--- layout: fc_discuss_archives title: Message 15 from Frama-C-discuss on May 2014 ---
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Frama-c-discuss] Puzzled about apparent proof of false contract



2014-05-20 15:48 GMT+02:00 CORRENSON Loic 218851 <loic.correnson at cea.fr>:
>
> However, it is surprising that value-analysis plugin does not complain for this potential overflow.

There's nothing surprising here. All computations in this example are
done on unsigned integers, whose overflow semantics is perfectly
defined (for once) by the standard. Hence no warning is output by
default, and the modulo is taken. Alarms will be generated if
-warn-unsigned-overflow is set. More information about overflows and
integer downcasts warnings can be found with frama-c -kernel-help.

Best regards,
-- 
E tutto per oggi, a la prossima volta
Virgile