures 1 ≡ Idle;
-
- behavior buch_state_Idle_out:
- assumes 0 ≡ Idle;
- ensures 0 ≡ Idle;
-
- behavior buch_state_WillDoFoo_out:
- ensures 0 ≡ WillDoFoo;
- */
-void main_pre_func(int argc, char **argv)
-{
- /*@ ghost int End_tmp; */
- /*@ ghost int Idle_tmp; */
- /*@ ghost int WillDoFoo_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- End_tmp = End;
- Idle_tmp = Idle;
- WillDoFoo_tmp = WillDoFoo;
- WillDoFoo_tmp = 0;
- if (Idle == 1) Idle_tmp = 1; else Idle_tmp = 0;
- End_tmp = 0;
- End = End_tmp;
- Idle = Idle_tmp;
- WillDoFoo = WillDoFoo_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion4_0.i, line 176)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion4_0.i, line 177)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_in' (file /tmp/aorai_test_recursion4_0.i, line 182)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_out' (file /tmp/aorai_test_recursion4_0.i, line 186)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_out' (file /tmp/aorai_test_recursion4_0.i, line 189)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_out' (file /tmp/aorai_test_recursion4_0.i, line 192)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion4_0.i, line 178)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_End_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_End_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires 1 ≡ End ∧ 0 ≡ Idle ∧ 0 ≡ WillDoFoo;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, End, Idle, WillDoFoo;
-
- behavior buch_state_End_in:
- assumes 1 ≡ End;
- ensures 1 ≡ End;
-
- behavior buch_state_End_out:
- assumes 0 ≡ End;
- ensures 0 ≡ End;
-
- behavior buch_state_Idle_out:
- ensures 0 ≡ Idle;
-
- behavior buch_state_WillDoFoo_out:
- ensures 0 ≡ WillDoFoo;
- */
-void main_post_func(int res)
-{
- /*@ ghost int End_tmp; */
- /*@ ghost int Idle_tmp; */
- /*@ ghost int WillDoFoo_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- End_tmp = End;
- Idle_tmp = Idle;
- WillDoFoo_tmp = WillDoFoo;
- WillDoFoo_tmp = 0;
- Idle_tmp = 0;
- if (End == 1) End_tmp = 1; else End_tmp = 0;
- End = End_tmp;
- Idle = Idle_tmp;
- WillDoFoo = WillDoFoo_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'foo_post_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ Idle ∧ 0 ≡ End ∧ 0 ≡ WillDoFoo;
-
- behavior aorai_acceptance:
- ensures 1 ≡ End;
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ Idle ∧ 0 ≡ WillDoFoo;
- ensures 1 ≡ End;
- */
-int main(int argc, char **argv)
-{
- int __retres;
- int tab[4];
- int r;
- main_pre_func(argc,argv);
- tab[0] = 10;
- tab[1] = 20;
- tab[2] = 33;
- tab[3] = 15;
- r = isPresent(tab,4,33);
- if (r == -1) foo();
- __retres = 1;
- main_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion4_0.i, line 217)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion4_0.i, line 218)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_in' (file /tmp/aorai_test_recursion4_0.i, line 223)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_out' (file /tmp/aorai_test_recursion4_0.i, line 227)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_out' (file /tmp/aorai_test_recursion4_0.i, line 230)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_out' (file /tmp/aorai_test_recursion4_0.i, line 233)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion4_0.i, line 219)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_End_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_End_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'foo'
+--------------------------------------------------------------------------------
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion4_0.i, line 270)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion4_0.i, line 271)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_out' (file /tmp/aorai_test_recursion4_0.i, line 275)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_in' (file /tmp/aorai_test_recursion4_0.i, line 279)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_out' (file /tmp/aorai_test_recursion4_0.i, line 283)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_out' (file /tmp/aorai_test_recursion4_0.i, line 286)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion4_0.i, line 272)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_End_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion4_0.i, line 311)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion4_0.i, line 312)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_in' (file /tmp/aorai_test_recursion4_0.i, line 317)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_out' (file /tmp/aorai_test_recursion4_0.i, line 321)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_out' (file /tmp/aorai_test_recursion4_0.i, line 324)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_out' (file /tmp/aorai_test_recursion4_0.i, line 327)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion4_0.i, line 313)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_End_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_End_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 76 Completely validated
+ 76 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/test_recursion5.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/test_recursion5.res.oracle
index d19ffd1364213d90e472befbc3219d8ac7e1fc2e..41dddbfcba742bc74ce822f1aac2f246f10fdfb2 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/test_recursion5.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/test_recursion5.res.oracle
@@ -1,687 +1,302 @@
[kernel] Parsing tests/aorai/test_recursion5.c (with preprocessing)
-tests/aorai/test_recursion5.c:12:[kernel] warning: parsing obsolete ACSL construct '\valid_range(addr,min,max)'. '\valid(addr+(min..max))' should be used instead.
-tests/aorai/test_recursion5.c:28:[kernel] warning: parsing obsolete ACSL construct '\valid_range(addr,min,max)'. '\valid(addr+(min..max))' should be used instead.
+[kernel] tests/aorai/test_recursion5.c:12: Warning:
+ parsing obsolete ACSL construct '\valid_range(addr,min,max)'. '\valid(addr+(min..max))' should be used instead.
+[kernel] tests/aorai/test_recursion5.c:28: Warning:
+ parsing obsolete ACSL construct '\valid_range(addr,min,max)'. '\valid(addr+(min..max))' should be used instead.
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_test_recursion50.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_foo_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_foo_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_foo_post_func_post : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_foo_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_foo_post_func_buch_state_IgnoreFoo_out_post : Valid
-[wp] [Qed] Goal typed_foo_post_func_buch_state_Idle_out_post : Valid
-[wp] [Qed] Goal typed_foo_post_func_buch_state_End_out_post : Valid
-[wp] [Qed] Goal typed_foo_post_func_buch_state_End_in_post : Valid
-[wp] [Qed] Goal typed_foo_post_func_buch_state_WillDoFoo_out_post : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_post : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_buch_state_End_in_post : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part9 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_foo_pre_func_buch_state_WillDoFoo_out_post : Valid
-[wp] [Qed] Goal typed_foo_pre_func_buch_state_IgnoreFoo_out_post : Valid
-[wp] [Qed] Goal typed_foo_pre_func_buch_state_Idle_out_post : Valid
-[wp] [Qed] Goal typed_foo_pre_func_buch_state_End_out_post : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_post : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_buch_state_IgnoreFoo_in_post : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_buch_state_Idle_out_post : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_buch_state_End_out_post : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_buch_state_WillDoFoo_out_post : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_buch_state_WillDoFoo_in_post : Valid
-[wp] [Qed] Goal typed_isPresentRec_post_func_buch_state_IgnoreFoo_out_post : Valid
-[wp] [Qed] Goal typed_isPresentRec_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_isPresentRec_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_isPresentRec_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_isPresentRec_pre_func_post : Valid
-[wp] [Qed] Goal typed_isPresentRec_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_isPresentRec_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_isPresentRec_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_isPresentRec_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_isPresentRec_pre_func_buch_state_End_out_post : Valid
-[wp] [Qed] Goal typed_isPresentRec_pre_func_assign_part9 : Valid
-[wp] [Qed] Goal typed_isPresentRec_pre_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_isPresentRec_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_isPresentRec_pre_func_buch_state_WillDoFoo_out_post : Valid
-[wp] [Qed] Goal typed_isPresentRec_pre_func_buch_state_IgnoreFoo_out_post : Valid
-[wp] [Qed] Goal typed_isPresentRec_pre_func_buch_state_Idle_out_post : Valid
-[wp] [Qed] Goal typed_isPresentRec_pre_func_buch_state_Idle_in_post : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_post : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_buch_state_End_in_post : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_buch_state_WillDoFoo_in_post : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_buch_state_IgnoreFoo_out_post : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_buch_state_Idle_out_post : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_buch_state_End_out_post : Valid
-[wp] [Qed] Goal typed_isPresent_post_func_buch_state_WillDoFoo_out_post : Valid
-[wp] Computing [100 goals...]
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_post : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_buch_state_End_out_post : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part9 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_buch_state_WillDoFoo_out_post : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_buch_state_IgnoreFoo_out_post : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_buch_state_Idle_out_post : Valid
-[wp] [Qed] Goal typed_isPresent_pre_func_buch_state_Idle_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_IgnoreFoo_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_Idle_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_End_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_End_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_WillDoFoo_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_End_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part9 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_WillDoFoo_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_IgnoreFoo_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_Idle_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_Idle_in_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_foo = 3,
- op_isPresent = 2,
- op_isPresentRec = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int End = 0; */
-/*@ ghost int Idle = 1; */
-/*@ ghost int IgnoreFoo = 0; */
-/*@ ghost int WillDoFoo = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_isPresentRec;
- assigns aorai_CurOpStatus, aorai_CurOperation, End, Idle, IgnoreFoo,
- WillDoFoo;
-
- behavior buch_state_End_out:
- ensures 0 ≡ End;
-
- behavior buch_state_Idle_in:
- assumes 1 ≡ Idle;
- ensures 1 ≡ Idle;
-
- behavior buch_state_Idle_out:
- assumes 0 ≡ Idle;
- ensures 0 ≡ Idle;
-
- behavior buch_state_IgnoreFoo_out:
- ensures 0 ≡ IgnoreFoo;
-
- behavior buch_state_WillDoFoo_out:
- ensures 0 ≡ WillDoFoo;
- */
-void isPresentRec_pre_func(int *t, int i, int max, int val)
-{
- /*@ ghost int End_tmp; */
- /*@ ghost int Idle_tmp; */
- /*@ ghost int IgnoreFoo_tmp; */
- /*@ ghost int WillDoFoo_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_isPresentRec;
- End_tmp = End;
- Idle_tmp = Idle;
- IgnoreFoo_tmp = IgnoreFoo;
- WillDoFoo_tmp = WillDoFoo;
- WillDoFoo_tmp = 0;
- IgnoreFoo_tmp = 0;
- if (Idle == 1) Idle_tmp = 1; else Idle_tmp = 0;
- End_tmp = 0;
- End = End_tmp;
- Idle = Idle_tmp;
- IgnoreFoo = IgnoreFoo_tmp;
- WillDoFoo = WillDoFoo_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_test_recursion5_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires
- (1 ≡ Idle ∨ 1 ≡ IgnoreFoo ∨ 1 ≡ WillDoFoo) ∧ 0 ≡ End;
- requires 1 ≡ Idle ⇒ res ≢ -1 ∨ res ≡ -1;
- requires 1 ≡ IgnoreFoo ⇒ res ≢ -1;
- requires 1 ≡ WillDoFoo ⇒ res ≡ -1;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_isPresentRec;
- assigns aorai_CurOpStatus, aorai_CurOperation, End, Idle, IgnoreFoo,
- WillDoFoo;
-
- behavior buch_state_End_out:
- ensures 0 ≡ End;
-
- behavior buch_state_Idle_out:
- ensures 0 ≡ Idle;
-
- behavior buch_state_IgnoreFoo_in:
- assumes
- (1 ≡ IgnoreFoo ∧ res ≢ -1) ∨ (1 ≡ Idle ∧ res ≢ -1);
- ensures 1 ≡ IgnoreFoo;
-
- behavior buch_state_IgnoreFoo_out:
- assumes
- (0 ≡ IgnoreFoo ∨ ¬(res ≢ -1)) ∧
- (0 ≡ Idle ∨ ¬(res ≢ -1));
- ensures 0 ≡ IgnoreFoo;
-
- behavior buch_state_WillDoFoo_in:
- assumes
- (1 ≡ WillDoFoo ∧ res ≡ -1) ∨ (1 ≡ Idle ∧ res ≡ -1);
- ensures 1 ≡ WillDoFoo;
-
- behavior buch_state_WillDoFoo_out:
- assumes
- (0 ≡ WillDoFoo ∨ ¬(res ≡ -1)) ∧
- (0 ≡ Idle ∨ ¬(res ≡ -1));
- ensures 0 ≡ WillDoFoo;
- */
-void isPresentRec_post_func(int res)
-{
- /*@ ghost int End_tmp; */
- /*@ ghost int Idle_tmp; */
- /*@ ghost int IgnoreFoo_tmp; */
- /*@ ghost int WillDoFoo_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_isPresentRec;
- End_tmp = End;
- Idle_tmp = Idle;
- IgnoreFoo_tmp = IgnoreFoo;
- WillDoFoo_tmp = WillDoFoo;
- if (Idle == 1) {
- if (res == -1) WillDoFoo_tmp = 1; else goto _LAND;
- }
- else {
- _LAND: ;
- if (WillDoFoo == 1)
- if (res == -1) WillDoFoo_tmp = 1; else WillDoFoo_tmp = 0;
- else WillDoFoo_tmp = 0;
- }
- if (Idle == 1) {
- if (res != -1) IgnoreFoo_tmp = 1; else goto _LAND_0;
- }
- else {
- _LAND_0: ;
- if (IgnoreFoo == 1)
- if (res != -1) IgnoreFoo_tmp = 1; else IgnoreFoo_tmp = 0;
- else IgnoreFoo_tmp = 0;
- }
- Idle_tmp = 0;
- End_tmp = 0;
- End = End_tmp;
- Idle = Idle_tmp;
- IgnoreFoo = IgnoreFoo_tmp;
- WillDoFoo = WillDoFoo_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'isPresentRec_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ Idle ∧ 0 ≡ End ∧ 0 ≡ IgnoreFoo ∧ 0 ≡ WillDoFoo;
- requires \valid(t+(0 .. max));
- requires max ≥ 0;
- requires 0 ≤ i ≤ max;
- decreases max-i;
- ensures (\old(i) ≤ \result ≤ \old(max)) ∨ \result ≡ -1;
- ensures
- \old(i) ≤ \result ≤ \old(max) ⇒ *(\old(t)+\result) ≡ \old(val);
- ensures
- \result ≡ -1 ⇒
- (∀ ℤ j; \old(i) ≤ j ≤ \old(max) ⇒ *(\old(t)+j) ≢ \old(val));
-
- behavior Buchi_property_behavior:
- ensures
- (1 ≡ IgnoreFoo ⇒ \result ≢ -1) ∧
- (1 ≡ WillDoFoo ⇒ \result ≡ -1);
- ensures 1 ≡ IgnoreFoo ∨ 0 ≡ IgnoreFoo;
- ensures 1 ≡ WillDoFoo ∨ 0 ≡ WillDoFoo;
- ensures 0 ≡ End ∧ 0 ≡ Idle;
- ensures 1 ≡ IgnoreFoo ∨ 1 ≡ WillDoFoo;
- */
-int isPresentRec(int *t, int i, int max, int val)
-{
- int __retres;
- int tmp;
- isPresentRec_pre_func(t,i,max,val);
- if (*(t + i) == val) {
- __retres = i;
- goto return_label;
- }
- if (max == i) {
- __retres = -1;
- goto return_label;
- }
- tmp = isPresentRec(t,i + 1,max,val);
- __retres = tmp;
- return_label: isPresentRec_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion5_0.i, line 35)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion5_0.i, line 36)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_out' (file /tmp/aorai_test_recursion5_0.i, line 41)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_in' (file /tmp/aorai_test_recursion5_0.i, line 45)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_out' (file /tmp/aorai_test_recursion5_0.i, line 49)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_IgnoreFoo_out' (file /tmp/aorai_test_recursion5_0.i, line 52)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_out' (file /tmp/aorai_test_recursion5_0.i, line 55)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion5_0.i, line 37)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_End_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_IgnoreFoo_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_isPresent;
- assigns aorai_CurOpStatus, aorai_CurOperation, End, Idle, IgnoreFoo,
- WillDoFoo;
-
- behavior buch_state_End_out:
- ensures 0 ≡ End;
-
- behavior buch_state_Idle_in:
- assumes 1 ≡ Idle;
- ensures 1 ≡ Idle;
-
- behavior buch_state_Idle_out:
- assumes 0 ≡ Idle;
- ensures 0 ≡ Idle;
-
- behavior buch_state_IgnoreFoo_out:
- ensures 0 ≡ IgnoreFoo;
-
- behavior buch_state_WillDoFoo_out:
- ensures 0 ≡ WillDoFoo;
- */
-void isPresent_pre_func(int *t, int max, int val)
-{
- /*@ ghost int End_tmp; */
- /*@ ghost int Idle_tmp; */
- /*@ ghost int IgnoreFoo_tmp; */
- /*@ ghost int WillDoFoo_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_isPresent;
- End_tmp = End;
- Idle_tmp = Idle;
- IgnoreFoo_tmp = IgnoreFoo;
- WillDoFoo_tmp = WillDoFoo;
- WillDoFoo_tmp = 0;
- IgnoreFoo_tmp = 0;
- if (Idle == 1) Idle_tmp = 1; else Idle_tmp = 0;
- End_tmp = 0;
- End = End_tmp;
- Idle = Idle_tmp;
- IgnoreFoo = IgnoreFoo_tmp;
- WillDoFoo = WillDoFoo_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'isPresentRec_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- (1 ≡ IgnoreFoo ∨ 1 ≡ WillDoFoo) ∧ 0 ≡ End ∧ 0 ≡ Idle;
- requires 1 ≡ IgnoreFoo ⇒ res ≢ -1;
- requires 1 ≡ WillDoFoo ⇒ res ≡ -1;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_isPresent;
- assigns aorai_CurOpStatus, aorai_CurOperation, End, Idle, IgnoreFoo,
- WillDoFoo;
-
- behavior buch_state_End_in:
- assumes 1 ≡ IgnoreFoo ∧ res ≢ -1;
- ensures 1 ≡ End;
-
- behavior buch_state_End_out:
- assumes 0 ≡ IgnoreFoo ∨ ¬(res ≢ -1);
- ensures 0 ≡ End;
-
- behavior buch_state_Idle_out:
- ensures 0 ≡ Idle;
-
- behavior buch_state_IgnoreFoo_out:
- ensures 0 ≡ IgnoreFoo;
-
- behavior buch_state_WillDoFoo_in:
- assumes 1 ≡ WillDoFoo ∧ res ≡ -1;
- ensures 1 ≡ WillDoFoo;
-
- behavior buch_state_WillDoFoo_out:
- assumes 0 ≡ WillDoFoo ∨ ¬(res ≡ -1);
- ensures 0 ≡ WillDoFoo;
- */
-void isPresent_post_func(int res)
-{
- /*@ ghost int End_tmp; */
- /*@ ghost int Idle_tmp; */
- /*@ ghost int IgnoreFoo_tmp; */
- /*@ ghost int WillDoFoo_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_isPresent;
- End_tmp = End;
- Idle_tmp = Idle;
- IgnoreFoo_tmp = IgnoreFoo;
- WillDoFoo_tmp = WillDoFoo;
- if (WillDoFoo == 1)
- if (res == -1) WillDoFoo_tmp = 1; else WillDoFoo_tmp = 0;
- else WillDoFoo_tmp = 0;
- IgnoreFoo_tmp = 0;
- Idle_tmp = 0;
- if (IgnoreFoo == 1)
- if (res != -1) End_tmp = 1; else End_tmp = 0;
- else End_tmp = 0;
- End = End_tmp;
- Idle = Idle_tmp;
- IgnoreFoo = IgnoreFoo_tmp;
- WillDoFoo = WillDoFoo_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion5_0.i, line 88)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion5_0.i, line 89)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_out' (file /tmp/aorai_test_recursion5_0.i, line 94)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_out' (file /tmp/aorai_test_recursion5_0.i, line 97)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_IgnoreFoo_in' (file /tmp/aorai_test_recursion5_0.i, line 102)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_IgnoreFoo_out' (file /tmp/aorai_test_recursion5_0.i, line 108)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_in' (file /tmp/aorai_test_recursion5_0.i, line 113)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_out' (file /tmp/aorai_test_recursion5_0.i, line 119)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion5_0.i, line 90)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_End_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_IgnoreFoo_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_IgnoreFoo_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ Idle ∧ 0 ≡ End ∧ 0 ≡ IgnoreFoo ∧ 0 ≡ WillDoFoo;
- requires \valid(t+(0 .. max));
- requires max ≥ 0;
- ensures (0 ≤ \result ≤ \old(max)) ∨ \result ≡ -1;
- ensures 0 ≤ \result ≤ \old(max) ⇒ *(\old(t)+\result) ≡ \old(val);
- ensures
- \result ≡ -1 ⇒
- (∀ ℤ i; 0 ≤ i ≤ \old(max) ⇒ *(\old(t)+i) ≢ \old(val));
-
- behavior Buchi_property_behavior:
- ensures
- (1 ≡ End ⇒ \result ≢ -1) ∧
- (1 ≡ WillDoFoo ⇒ \result ≡ -1);
- ensures 1 ≡ End ∨ 0 ≡ End;
- ensures 1 ≡ WillDoFoo ∨ 0 ≡ WillDoFoo;
- ensures 0 ≡ Idle ∧ 0 ≡ IgnoreFoo;
- ensures 1 ≡ End ∨ 1 ≡ WillDoFoo;
- */
-int isPresent(int *t, int max, int val)
-{
- int tmp;
- isPresent_pre_func(t,max,val);
- tmp = isPresentRec(t,0,max,val);
- isPresent_post_func(tmp);
- return tmp;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'isPresent_pre_func'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_foo;
- assigns aorai_CurOpStatus, aorai_CurOperation, End, Idle, IgnoreFoo,
- WillDoFoo;
-
- behavior buch_state_End_in:
- assumes 1 ≡ WillDoFoo;
- ensures 1 ≡ End;
-
- behavior buch_state_End_out:
- assumes 0 ≡ WillDoFoo;
- ensures 0 ≡ End;
-
- behavior buch_state_Idle_out:
- ensures 0 ≡ Idle;
-
- behavior buch_state_IgnoreFoo_out:
- ensures 0 ≡ IgnoreFoo;
-
- behavior buch_state_WillDoFoo_out:
- ensures 0 ≡ WillDoFoo;
- */
-void foo_pre_func(void)
-{
- /*@ ghost int End_tmp; */
- /*@ ghost int Idle_tmp; */
- /*@ ghost int IgnoreFoo_tmp; */
- /*@ ghost int WillDoFoo_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_foo;
- End_tmp = End;
- Idle_tmp = Idle;
- IgnoreFoo_tmp = IgnoreFoo;
- WillDoFoo_tmp = WillDoFoo;
- WillDoFoo_tmp = 0;
- IgnoreFoo_tmp = 0;
- Idle_tmp = 0;
- if (WillDoFoo == 1) End_tmp = 1; else End_tmp = 0;
- End = End_tmp;
- Idle = Idle_tmp;
- IgnoreFoo = IgnoreFoo_tmp;
- WillDoFoo = WillDoFoo_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion5_0.i, line 195)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion5_0.i, line 196)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_out' (file /tmp/aorai_test_recursion5_0.i, line 201)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_in' (file /tmp/aorai_test_recursion5_0.i, line 205)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_out' (file /tmp/aorai_test_recursion5_0.i, line 209)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_IgnoreFoo_out' (file /tmp/aorai_test_recursion5_0.i, line 212)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_out' (file /tmp/aorai_test_recursion5_0.i, line 215)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion5_0.i, line 197)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_End_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_IgnoreFoo_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ End ∧ 0 ≡ Idle ∧ 0 ≡ IgnoreFoo ∧ 0 ≡ WillDoFoo;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_foo;
- assigns aorai_CurOpStatus, aorai_CurOperation, End, Idle, IgnoreFoo,
- WillDoFoo;
-
- behavior buch_state_End_in:
- assumes 1 ≡ End;
- ensures 1 ≡ End;
-
- behavior buch_state_End_out:
- assumes 0 ≡ End;
- ensures 0 ≡ End;
-
- behavior buch_state_Idle_out:
- ensures 0 ≡ Idle;
-
- behavior buch_state_IgnoreFoo_out:
- ensures 0 ≡ IgnoreFoo;
-
- behavior buch_state_WillDoFoo_out:
- ensures 0 ≡ WillDoFoo;
- */
-void foo_post_func(void)
-{
- /*@ ghost int End_tmp; */
- /*@ ghost int Idle_tmp; */
- /*@ ghost int IgnoreFoo_tmp; */
- /*@ ghost int WillDoFoo_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_foo;
- End_tmp = End;
- Idle_tmp = Idle;
- IgnoreFoo_tmp = IgnoreFoo;
- WillDoFoo_tmp = WillDoFoo;
- WillDoFoo_tmp = 0;
- IgnoreFoo_tmp = 0;
- Idle_tmp = 0;
- if (End == 1) End_tmp = 1; else End_tmp = 0;
- End = End_tmp;
- Idle = Idle_tmp;
- IgnoreFoo = IgnoreFoo_tmp;
- WillDoFoo = WillDoFoo_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'isPresent_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ WillDoFoo ∧ 0 ≡ End ∧ 0 ≡ Idle ∧ 0 ≡ IgnoreFoo;
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ Idle ∧ 0 ≡ IgnoreFoo ∧ 0 ≡ WillDoFoo;
- ensures 1 ≡ End;
- */
-void foo(void)
-{
- foo_pre_func();
- foo_post_func();
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion5_0.i, line 247)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion5_0.i, line 248)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_in' (file /tmp/aorai_test_recursion5_0.i, line 254)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_out' (file /tmp/aorai_test_recursion5_0.i, line 258)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_out' (file /tmp/aorai_test_recursion5_0.i, line 261)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_IgnoreFoo_out' (file /tmp/aorai_test_recursion5_0.i, line 264)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_in' (file /tmp/aorai_test_recursion5_0.i, line 268)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_out' (file /tmp/aorai_test_recursion5_0.i, line 272)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion5_0.i, line 249)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_End_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_End_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_IgnoreFoo_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, End, Idle, IgnoreFoo,
- WillDoFoo;
-
- behavior buch_state_End_out:
- ensures 0 ≡ End;
-
- behavior buch_state_Idle_in:
- assumes 1 ≡ Idle;
- ensures 1 ≡ Idle;
-
- behavior buch_state_Idle_out:
- assumes 0 ≡ Idle;
- ensures 0 ≡ Idle;
-
- behavior buch_state_IgnoreFoo_out:
- ensures 0 ≡ IgnoreFoo;
-
- behavior buch_state_WillDoFoo_out:
- ensures 0 ≡ WillDoFoo;
- */
-void main_pre_func(int argc, char **argv)
-{
- /*@ ghost int End_tmp; */
- /*@ ghost int Idle_tmp; */
- /*@ ghost int IgnoreFoo_tmp; */
- /*@ ghost int WillDoFoo_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- End_tmp = End;
- Idle_tmp = Idle;
- IgnoreFoo_tmp = IgnoreFoo;
- WillDoFoo_tmp = WillDoFoo;
- WillDoFoo_tmp = 0;
- IgnoreFoo_tmp = 0;
- if (Idle == 1) Idle_tmp = 1; else Idle_tmp = 0;
- End_tmp = 0;
- End = End_tmp;
- Idle = Idle_tmp;
- IgnoreFoo = IgnoreFoo_tmp;
- WillDoFoo = WillDoFoo_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'foo_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ End ∧ 0 ≡ Idle ∧ 0 ≡ IgnoreFoo ∧ 0 ≡ WillDoFoo;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, End, Idle, IgnoreFoo,
- WillDoFoo;
-
- behavior buch_state_End_in:
- assumes 1 ≡ End;
- ensures 1 ≡ End;
-
- behavior buch_state_End_out:
- assumes 0 ≡ End;
- ensures 0 ≡ End;
-
- behavior buch_state_Idle_out:
- ensures 0 ≡ Idle;
-
- behavior buch_state_IgnoreFoo_out:
- ensures 0 ≡ IgnoreFoo;
-
- behavior buch_state_WillDoFoo_out:
- ensures 0 ≡ WillDoFoo;
- */
-void main_post_func(int res)
-{
- /*@ ghost int End_tmp; */
- /*@ ghost int Idle_tmp; */
- /*@ ghost int IgnoreFoo_tmp; */
- /*@ ghost int WillDoFoo_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- End_tmp = End;
- Idle_tmp = Idle;
- IgnoreFoo_tmp = IgnoreFoo;
- WillDoFoo_tmp = WillDoFoo;
- WillDoFoo_tmp = 0;
- IgnoreFoo_tmp = 0;
- Idle_tmp = 0;
- if (End == 1) End_tmp = 1; else End_tmp = 0;
- End = End_tmp;
- Idle = Idle_tmp;
- IgnoreFoo = IgnoreFoo_tmp;
- WillDoFoo = WillDoFoo_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion5_0.i, line 330)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion5_0.i, line 331)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_in' (file /tmp/aorai_test_recursion5_0.i, line 337)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_out' (file /tmp/aorai_test_recursion5_0.i, line 341)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_out' (file /tmp/aorai_test_recursion5_0.i, line 344)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_IgnoreFoo_out' (file /tmp/aorai_test_recursion5_0.i, line 347)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_out' (file /tmp/aorai_test_recursion5_0.i, line 350)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion5_0.i, line 332)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_End_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_End_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_IgnoreFoo_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ Idle ∧ 0 ≡ End ∧ 0 ≡ IgnoreFoo ∧ 0 ≡ WillDoFoo;
-
- behavior aorai_acceptance:
- ensures 1 ≡ End;
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ Idle ∧ 0 ≡ IgnoreFoo ∧ 0 ≡ WillDoFoo;
- ensures 1 ≡ End;
- */
-int main(int argc, char **argv)
-{
- int __retres;
- int tab[4];
- int r;
- main_pre_func(argc,argv);
- tab[0] = 10;
- tab[1] = 20;
- tab[2] = 33;
- tab[3] = 15;
- r = isPresent(tab,3,33);
- if (r == -1) foo();
- __retres = 1;
- main_post_func(__retres);
- return __retres;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'foo_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion5_0.i, line 380)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion5_0.i, line 381)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_in' (file /tmp/aorai_test_recursion5_0.i, line 387)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_out' (file /tmp/aorai_test_recursion5_0.i, line 391)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_out' (file /tmp/aorai_test_recursion5_0.i, line 394)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_IgnoreFoo_out' (file /tmp/aorai_test_recursion5_0.i, line 397)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_out' (file /tmp/aorai_test_recursion5_0.i, line 400)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion5_0.i, line 382)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_End_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_End_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_IgnoreFoo_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'foo'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion5_0.i, line 442)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion5_0.i, line 443)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_out' (file /tmp/aorai_test_recursion5_0.i, line 448)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_in' (file /tmp/aorai_test_recursion5_0.i, line 452)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_out' (file /tmp/aorai_test_recursion5_0.i, line 456)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_IgnoreFoo_out' (file /tmp/aorai_test_recursion5_0.i, line 459)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_out' (file /tmp/aorai_test_recursion5_0.i, line 462)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion5_0.i, line 444)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_End_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_IgnoreFoo_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion5_0.i, line 492)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_recursion5_0.i, line 493)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_in' (file /tmp/aorai_test_recursion5_0.i, line 499)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_End_out' (file /tmp/aorai_test_recursion5_0.i, line 503)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_Idle_out' (file /tmp/aorai_test_recursion5_0.i, line 506)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_IgnoreFoo_out' (file /tmp/aorai_test_recursion5_0.i, line 509)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_WillDoFoo_out' (file /tmp/aorai_test_recursion5_0.i, line 512)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_recursion5_0.i, line 494)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_End_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_End_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_Idle_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_IgnoreFoo_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_WillDoFoo_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 118 Completely validated
+ 118 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/test_struct.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/test_struct.res.oracle
index e44ffe014aa3c754ee511304d3b77406946e0fe6..1ca649f504a32ba1f4c0e3e2a34029d9fc19ae4a 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/test_struct.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/test_struct.res.oracle
@@ -1,242 +1,126 @@
[kernel] Parsing tests/aorai/test_struct.c (with preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_test_struct0.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_increment_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_increment_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_increment_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_increment_post_func_post : Valid
-[wp] [Qed] Goal typed_increment_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_increment_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_increment_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_increment_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_increment_post_func_buch_state_main_0_out_post : Valid
-[wp] [Qed] Goal typed_increment_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_increment_post_func_buch_state_S1_in_post : Valid
-[wp] [Qed] Goal typed_increment_post_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_increment_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_increment_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_increment_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_increment_pre_func_post : Valid
-[wp] [Qed] Goal typed_increment_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_increment_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_increment_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_increment_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_increment_pre_func_buch_state_main_0_out_post : Valid
-[wp] [Qed] Goal typed_increment_pre_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_increment_pre_func_buch_state_S1_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_main_0_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_S1_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_main_0_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_S1_in_post : Valid
-/* Generated by Frama-C */
-struct People {
- int Age ;
- char Gender ;
-};
-enum aorai_ListOper {
- op_increment = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-struct People nobody;
-int myAge = 0;
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int S1 = 0; */
-/*@ ghost int main_0 = 1; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_increment;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, main_0;
-
- behavior buch_state_S1_in:
- assumes 1 ≡ S1 ∧ nobody.Age ≡ 1;
- ensures 1 ≡ S1;
-
- behavior buch_state_S1_out:
- assumes 0 ≡ S1 ∨ ¬(nobody.Age ≡ 1);
- ensures 0 ≡ S1;
-
- behavior buch_state_main_0_out:
- ensures 0 ≡ main_0;
- */
-void increment_pre_func(void)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int main_0_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_increment;
- S1_tmp = S1;
- main_0_tmp = main_0;
- main_0_tmp = 0;
- if (S1 == 1)
- if (nobody.Age == 1) S1_tmp = 1; else S1_tmp = 0;
- else S1_tmp = 0;
- S1 = S1_tmp;
- main_0 = main_0_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_test_struct_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires 1 ≡ S1 ∧ 0 ≡ main_0;
- requires 1 ≡ S1 ⇒ nobody.Age ≡ 1;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_increment;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, main_0;
-
- behavior buch_state_S1_in:
- assumes 1 ≡ S1 ∧ nobody.Age ≡ 1;
- ensures 1 ≡ S1;
-
- behavior buch_state_S1_out:
- assumes 0 ≡ S1 ∨ ¬(nobody.Age ≡ 1);
- ensures 0 ≡ S1;
-
- behavior buch_state_main_0_out:
- ensures 0 ≡ main_0;
- */
-void increment_post_func(void)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int main_0_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_increment;
- S1_tmp = S1;
- main_0_tmp = main_0;
- main_0_tmp = 0;
- if (S1 == 1)
- if (nobody.Age == 1) S1_tmp = 1; else S1_tmp = 0;
- else S1_tmp = 0;
- S1 = S1_tmp;
- main_0 = main_0_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'increment_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ S1 ∧ 0 ≡ main_0;
- requires 1 ≡ S1 ⇒ nobody.Age ≡ 1;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ S1 ⇒ nobody.Age ≡ 1;
- ensures 0 ≡ main_0;
- ensures 1 ≡ S1;
- */
-void increment(void)
-{
- increment_pre_func();
- (nobody.Age) ++;
- myAge ++;
- increment_post_func();
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_struct_0.i, line 37)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_struct_0.i, line 38)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_in' (file /tmp/aorai_test_struct_0.i, line 43)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_struct_0.i, line 47)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_main_0_out' (file /tmp/aorai_test_struct_0.i, line 50)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_struct_0.i, line 39)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_main_0_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, main_0;
-
- behavior buch_state_S1_in:
- assumes 1 ≡ main_0 ∧ nobody.Age ≡ 0;
- ensures 1 ≡ S1;
-
- behavior buch_state_S1_out:
- assumes 0 ≡ main_0 ∨ ¬(nobody.Age ≡ 0);
- ensures 0 ≡ S1;
-
- behavior buch_state_main_0_out:
- ensures 0 ≡ main_0;
- */
-void main_pre_func(void)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int main_0_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- S1_tmp = S1;
- main_0_tmp = main_0;
- main_0_tmp = 0;
- if (main_0 == 1)
- if (nobody.Age == 0) S1_tmp = 1; else S1_tmp = 0;
- else S1_tmp = 0;
- S1 = S1_tmp;
- main_0 = main_0_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'increment_post_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ S1 ∧ 0 ≡ main_0;
- requires 1 ≡ S1 ⇒ nobody.Age ≡ 1;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, S1, main_0;
-
- behavior buch_state_S1_in:
- assumes 1 ≡ S1 ∧ nobody.Age ≡ 1;
- ensures 1 ≡ S1;
-
- behavior buch_state_S1_out:
- assumes 0 ≡ S1 ∨ ¬(nobody.Age ≡ 1);
- ensures 0 ≡ S1;
-
- behavior buch_state_main_0_out:
- ensures 0 ≡ main_0;
- */
-void main_post_func(int res)
-{
- /*@ ghost int S1_tmp; */
- /*@ ghost int main_0_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- S1_tmp = S1;
- main_0_tmp = main_0;
- main_0_tmp = 0;
- if (S1 == 1)
- if (nobody.Age == 1) S1_tmp = 1; else S1_tmp = 0;
- else S1_tmp = 0;
- S1 = S1_tmp;
- main_0 = main_0_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_struct_0.i, line 72)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_struct_0.i, line 73)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_in' (file /tmp/aorai_test_struct_0.i, line 78)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_struct_0.i, line 82)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_main_0_out' (file /tmp/aorai_test_struct_0.i, line 85)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_struct_0.i, line 74)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_main_0_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires 1 ≡ main_0 ∧ 0 ≡ S1;
- requires 1 ≡ main_0 ⇒ nobody.Age ≡ 0;
-
- behavior aorai_acceptance:
- ensures 1 ≡ S1 ∨ 1 ≡ main_0;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ S1 ⇒ nobody.Age ≡ 1;
- ensures 0 ≡ main_0;
- ensures 1 ≡ S1;
- */
-int main(void)
-{
- int __retres;
- main_pre_func();
- nobody.Age = 0;
- increment();
- __retres = 0;
- main_post_func(__retres);
- return __retres;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'increment'
+--------------------------------------------------------------------------------
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_struct_0.i, line 122)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_struct_0.i, line 123)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_in' (file /tmp/aorai_test_struct_0.i, line 128)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_struct_0.i, line 132)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_main_0_out' (file /tmp/aorai_test_struct_0.i, line 135)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_struct_0.i, line 124)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_main_0_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_struct_0.i, line 157)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_struct_0.i, line 158)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_in' (file /tmp/aorai_test_struct_0.i, line 163)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_S1_out' (file /tmp/aorai_test_struct_0.i, line 167)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_main_0_out' (file /tmp/aorai_test_struct_0.i, line 170)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_struct_0.i, line 159)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_main_0_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 42 Completely validated
+ 42 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/test_switch2.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/test_switch2.res.oracle
index c242d324f4265404212e6145056b250f4bc76461..ccc86062eafd1c2c8391e240e4571a3404e204fc 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/test_switch2.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/test_switch2.res.oracle
@@ -1,874 +1,398 @@
[kernel] Parsing tests/aorai/test_switch2.c (with preprocessing)
[aorai] Welcome to the Aorai plugin
-tests/aorai/test_switch2.c:34:[aorai] warning: Call to opc not conforming to automaton (post-cond). Assuming it is on a dead path
-tests/aorai/test_switch2.c:23:[aorai] warning: Call to opc not conforming to automaton (pre-cond). Assuming it is on a dead path
-[kernel] Parsing /tmp/aorai_test_switch20.i (no preprocessing)
-/tmp/aorai_test_switch20.i:4:[wp] warning: Global invariant not handled yet ('inv' ignored)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_main_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_all_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S6_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S5_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S2_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S6_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S5_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opa_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_opa_post_func_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_opa_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_S6_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_S5_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_S4_in_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_opa_post_func_buch_state_accept_all_out_post : Valid
-[wp] Computing [100 goals...]
-[wp] [Qed] Goal typed_opa_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_S3_in_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_S6_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_S5_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_opa_pre_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opb_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_opb_post_func_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part16 : Valid
-[wp] [Qed] Goal typed_opb_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_S6_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_S6_in_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_S5_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_opb_post_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_S6_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_S5_out_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_S5_in_post : Valid
-[wp] [Qed] Goal typed_opb_pre_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opc_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_opc_post_func_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opc_post_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_opc_post_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_buch_state_accept_S6_out_post : Valid
-[wp] [Qed] Goal typed_opc_post_func_buch_state_accept_S5_out_post : Valid
-[wp] Computing [200 goals...]
-[wp] [Qed] Goal typed_opc_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_post : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_opc_pre_func_buch_state_accept_S5_out_post : Valid
-[wp] [Qed] Goal typed_opc_pre_func_buch_state_accept_S4_out_post : Valid
-[wp] [Qed] Goal typed_opc_pre_func_buch_state_accept_S3_out_post : Valid
-[wp] [Qed] Goal typed_opc_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_opc_pre_func_buch_state_accept_init_out_post : Valid
-[wp] [Qed] Goal typed_opc_pre_func_buch_state_accept_all_out_post : Valid
-[wp] [Qed] Goal typed_opc_pre_func_buch_state_accept_S6_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_main = 3,
- op_opa = 2,
- op_opb = 1,
- op_opc = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-int status = 0;
-int rr = 1;
-/*@ global invariant inv: 0 ≤ rr ≤ 50;
- */
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int accept_S2 = 0; */
-/*@ ghost int accept_S3 = 0; */
-/*@ ghost int accept_S4 = 0; */
-/*@ ghost int accept_S5 = 0; */
-/*@ ghost int accept_S6 = 0; */
-/*@ ghost int accept_all = 0; */
-/*@ ghost int accept_init = 1; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_opa;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S2, accept_S3,
- accept_S4, accept_S5, accept_S6, accept_all, accept_init;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_in:
- assumes 1 ≡ accept_S2;
- ensures 1 ≡ accept_S3;
-
- behavior buch_state_accept_S3_out:
- assumes 0 ≡ accept_S2;
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_out:
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_S6_out:
- ensures 0 ≡ accept_S6;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void opa_pre_func(void)
-{
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_S6_tmp; */
- /*@ ghost int accept_all_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_opa;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_S6_tmp = accept_S6;
- accept_all_tmp = accept_all;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- accept_all_tmp = 0;
- accept_S6_tmp = 0;
- accept_S5_tmp = 0;
- accept_S4_tmp = 0;
- if (accept_S2 == 1) accept_S3_tmp = 1; else accept_S3_tmp = 0;
- accept_S2_tmp = 0;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_S6 = accept_S6_tmp;
- accept_all = accept_all_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+[aorai] tests/aorai/test_switch2.c:34: Warning:
+ Call to opc not conforming to automaton (post-cond). Assuming it is on a dead path
+[aorai] tests/aorai/test_switch2.c:23: Warning:
+ Call to opc not conforming to automaton (pre-cond). Assuming it is on a dead path
+[kernel] Parsing /tmp/aorai_test_switch2_0.i (no preprocessing)
+[wp] /tmp/aorai_test_switch2_0.i:4: Warning:
+ Global invariant not handled yet ('inv' ignored)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires
- 1 ≡ accept_S3 ∧ 0 ≡ accept_S2 ∧ 0 ≡ accept_S4 ∧
- 0 ≡ accept_S5 ∧ 0 ≡ accept_S6 ∧ 0 ≡ accept_all ∧
- 0 ≡ accept_init;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_opa;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S2, accept_S3,
- accept_S4, accept_S5, accept_S6, accept_all, accept_init;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_in:
- assumes 1 ≡ accept_S3;
- ensures 1 ≡ accept_S4;
-
- behavior buch_state_accept_S4_out:
- assumes 0 ≡ accept_S3;
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_out:
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_S6_out:
- ensures 0 ≡ accept_S6;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void opa_post_func(void)
-{
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_S6_tmp; */
- /*@ ghost int accept_all_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_opa;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_S6_tmp = accept_S6;
- accept_all_tmp = accept_all;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- accept_all_tmp = 0;
- accept_S6_tmp = 0;
- accept_S5_tmp = 0;
- if (accept_S3 == 1) accept_S4_tmp = 1; else accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- accept_S2_tmp = 0;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_S6 = accept_S6_tmp;
- accept_all = accept_all_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opa_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ accept_S2 ∧ 0 ≡ accept_S3 ∧ 0 ≡ accept_S4 ∧
- 0 ≡ accept_S5 ∧ 0 ≡ accept_S6 ∧ 0 ≡ accept_all ∧
- 0 ≡ accept_init;
- requires rr < 50;
-
- behavior j:
- ensures rr < 51;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ accept_S2 ∧ 0 ≡ accept_S3 ∧ 0 ≡ accept_S5 ∧
- 0 ≡ accept_S6 ∧ 0 ≡ accept_all ∧ 0 ≡ accept_init;
- ensures 1 ≡ accept_S4;
- */
-void opa(void)
-{
- opa_pre_func();
- rr ++;
- opa_post_func();
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_switch2_0.i, line 42)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch2_0.i, line 43)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch2_0.i, line 48)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_in' (file /tmp/aorai_test_switch2_0.i, line 52)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_switch2_0.i, line 56)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_test_switch2_0.i, line 59)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_test_switch2_0.i, line 62)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S6_out' (file /tmp/aorai_test_switch2_0.i, line 65)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_test_switch2_0.i, line 68)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_test_switch2_0.i, line 71)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch2_0.i, line 44)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_opb;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S2, accept_S3,
- accept_S4, accept_S5, accept_S6, accept_all, accept_init;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_in:
- assumes 1 ≡ accept_S4;
- ensures 1 ≡ accept_S5;
-
- behavior buch_state_accept_S5_out:
- assumes 0 ≡ accept_S4;
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_S6_out:
- ensures 0 ≡ accept_S6;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void opb_pre_func(void)
-{
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_S6_tmp; */
- /*@ ghost int accept_all_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_opb;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_S6_tmp = accept_S6;
- accept_all_tmp = accept_all;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- accept_all_tmp = 0;
- accept_S6_tmp = 0;
- if (accept_S4 == 1) accept_S5_tmp = 1; else accept_S5_tmp = 0;
- accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- accept_S2_tmp = 0;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_S6 = accept_S6_tmp;
- accept_all = accept_all_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opa_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ accept_S5 ∧ 0 ≡ accept_S2 ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_S4 ∧ 0 ≡ accept_S6 ∧ 0 ≡ accept_all ∧
- 0 ≡ accept_init;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_opb;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S2, accept_S3,
- accept_S4, accept_S5, accept_S6, accept_all, accept_init;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_out:
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_S6_in:
- assumes 1 ≡ accept_S5;
- ensures 1 ≡ accept_S6;
-
- behavior buch_state_accept_S6_out:
- assumes 0 ≡ accept_S5;
- ensures 0 ≡ accept_S6;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void opb_post_func(void)
-{
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_S6_tmp; */
- /*@ ghost int accept_all_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_opb;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_S6_tmp = accept_S6;
- accept_all_tmp = accept_all;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- accept_all_tmp = 0;
- if (accept_S5 == 1) accept_S6_tmp = 1; else accept_S6_tmp = 0;
- accept_S5_tmp = 0;
- accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- accept_S2_tmp = 0;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_S6 = accept_S6_tmp;
- accept_all = accept_all_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_switch2_0.i, line 115)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch2_0.i, line 116)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch2_0.i, line 121)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_switch2_0.i, line 124)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_in' (file /tmp/aorai_test_switch2_0.i, line 128)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_test_switch2_0.i, line 132)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_test_switch2_0.i, line 135)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S6_out' (file /tmp/aorai_test_switch2_0.i, line 138)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_test_switch2_0.i, line 141)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_test_switch2_0.i, line 144)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch2_0.i, line 117)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ accept_S4 ∧ 0 ≡ accept_S2 ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_S5 ∧ 0 ≡ accept_S6 ∧ 0 ≡ accept_all ∧
- 0 ≡ accept_init;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ accept_S2 ∧ 0 ≡ accept_S3 ∧ 0 ≡ accept_S4 ∧
- 0 ≡ accept_S5 ∧ 0 ≡ accept_all ∧ 0 ≡ accept_init;
- ensures 1 ≡ accept_S6;
- */
-void opb(void)
-{
- opb_pre_func();
- status = 1;
- opb_post_func();
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opa'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_opc;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S2, accept_S3,
- accept_S4, accept_S5, accept_S6, accept_all, accept_init;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_out:
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_S6_out:
- ensures 0 ≡ accept_S6;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void opc_pre_func(void)
-{
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_S6_tmp; */
- /*@ ghost int accept_all_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_opc;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_S6_tmp = accept_S6;
- accept_all_tmp = accept_all;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- accept_all_tmp = 0;
- accept_S6_tmp = 0;
- accept_S5_tmp = 0;
- accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- accept_S2_tmp = 0;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_S6 = accept_S6_tmp;
- accept_all = accept_all_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires \false;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_opc;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S2, accept_S3,
- accept_S4, accept_S5, accept_S6, accept_all, accept_init;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_out:
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_S6_out:
- ensures 0 ≡ accept_S6;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void opc_post_func(void)
-{
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_S6_tmp; */
- /*@ ghost int accept_all_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_opc;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_S6_tmp = accept_S6;
- accept_all_tmp = accept_all;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- accept_all_tmp = 0;
- accept_S6_tmp = 0;
- accept_S5_tmp = 0;
- accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- accept_S2_tmp = 0;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_S6 = accept_S6_tmp;
- accept_all = accept_all_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opb_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires \false;
-
- behavior Buchi_behavior_out_0:
- ensures 0 ≡ accept_S2;
-
- behavior Buchi_behavior_out_1:
- ensures 0 ≡ accept_S3;
-
- behavior Buchi_behavior_out_2:
- ensures 0 ≡ accept_S4;
-
- behavior Buchi_behavior_out_3:
- ensures 0 ≡ accept_S5;
-
- behavior Buchi_behavior_out_4:
- ensures 0 ≡ accept_S6;
-
- behavior Buchi_behavior_out_5:
- ensures 0 ≡ accept_all;
-
- behavior Buchi_behavior_out_6:
- ensures 0 ≡ accept_init;
- */
-void opc(void)
-{
- opc_pre_func();
- rr = 9000;
- opc_post_func();
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_switch2_0.i, line 207)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch2_0.i, line 208)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch2_0.i, line 213)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_switch2_0.i, line 216)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_test_switch2_0.i, line 219)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_in' (file /tmp/aorai_test_switch2_0.i, line 223)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_test_switch2_0.i, line 227)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S6_out' (file /tmp/aorai_test_switch2_0.i, line 230)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_test_switch2_0.i, line 233)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_test_switch2_0.i, line 236)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch2_0.i, line 209)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S2, accept_S3,
- accept_S4, accept_S5, accept_S6, accept_all, accept_init;
-
- behavior buch_state_accept_S2_in:
- assumes 1 ≡ accept_init;
- ensures 1 ≡ accept_S2;
-
- behavior buch_state_accept_S2_out:
- assumes 0 ≡ accept_init;
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_out:
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_S6_out:
- ensures 0 ≡ accept_S6;
-
- behavior buch_state_accept_all_out:
- ensures 0 ≡ accept_all;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void main_pre_func(void)
-{
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_S6_tmp; */
- /*@ ghost int accept_all_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_S6_tmp = accept_S6;
- accept_all_tmp = accept_all;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- accept_all_tmp = 0;
- accept_S6_tmp = 0;
- accept_S5_tmp = 0;
- accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- if (accept_init == 1) accept_S2_tmp = 1; else accept_S2_tmp = 0;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_S6 = accept_S6_tmp;
- accept_all = accept_all_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opb_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ accept_S6 ∧ 0 ≡ accept_S2 ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_S4 ∧ 0 ≡ accept_S5 ∧ 0 ≡ accept_all ∧
- 0 ≡ accept_init;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, accept_S2, accept_S3,
- accept_S4, accept_S5, accept_S6, accept_all, accept_init;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
-
- behavior buch_state_accept_S3_out:
- ensures 0 ≡ accept_S3;
-
- behavior buch_state_accept_S4_out:
- ensures 0 ≡ accept_S4;
-
- behavior buch_state_accept_S5_out:
- ensures 0 ≡ accept_S5;
-
- behavior buch_state_accept_S6_out:
- ensures 0 ≡ accept_S6;
-
- behavior buch_state_accept_all_in:
- assumes 1 ≡ accept_S6;
- ensures 1 ≡ accept_all;
-
- behavior buch_state_accept_all_out:
- assumes 0 ≡ accept_S6;
- ensures 0 ≡ accept_all;
-
- behavior buch_state_accept_init_out:
- ensures 0 ≡ accept_init;
- */
-void main_post_func(int res)
-{
- /*@ ghost int accept_S2_tmp; */
- /*@ ghost int accept_S3_tmp; */
- /*@ ghost int accept_S4_tmp; */
- /*@ ghost int accept_S5_tmp; */
- /*@ ghost int accept_S6_tmp; */
- /*@ ghost int accept_all_tmp; */
- /*@ ghost int accept_init_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- accept_S2_tmp = accept_S2;
- accept_S3_tmp = accept_S3;
- accept_S4_tmp = accept_S4;
- accept_S5_tmp = accept_S5;
- accept_S6_tmp = accept_S6;
- accept_all_tmp = accept_all;
- accept_init_tmp = accept_init;
- accept_init_tmp = 0;
- if (accept_S6 == 1) accept_all_tmp = 1; else accept_all_tmp = 0;
- accept_S6_tmp = 0;
- accept_S5_tmp = 0;
- accept_S4_tmp = 0;
- accept_S3_tmp = 0;
- accept_S2_tmp = 0;
- accept_S2 = accept_S2_tmp;
- accept_S3 = accept_S3_tmp;
- accept_S4 = accept_S4_tmp;
- accept_S5 = accept_S5_tmp;
- accept_S6 = accept_S6_tmp;
- accept_all = accept_all_tmp;
- accept_init = accept_init_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_switch2_0.i, line 280)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch2_0.i, line 281)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch2_0.i, line 286)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_switch2_0.i, line 289)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_test_switch2_0.i, line 292)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_test_switch2_0.i, line 295)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S6_in' (file /tmp/aorai_test_switch2_0.i, line 299)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S6_out' (file /tmp/aorai_test_switch2_0.i, line 303)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_test_switch2_0.i, line 306)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_test_switch2_0.i, line 309)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch2_0.i, line 282)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S6_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ accept_init ∧ 0 ≡ accept_S2 ∧ 0 ≡ accept_S3 ∧
- 0 ≡ accept_S4 ∧ 0 ≡ accept_S5 ∧ 0 ≡ accept_S6 ∧
- 0 ≡ accept_all;
-
- behavior aorai_acceptance:
- ensures
- 1 ≡ accept_S2 ∨ 1 ≡ accept_S3 ∨ 1 ≡ accept_S4 ∨
- 1 ≡ accept_S5 ∨ 1 ≡ accept_S6 ∨ 1 ≡ accept_all ∨
- 1 ≡ accept_init;
-
- behavior Buchi_property_behavior:
- ensures
- 0 ≡ accept_S2 ∧ 0 ≡ accept_S3 ∧ 0 ≡ accept_S4 ∧
- 0 ≡ accept_S5 ∧ 0 ≡ accept_S6 ∧ 0 ≡ accept_init;
- ensures 1 ≡ accept_all;
- */
-int main(void)
-{
- int __retres;
- main_pre_func();
- switch (rr) {
- case 1: opa();
- goto switch_0_break;
- case 3: opa();
- default: ;
- opc();
- }
- switch_0_break: ;
- opb();
- __retres = 1;
- main_post_func(__retres);
- return __retres;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'opb'
+--------------------------------------------------------------------------------
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'opc_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_switch2_0.i, line 368)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch2_0.i, line 369)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch2_0.i, line 374)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_switch2_0.i, line 377)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_test_switch2_0.i, line 380)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_test_switch2_0.i, line 383)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S6_out' (file /tmp/aorai_test_switch2_0.i, line 386)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_test_switch2_0.i, line 389)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_test_switch2_0.i, line 392)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch2_0.i, line 370)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'opc_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_switch2_0.i, line 433)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch2_0.i, line 434)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch2_0.i, line 439)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_switch2_0.i, line 442)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_test_switch2_0.i, line 445)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_test_switch2_0.i, line 448)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S6_out' (file /tmp/aorai_test_switch2_0.i, line 451)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_test_switch2_0.i, line 454)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_test_switch2_0.i, line 457)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch2_0.i, line 435)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'opc'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_switch2_0.i, line 528)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch2_0.i, line 529)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_in' (file /tmp/aorai_test_switch2_0.i, line 535)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch2_0.i, line 539)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_switch2_0.i, line 542)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_test_switch2_0.i, line 545)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_test_switch2_0.i, line 548)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S6_out' (file /tmp/aorai_test_switch2_0.i, line 551)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_test_switch2_0.i, line 554)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_test_switch2_0.i, line 557)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch2_0.i, line 530)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_switch2_0.i, line 601)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch2_0.i, line 602)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch2_0.i, line 607)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S3_out' (file /tmp/aorai_test_switch2_0.i, line 610)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S4_out' (file /tmp/aorai_test_switch2_0.i, line 613)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S5_out' (file /tmp/aorai_test_switch2_0.i, line 616)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S6_out' (file /tmp/aorai_test_switch2_0.i, line 619)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_in' (file /tmp/aorai_test_switch2_0.i, line 623)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_all_out' (file /tmp/aorai_test_switch2_0.i, line 627)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_init_out' (file /tmp/aorai_test_switch2_0.i, line 630)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch2_0.i, line 603)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S3_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S4_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S5_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S6_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_all_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_init_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 160 Completely validated
+ 160 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/test_switch3.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/test_switch3.res.oracle
index ab0f22fee2f3132b3db42027759c32a0232ad24b..7e788b6d35585947bd6a241fdea310c157ba6e65 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/test_switch3.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/test_switch3.res.oracle
@@ -1,525 +1,251 @@
[kernel] Parsing tests/aorai/test_switch3.c (with preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_test_switch30.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_countOne_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_count_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_count_post_func_post : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_accept_S2_in_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_count_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_count_pre_func_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_accept_S2_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S1_in_post : Valid
-[wp] Computing [100 goals...]
-[wp] [Qed] Goal typed_main_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S1_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_count = 2,
- op_countOne = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int T0_S2 = 0; */
-/*@ ghost int T0_init = 1; */
-/*@ ghost int accept_S1 = 0; */
-/*@ ghost int accept_S2 = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_countOne;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1,
- accept_S2;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ accept_S2 ∨ 1 ≡ T0_S2;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ accept_S2 ∧ 0 ≡ T0_S2;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
- */
-void countOne_pre_func(char *argv)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_countOne;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_S2_tmp = 0;
- accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (T0_S2 == 1) T0_S2_tmp = 1;
- else
- if (accept_S2 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_test_switch3_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires
- 1 ≡ T0_S2 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S1 ∧ 0 ≡ accept_S2;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_countOne;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1,
- accept_S2;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ T0_S2;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ T0_S2;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
- */
-void countOne_post_func(int res)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_countOne;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_S2_tmp = 0;
- accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (T0_S2 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'countOne_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- (1 ≡ T0_S2 ∨ 1 ≡ accept_S2) ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S1;
- requires 1 ≡ accept_S2 ∨ 0 ≡ accept_S2;
- requires 1 ≡ T0_S2 ∨ 0 ≡ T0_S2;
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ T0_init ∧ 0 ≡ accept_S1 ∧ 0 ≡ accept_S2;
- ensures 1 ≡ T0_S2;
- */
-int countOne(char *argv)
-{
- int r;
- countOne_pre_func(argv);
- r = 0;
- switch ((int)*(argv + 0)) {
- int tmp;
- case 0: r = 0;
- goto switch_0_break;
- case 1: case 2: case 3: default: ;
- r ++;
- tmp = countOne(argv + 1);
- r += tmp;
- }
- switch_0_break: ;
- countOne_post_func(r);
- return r;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_0.i, line 34)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_0.i, line 35)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_switch3_0.i, line 41)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_0.i, line 45)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_0.i, line 48)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_0.i, line 51)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch3_0.i, line 54)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_0.i, line 36)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_count;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1,
- accept_S2;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_in:
- assumes 1 ≡ T0_S2;
- ensures 1 ≡ accept_S2;
-
- behavior buch_state_accept_S2_out:
- assumes 0 ≡ T0_S2;
- ensures 0 ≡ accept_S2;
- */
-void count_pre_func(int argc, char **argv)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_count;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- if (T0_S2 == 1) accept_S2_tmp = 1; else accept_S2_tmp = 0;
- accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (accept_S1 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'countOne_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- (1 ≡ T0_S2 ∨ 1 ≡ accept_S1 ∨ 1 ≡ accept_S2) ∧ 0 ≡ T0_init;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_count;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1,
- accept_S2;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ accept_S2 ∨ 1 ≡ accept_S1 ∨ 1 ≡ T0_S2;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ accept_S2 ∧ 0 ≡ accept_S1 ∧ 0 ≡ T0_S2;
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_in:
- assumes 1 ≡ accept_S2 ∨ 1 ≡ T0_S2;
- ensures 1 ≡ accept_S2;
-
- behavior buch_state_accept_S2_out:
- assumes 0 ≡ accept_S2 ∧ 0 ≡ T0_S2;
- ensures 0 ≡ accept_S2;
- */
-void count_post_func(int res)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_count;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- if (T0_S2 == 1) accept_S2_tmp = 1;
- else
- if (accept_S2 == 1) accept_S2_tmp = 1; else accept_S2_tmp = 0;
- if (T0_S2 == 1) accept_S1_tmp = 1;
- else
- if (accept_S1 == 1) accept_S1_tmp = 1;
- else
- if (accept_S2 == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (accept_S1 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_0.i, line 84)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_0.i, line 85)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_switch3_0.i, line 91)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_0.i, line 95)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_0.i, line 98)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_0.i, line 101)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch3_0.i, line 104)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_0.i, line 86)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- (1 ≡ T0_S2 ∨ 1 ≡ accept_S1) ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S2;
- requires 1 ≡ accept_S1 ∨ 0 ≡ accept_S1;
- requires 1 ≡ T0_S2 ∨ 0 ≡ T0_S2;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ T0_S2 ∨ 0 ≡ T0_S2;
- ensures 1 ≡ accept_S1 ∨ 0 ≡ accept_S1;
- ensures 1 ≡ accept_S2 ∨ 0 ≡ accept_S2;
- ensures 0 ≡ T0_init;
- ensures 1 ≡ T0_S2 ∨ 1 ≡ accept_S1 ∨ 1 ≡ accept_S2;
- */
-int count(int argc, char **argv)
-{
- int __retres;
- count_pre_func(argc,argv);
- if (argc > 0) {
- int tmp;
- int tmp_0;
- tmp = countOne(*(argv + 0));
- tmp_0 = count(argc - 1,argv + 1);
- __retres = tmp + tmp_0;
- goto return_label;
- }
- __retres = 0;
- return_label: count_post_func(__retres);
- return __retres;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'countOne'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1,
- accept_S2;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ T0_init;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ T0_init;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ T0_init;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ T0_init;
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
- */
-void main_pre_func(int argc, char **argv)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_S2_tmp = 0;
- if (T0_init == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (T0_init == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- return;
-}
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ accept_S1 ∧ 0 ≡ T0_S2 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S2;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1,
- accept_S2;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
- */
-void main_post_func(int res)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_S2_tmp = 0;
- if (accept_S1 == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (accept_S1 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'count_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ T0_init ∧ 0 ≡ T0_S2 ∧ 0 ≡ accept_S1 ∧ 0 ≡ accept_S2;
-
- behavior aorai_acceptance:
- ensures 1 ≡ accept_S1 ∨ 1 ≡ accept_S2;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ T0_S2 ∨ 0 ≡ T0_S2;
- ensures 1 ≡ accept_S1 ∨ 0 ≡ accept_S1;
- ensures 0 ≡ T0_init ∧ 0 ≡ accept_S2;
- ensures 1 ≡ T0_S2 ∨ 1 ≡ accept_S1;
- */
-int main(int argc, char **argv)
-{
- int __retres;
- int somme;
- main_pre_func(argc,argv);
- somme = count(argc,argv);
- __retres = 1;
- main_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_0.i, line 157)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_0.i, line 158)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_switch3_0.i, line 164)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_0.i, line 168)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_0.i, line 171)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_0.i, line 174)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_in' (file /tmp/aorai_test_switch3_0.i, line 178)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch3_0.i, line 182)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_0.i, line 159)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'count_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_0.i, line 213)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_0.i, line 214)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_switch3_0.i, line 220)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_0.i, line 224)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_0.i, line 227)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_switch3_0.i, line 231)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_0.i, line 235)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_in' (file /tmp/aorai_test_switch3_0.i, line 239)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch3_0.i, line 243)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_0.i, line 215)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'count'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_0.i, line 304)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_0.i, line 305)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_switch3_0.i, line 311)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_0.i, line 315)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_0.i, line 318)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_switch3_0.i, line 322)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_0.i, line 326)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch3_0.i, line 329)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_0.i, line 306)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_0.i, line 359)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_0.i, line 360)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_switch3_0.i, line 366)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_0.i, line 370)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_0.i, line 373)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_switch3_0.i, line 377)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_0.i, line 381)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch3_0.i, line 384)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_0.i, line 361)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 97 Completely validated
+ 97 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/test_switch3_et_recursion.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/test_switch3_et_recursion.res.oracle
index a5cf704fc19e475aebedba6aac3a7ff595b70fb9..45efb687ec4eab245c7d220406aa015ac60fd6d3 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/test_switch3_et_recursion.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/test_switch3_et_recursion.res.oracle
@@ -1,401 +1,209 @@
[kernel] Parsing tests/aorai/test_switch3_et_recursion.c (with preprocessing)
[aorai] Welcome to the Aorai plugin
-tests/aorai/test_switch3_et_recursion.c:26:[aorai] warning: Call to countOne does not follow automaton's specification. This path is assumed to be dead
-[kernel] Parsing /tmp/aorai_test_switch3_et_recursion0.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_countOne_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_count_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_count_post_func_post : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_count_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_count_pre_func_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part9 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part8 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part1 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part6 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part5 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part4 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part3 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part7 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S1_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_count = 2,
- op_countOne = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int T0_S2 = 0; */
-/*@ ghost int T0_init = 1; */
-/*@ ghost int accept_S1 = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_countOne;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ T0_S2;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ T0_S2;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
- */
-void countOne_pre_func(char *argv)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_countOne;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (T0_S2 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- return;
-}
+[aorai] tests/aorai/test_switch3_et_recursion.c:26: Warning:
+ Call to countOne does not follow automaton's specification. This path is assumed to be dead
+[kernel] Parsing /tmp/aorai_test_switch3_et_recursion_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires \false;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_countOne;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1;
-
- behavior buch_state_T0_S2_out:
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
- */
-void countOne_post_func(int res)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_countOne;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S1_tmp = 0;
- T0_init_tmp = 0;
- T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'countOne_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ T0_S2 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S1;
-
- behavior Buchi_behavior_out_0:
- ensures 0 ≡ T0_S2;
-
- behavior Buchi_behavior_out_1:
- ensures 0 ≡ T0_init;
-
- behavior Buchi_behavior_out_2:
- ensures 0 ≡ accept_S1;
- */
-int countOne(char *argv)
-{
- int r;
- countOne_pre_func(argv);
- r = 0;
- switch ((int)*(argv + 0)) {
- int tmp;
- case 0: r = 0;
- case 1: case 2: case 3: default: ;
- r ++;
- tmp = countOne(argv + 1);
- r += tmp;
- }
- countOne_post_func(r);
- return r;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_et_recursion_0.i, line 33)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_et_recursion_0.i, line 34)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 40)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 44)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 47)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 50)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_et_recursion_0.i, line 35)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_count;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
- */
-void count_pre_func(int argc, char **argv)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_count;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (accept_S1 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'countOne_post_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ T0_S2 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S1;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_count;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1;
-
- behavior buch_state_T0_S2_out:
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ T0_S2;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ T0_S2;
- ensures 0 ≡ accept_S1;
- */
-void count_post_func(int res)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_count;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- if (T0_S2 == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- T0_init_tmp = 0;
- T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_et_recursion_0.i, line 75)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_et_recursion_0.i, line 76)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 81)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 84)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 87)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_et_recursion_0.i, line 77)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires 1 ≡ accept_S1 ∧ 0 ≡ T0_S2 ∧ 0 ≡ T0_init;
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ T0_S2 ∧ 0 ≡ T0_init;
- ensures 1 ≡ accept_S1;
- */
-int count(int argc, char **argv)
-{
- int __retres;
- count_pre_func(argc,argv);
- if (argc > 0) {
- int tmp;
- int tmp_0;
- tmp = countOne(*(argv + 0));
- tmp_0 = count(argc - 1,argv + 1);
- __retres = tmp + tmp_0;
- goto return_label;
- }
- __retres = 0;
- return_label: count_post_func(__retres);
- return __retres;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'countOne'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1;
-
- behavior buch_state_T0_S2_out:
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ T0_init;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ T0_init;
- ensures 0 ≡ accept_S1;
- */
-void main_pre_func(int argc, char **argv)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- if (T0_init == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- T0_init_tmp = 0;
- T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- return;
-}
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires 1 ≡ accept_S1 ∧ 0 ≡ T0_S2 ∧ 0 ≡ T0_init;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ accept_S1;
- */
-void main_post_func(int res)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- if (accept_S1 == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (accept_S1 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'count_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires 1 ≡ T0_init ∧ 0 ≡ T0_S2 ∧ 0 ≡ accept_S1;
-
- behavior aorai_acceptance:
- ensures 1 ≡ accept_S1;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ T0_S2 ∨ 0 ≡ T0_S2;
- ensures 1 ≡ accept_S1 ∨ 0 ≡ accept_S1;
- ensures 0 ≡ T0_init;
- ensures 1 ≡ T0_S2 ∨ 1 ≡ accept_S1;
- */
-int main(int argc, char **argv)
-{
- int __retres;
- int somme;
- main_pre_func(argc,argv);
- somme = count(argc,argv);
- __retres = 1;
- main_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_et_recursion_0.i, line 137)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_et_recursion_0.i, line 138)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 144)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 148)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 151)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 154)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_et_recursion_0.i, line 139)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'count_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_et_recursion_0.i, line 179)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_et_recursion_0.i, line 180)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 185)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 188)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 192)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 196)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_et_recursion_0.i, line 181)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'count'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_et_recursion_0.i, line 245)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_et_recursion_0.i, line 246)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 251)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 254)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 258)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 262)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_et_recursion_0.i, line 247)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_et_recursion_0.i, line 287)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_et_recursion_0.i, line 288)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 294)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 298)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 301)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 305)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_et_recursion_0.i, line 309)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_et_recursion_0.i, line 289)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 75 Completely validated
+ 75 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/test_switch3_if.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/test_switch3_if.res.oracle
index 88c0e9d0cb1000d7837bfe235e5ca00376bab973..b1f91e94e77e6096137fdca528aaeb93d5dd70e8 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/test_switch3_if.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/test_switch3_if.res.oracle
@@ -1,521 +1,251 @@
[kernel] Parsing tests/aorai/test_switch3_if.c (with preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_test_switch3_if0.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_countOne_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_count_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_count_post_func_post : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_accept_S2_in_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_count_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_count_pre_func_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_accept_S2_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S1_in_post : Valid
-[wp] Computing [100 goals...]
-[wp] [Qed] Goal typed_main_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S1_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_count = 2,
- op_countOne = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int T0_S2 = 0; */
-/*@ ghost int T0_init = 1; */
-/*@ ghost int accept_S1 = 0; */
-/*@ ghost int accept_S2 = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_countOne;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1,
- accept_S2;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ accept_S2 ∨ 1 ≡ T0_S2;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ accept_S2 ∧ 0 ≡ T0_S2;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
- */
-void countOne_pre_func(char *argv)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_countOne;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_S2_tmp = 0;
- accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (T0_S2 == 1) T0_S2_tmp = 1;
- else
- if (accept_S2 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_test_switch3_if_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires
- 1 ≡ T0_S2 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S1 ∧ 0 ≡ accept_S2;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_countOne;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1,
- accept_S2;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ T0_S2;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ T0_S2;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
- */
-void countOne_post_func(int res)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_countOne;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_S2_tmp = 0;
- accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (T0_S2 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'countOne_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- (1 ≡ T0_S2 ∨ 1 ≡ accept_S2) ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S1;
- requires 1 ≡ accept_S2 ∨ 0 ≡ accept_S2;
- requires 1 ≡ T0_S2 ∨ 0 ≡ T0_S2;
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ T0_init ∧ 0 ≡ accept_S1 ∧ 0 ≡ accept_S2;
- ensures 1 ≡ T0_S2;
- */
-int countOne(char *argv)
-{
- int r;
- countOne_pre_func(argv);
- r = 0;
- if ((int)*(argv + 0) != 0) {
- int tmp;
- r ++;
- tmp = countOne(argv + 1);
- r += tmp;
- }
- countOne_post_func(r);
- return r;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_if_0.i, line 34)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_if_0.i, line 35)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_switch3_if_0.i, line 41)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_if_0.i, line 45)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_if_0.i, line 48)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_if_0.i, line 51)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch3_if_0.i, line 54)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_if_0.i, line 36)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_count;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1,
- accept_S2;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_in:
- assumes 1 ≡ T0_S2;
- ensures 1 ≡ accept_S2;
-
- behavior buch_state_accept_S2_out:
- assumes 0 ≡ T0_S2;
- ensures 0 ≡ accept_S2;
- */
-void count_pre_func(int argc, char **argv)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_count;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- if (T0_S2 == 1) accept_S2_tmp = 1; else accept_S2_tmp = 0;
- accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (accept_S1 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'countOne_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- (1 ≡ T0_S2 ∨ 1 ≡ accept_S1 ∨ 1 ≡ accept_S2) ∧ 0 ≡ T0_init;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_count;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1,
- accept_S2;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ accept_S2 ∨ 1 ≡ accept_S1 ∨ 1 ≡ T0_S2;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ accept_S2 ∧ 0 ≡ accept_S1 ∧ 0 ≡ T0_S2;
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_in:
- assumes 1 ≡ accept_S2 ∨ 1 ≡ T0_S2;
- ensures 1 ≡ accept_S2;
-
- behavior buch_state_accept_S2_out:
- assumes 0 ≡ accept_S2 ∧ 0 ≡ T0_S2;
- ensures 0 ≡ accept_S2;
- */
-void count_post_func(int res)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_count;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- if (T0_S2 == 1) accept_S2_tmp = 1;
- else
- if (accept_S2 == 1) accept_S2_tmp = 1; else accept_S2_tmp = 0;
- if (T0_S2 == 1) accept_S1_tmp = 1;
- else
- if (accept_S1 == 1) accept_S1_tmp = 1;
- else
- if (accept_S2 == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (accept_S1 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_if_0.i, line 84)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_if_0.i, line 85)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_switch3_if_0.i, line 91)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_if_0.i, line 95)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_if_0.i, line 98)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_if_0.i, line 101)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch3_if_0.i, line 104)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_if_0.i, line 86)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- (1 ≡ T0_S2 ∨ 1 ≡ accept_S1) ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S2;
- requires 1 ≡ accept_S1 ∨ 0 ≡ accept_S1;
- requires 1 ≡ T0_S2 ∨ 0 ≡ T0_S2;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ T0_S2 ∨ 0 ≡ T0_S2;
- ensures 1 ≡ accept_S1 ∨ 0 ≡ accept_S1;
- ensures 1 ≡ accept_S2 ∨ 0 ≡ accept_S2;
- ensures 0 ≡ T0_init;
- ensures 1 ≡ T0_S2 ∨ 1 ≡ accept_S1 ∨ 1 ≡ accept_S2;
- */
-int count(int argc, char **argv)
-{
- int __retres;
- count_pre_func(argc,argv);
- if (argc > 0) {
- int tmp;
- int tmp_0;
- tmp = countOne(*(argv + 0));
- tmp_0 = count(argc - 1,argv + 1);
- __retres = tmp + tmp_0;
- goto return_label;
- }
- __retres = 0;
- return_label: count_post_func(__retres);
- return __retres;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'countOne'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1,
- accept_S2;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ T0_init;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ T0_init;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ T0_init;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ T0_init;
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
- */
-void main_pre_func(int argc, char **argv)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_S2_tmp = 0;
- if (T0_init == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (T0_init == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- return;
-}
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ accept_S1 ∧ 0 ≡ T0_S2 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S2;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1,
- accept_S2;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
- */
-void main_post_func(int res)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_S2_tmp = 0;
- if (accept_S1 == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (accept_S1 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'count_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ T0_init ∧ 0 ≡ T0_S2 ∧ 0 ≡ accept_S1 ∧ 0 ≡ accept_S2;
-
- behavior aorai_acceptance:
- ensures 1 ≡ accept_S1 ∨ 1 ≡ accept_S2;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ T0_S2 ∨ 0 ≡ T0_S2;
- ensures 1 ≡ accept_S1 ∨ 0 ≡ accept_S1;
- ensures 0 ≡ T0_init ∧ 0 ≡ accept_S2;
- ensures 1 ≡ T0_S2 ∨ 1 ≡ accept_S1;
- */
-int main(int argc, char **argv)
-{
- int __retres;
- int somme;
- main_pre_func(argc,argv);
- somme = count(argc,argv);
- __retres = 1;
- main_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_if_0.i, line 155)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_if_0.i, line 156)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_switch3_if_0.i, line 162)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_if_0.i, line 166)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_if_0.i, line 169)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_if_0.i, line 172)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_in' (file /tmp/aorai_test_switch3_if_0.i, line 176)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch3_if_0.i, line 180)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_if_0.i, line 157)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'count_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_if_0.i, line 211)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_if_0.i, line 212)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_switch3_if_0.i, line 218)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_if_0.i, line 222)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_if_0.i, line 225)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_switch3_if_0.i, line 229)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_if_0.i, line 233)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_in' (file /tmp/aorai_test_switch3_if_0.i, line 237)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch3_if_0.i, line 241)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_if_0.i, line 213)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'count'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_if_0.i, line 302)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_if_0.i, line 303)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_switch3_if_0.i, line 309)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_if_0.i, line 313)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_if_0.i, line 316)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_switch3_if_0.i, line 320)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_if_0.i, line 324)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch3_if_0.i, line 327)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_if_0.i, line 304)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_if_0.i, line 357)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_if_0.i, line 358)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_switch3_if_0.i, line 364)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_if_0.i, line 368)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_if_0.i, line 371)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_switch3_if_0.i, line 375)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_if_0.i, line 379)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch3_if_0.i, line 382)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_if_0.i, line 359)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 97 Completely validated
+ 97 Total
+--------------------------------------------------------------------------------
diff --git a/src/plugins/aorai/tests/aorai/oracle_prove/test_switch3_return.res.oracle b/src/plugins/aorai/tests/aorai/oracle_prove/test_switch3_return.res.oracle
index 7a4d8695c525f060ef9bf5b52fc55ea53260142e..5e380310afddaeac0aae4efb3d241c366e89327f 100644
--- a/src/plugins/aorai/tests/aorai/oracle_prove/test_switch3_return.res.oracle
+++ b/src/plugins/aorai/tests/aorai/oracle_prove/test_switch3_return.res.oracle
@@ -1,526 +1,251 @@
[kernel] Parsing tests/aorai/test_switch3_return.c (with preprocessing)
[aorai] Welcome to the Aorai plugin
-[kernel] Parsing /tmp/aorai_test_switch3_return0.i (no preprocessing)
-[wp] Collecting axiomatic usage
-[wp] warning: Missing RTE guards
-[wp] [Qed] Goal typed_countOne_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_countOne_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_countOne_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_count_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_count_post_func_post : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part14 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part13 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part12 : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_count_post_func_assign_part15 : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_accept_S2_in_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_count_post_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_count_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_count_pre_func_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_count_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_count_pre_func_buch_state_accept_S2_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_post_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_post_func_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_main_post_func_assign_part11 : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S1_out_post : Valid
-[wp] [Qed] Goal typed_main_post_func_buch_state_accept_S1_in_post : Valid
-[wp] Computing [100 goals...]
-[wp] [Qed] Goal typed_main_pre_func_assign_part02 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part01 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post_2 : Valid
-[wp] [Qed] Goal typed_main_pre_func_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part06 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part05 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part04 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part03 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part10 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part09 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part08 : Valid
-[wp] [Qed] Goal typed_main_pre_func_assign_part07 : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S1_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_init_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_T0_S2_in_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S2_out_post : Valid
-[wp] [Qed] Goal typed_main_pre_func_buch_state_accept_S1_out_post : Valid
-/* Generated by Frama-C */
-enum aorai_ListOper {
- op_count = 2,
- op_countOne = 1,
- op_main = 0
-};
-enum aorai_OpStatusList {
- aorai_Terminated = 1,
- aorai_Called = 0
-};
-/*@ ghost enum aorai_ListOper aorai_CurOperation = op_main; */
-/*@ ghost enum aorai_OpStatusList aorai_CurOpStatus = aorai_Called; */
-/*@ ghost int T0_S2 = 0; */
-/*@ ghost int T0_init = 1; */
-/*@ ghost int accept_S1 = 0; */
-/*@ ghost int accept_S2 = 0; */
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_countOne;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1,
- accept_S2;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ accept_S2 ∨ 1 ≡ T0_S2;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ accept_S2 ∧ 0 ≡ T0_S2;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
- */
-void countOne_pre_func(char *argv)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_countOne;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_S2_tmp = 0;
- accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (T0_S2 == 1) T0_S2_tmp = 1;
- else
- if (accept_S2 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- return;
-}
+[kernel] Parsing /tmp/aorai_test_switch3_return_0.i (no preprocessing)
+[wp] Warning: Missing RTE guards
+[report] Computing properties status...
-/*@ requires
- 1 ≡ T0_S2 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S1 ∧ 0 ≡ accept_S2;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_countOne;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1,
- accept_S2;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ T0_S2;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ T0_S2;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
- */
-void countOne_post_func(int res)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_countOne;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_S2_tmp = 0;
- accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (T0_S2 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'countOne_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- (1 ≡ T0_S2 ∨ 1 ≡ accept_S2) ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S1;
- requires 1 ≡ accept_S2 ∨ 0 ≡ accept_S2;
- requires 1 ≡ T0_S2 ∨ 0 ≡ T0_S2;
-
- behavior Buchi_property_behavior:
- ensures 0 ≡ T0_init ∧ 0 ≡ accept_S1 ∧ 0 ≡ accept_S2;
- ensures 1 ≡ T0_S2;
- */
-int countOne(char *argv)
-{
- int __retres;
- int r;
- countOne_pre_func(argv);
- r = 0;
- switch ((int)*(argv + 0)) {
- int tmp;
- case 0: __retres = 0;
- goto return_label;
- case 1: case 2: case 3: default: ;
- r ++;
- tmp = countOne(argv + 1);
- r += tmp;
- }
- __retres = r;
- return_label: countOne_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_return_0.i, line 34)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_return_0.i, line 35)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_switch3_return_0.i, line 41)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_return_0.i, line 45)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_return_0.i, line 48)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_return_0.i, line 51)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch3_return_0.i, line 54)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_return_0.i, line 36)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_count;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1,
- accept_S2;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_out:
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_in:
- assumes 1 ≡ T0_S2;
- ensures 1 ≡ accept_S2;
-
- behavior buch_state_accept_S2_out:
- assumes 0 ≡ T0_S2;
- ensures 0 ≡ accept_S2;
- */
-void count_pre_func(int argc, char **argv)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_count;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- if (T0_S2 == 1) accept_S2_tmp = 1; else accept_S2_tmp = 0;
- accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (accept_S1 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'countOne_post_func'
+--------------------------------------------------------------------------------
-/*@ requires
- (1 ≡ T0_S2 ∨ 1 ≡ accept_S1 ∨ 1 ≡ accept_S2) ∧ 0 ≡ T0_init;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_count;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1,
- accept_S2;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ accept_S2 ∨ 1 ≡ accept_S1 ∨ 1 ≡ T0_S2;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ accept_S2 ∧ 0 ≡ accept_S1 ∧ 0 ≡ T0_S2;
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_in:
- assumes 1 ≡ accept_S2 ∨ 1 ≡ T0_S2;
- ensures 1 ≡ accept_S2;
-
- behavior buch_state_accept_S2_out:
- assumes 0 ≡ accept_S2 ∧ 0 ≡ T0_S2;
- ensures 0 ≡ accept_S2;
- */
-void count_post_func(int res)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_count;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- if (T0_S2 == 1) accept_S2_tmp = 1;
- else
- if (accept_S2 == 1) accept_S2_tmp = 1; else accept_S2_tmp = 0;
- if (T0_S2 == 1) accept_S1_tmp = 1;
- else
- if (accept_S1 == 1) accept_S1_tmp = 1;
- else
- if (accept_S2 == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (accept_S1 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- return;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_return_0.i, line 84)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_return_0.i, line 85)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_switch3_return_0.i, line 91)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_return_0.i, line 95)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_return_0.i, line 98)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_return_0.i, line 101)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch3_return_0.i, line 104)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_return_0.i, line 86)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- (1 ≡ T0_S2 ∨ 1 ≡ accept_S1) ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S2;
- requires 1 ≡ accept_S1 ∨ 0 ≡ accept_S1;
- requires 1 ≡ T0_S2 ∨ 0 ≡ T0_S2;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ T0_S2 ∨ 0 ≡ T0_S2;
- ensures 1 ≡ accept_S1 ∨ 0 ≡ accept_S1;
- ensures 1 ≡ accept_S2 ∨ 0 ≡ accept_S2;
- ensures 0 ≡ T0_init;
- ensures 1 ≡ T0_S2 ∨ 1 ≡ accept_S1 ∨ 1 ≡ accept_S2;
- */
-int count(int argc, char **argv)
-{
- int __retres;
- count_pre_func(argc,argv);
- if (argc > 0) {
- int tmp;
- int tmp_0;
- tmp = countOne(*(argv + 0));
- tmp_0 = count(argc - 1,argv + 1);
- __retres = tmp + tmp_0;
- goto return_label;
- }
- __retres = 0;
- return_label: count_post_func(__retres);
- return __retres;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'countOne'
+--------------------------------------------------------------------------------
-/*@ ensures aorai_CurOpStatus ≡ aorai_Called;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1,
- accept_S2;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ T0_init;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ T0_init;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ T0_init;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ T0_init;
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
- */
-void main_pre_func(int argc, char **argv)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- aorai_CurOpStatus = aorai_Called;
- aorai_CurOperation = op_main;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_S2_tmp = 0;
- if (T0_init == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (T0_init == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- return;
-}
+[ Valid ] Default behavior
+ by Frama-C kernel.
-/*@ requires
- 1 ≡ accept_S1 ∧ 0 ≡ T0_S2 ∧ 0 ≡ T0_init ∧ 0 ≡ accept_S2;
- ensures aorai_CurOpStatus ≡ aorai_Terminated;
- ensures aorai_CurOperation ≡ op_main;
- assigns aorai_CurOpStatus, aorai_CurOperation, T0_S2, T0_init, accept_S1,
- accept_S2;
-
- behavior buch_state_T0_S2_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ T0_S2;
-
- behavior buch_state_T0_S2_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ T0_S2;
-
- behavior buch_state_T0_init_out:
- ensures 0 ≡ T0_init;
-
- behavior buch_state_accept_S1_in:
- assumes 1 ≡ accept_S1;
- ensures 1 ≡ accept_S1;
-
- behavior buch_state_accept_S1_out:
- assumes 0 ≡ accept_S1;
- ensures 0 ≡ accept_S1;
-
- behavior buch_state_accept_S2_out:
- ensures 0 ≡ accept_S2;
- */
-void main_post_func(int res)
-{
- /*@ ghost int T0_S2_tmp; */
- /*@ ghost int T0_init_tmp; */
- /*@ ghost int accept_S1_tmp; */
- /*@ ghost int accept_S2_tmp; */
- aorai_CurOpStatus = aorai_Terminated;
- aorai_CurOperation = op_main;
- T0_S2_tmp = T0_S2;
- T0_init_tmp = T0_init;
- accept_S1_tmp = accept_S1;
- accept_S2_tmp = accept_S2;
- accept_S2_tmp = 0;
- if (accept_S1 == 1) accept_S1_tmp = 1; else accept_S1_tmp = 0;
- T0_init_tmp = 0;
- if (accept_S1 == 1) T0_S2_tmp = 1; else T0_S2_tmp = 0;
- T0_S2 = T0_S2_tmp;
- T0_init = T0_init_tmp;
- accept_S1 = accept_S1_tmp;
- accept_S2 = accept_S2_tmp;
- return;
-}
+--------------------------------------------------------------------------------
+--- Properties of Function 'count_pre_func'
+--------------------------------------------------------------------------------
-/*@ requires
- 1 ≡ T0_init ∧ 0 ≡ T0_S2 ∧ 0 ≡ accept_S1 ∧ 0 ≡ accept_S2;
-
- behavior aorai_acceptance:
- ensures 1 ≡ accept_S1 ∨ 1 ≡ accept_S2;
-
- behavior Buchi_property_behavior:
- ensures 1 ≡ T0_S2 ∨ 0 ≡ T0_S2;
- ensures 1 ≡ accept_S1 ∨ 0 ≡ accept_S1;
- ensures 0 ≡ T0_init ∧ 0 ≡ accept_S2;
- ensures 1 ≡ T0_S2 ∨ 1 ≡ accept_S1;
- */
-int main(int argc, char **argv)
-{
- int __retres;
- int somme;
- main_pre_func(argc,argv);
- somme = count(argc,argv);
- __retres = 1;
- main_post_func(__retres);
- return __retres;
-}
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_return_0.i, line 162)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_return_0.i, line 163)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_switch3_return_0.i, line 169)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_return_0.i, line 173)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_return_0.i, line 176)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_return_0.i, line 179)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_in' (file /tmp/aorai_test_switch3_return_0.i, line 183)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch3_return_0.i, line 187)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_return_0.i, line 164)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+--------------------------------------------------------------------------------
+--- Properties of Function 'count_post_func'
+--------------------------------------------------------------------------------
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_return_0.i, line 218)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_return_0.i, line 219)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_switch3_return_0.i, line 225)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_return_0.i, line 229)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_return_0.i, line 232)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_switch3_return_0.i, line 236)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_return_0.i, line 240)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_in' (file /tmp/aorai_test_switch3_return_0.i, line 244)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch3_return_0.i, line 248)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_return_0.i, line 220)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'count'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_pre_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_return_0.i, line 309)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_return_0.i, line 310)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_switch3_return_0.i, line 316)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_return_0.i, line 320)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_return_0.i, line 323)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_switch3_return_0.i, line 327)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_return_0.i, line 331)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch3_return_0.i, line 334)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_return_0.i, line 311)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main_post_func'
+--------------------------------------------------------------------------------
+
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_return_0.i, line 364)
+ by Wp.typed.
+[ Valid ] Post-condition (file /tmp/aorai_test_switch3_return_0.i, line 365)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_in' (file /tmp/aorai_test_switch3_return_0.i, line 371)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_S2_out' (file /tmp/aorai_test_switch3_return_0.i, line 375)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_T0_init_out' (file /tmp/aorai_test_switch3_return_0.i, line 378)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_in' (file /tmp/aorai_test_switch3_return_0.i, line 382)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S1_out' (file /tmp/aorai_test_switch3_return_0.i, line 386)
+ by Wp.typed.
+[ Valid ] Post-condition for 'buch_state_accept_S2_out' (file /tmp/aorai_test_switch3_return_0.i, line 389)
+ by Wp.typed.
+[ Valid ] Assigns (file /tmp/aorai_test_switch3_return_0.i, line 366)
+ by Wp.typed.
+[ Valid ] Behavior 'buch_state_T0_S2_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_S2_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_T0_init_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_in'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S1_out'
+ by Frama-C kernel.
+[ Valid ] Behavior 'buch_state_accept_S2_out'
+ by Frama-C kernel.
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Properties of Function 'main'
+--------------------------------------------------------------------------------
+
+[ Valid ] Default behavior
+ by Frama-C kernel.
+
+--------------------------------------------------------------------------------
+--- Status Report Summary
+--------------------------------------------------------------------------------
+ 97 Completely validated
+ 97 Total
+--------------------------------------------------------------------------------