Why prover unable to validate few ASCL Annotations
ID0001163: This issue was created automatically from Mantis Issue 1163. Further discussion may take place here.
| Id | Project | Category | View | Due Date | Updated |
|---|---|---|---|---|---|
| ID0001163 | Frama-C | Plug-in > wp | public | 2012-04-16 | 2012-04-20 |
| Reporter | nmuller | Assigned To | correnson | Resolution | no change required |
| Priority | normal | Severity | minor | Reproducibility | always |
| Platform | - | OS | - | OS Version | - |
| Product Version | Frama-C Nitrogen-20111001 | Target Version | - | Fixed in Version | - |
Description :
<<< Expected Behaviour: >>> The objective of the C program is to find the absolute value of the difference between two floating point values and to prove that the difference in either way is equal i.e (|A-B| == |B-A|), the value of A ranges from (-25.0 < A < 25.0) and the value of B ranges from (-53.5 < B < 53.5), the important criteria that must was taken is that (7 < |A-B| < 28.5),the program uses several asserstions and loop annotations in the ACSL inside the C source code,
<<< Actual Behaviour: >>> When the C program is called by the gWhy to verify the VC's , we encountered some problems, by using the provers ( Alt-ergo, Simplify,CVC3 & Gappa) we were not able to validate all the VC's , as a common we had 2 VC's which are not validated by all the provers, which is quite suprising, the reason is that , if we look into the ACSL annotations, we could see that there is use of similar kind of two statements is the following lines, and the provers are able to validated those VC's which are of the same type of declarations and same way of usage,the question here is why are the provers not able to prove those two lines of annotations but could prove them in the next few lines but with different variables ?
<<< Prover Peformances >>>
S.N Prover Percent Total Valid Invalid Unknown TimeOut Failure
- Alt-ergo 97% 73 71 0 0 2 0
- Simplify 92% 73 67 0 0 6 0
- CVC3 97% 73 71 0 0 0 2
- Gappa 89% 73 65 0 8 0 0
- The time was even changed from 10 sec to 300 sec inorder to see if the impact of timeout may resolve but the results remained unchanged.
Additional Information :
- The time was even changed from 10 sec to 300 sec inorder to see if the impact of timeout may resolve but the results remained unchanged.
All the four provers are having trouble in validating the 2 Particular VC's, they are
- assertion - line 22
- loop invariant preserved - line 16