Parameterized messages lead to unprovable VCs

AdaCore / RecordFlux

Formal specification and generation of verifiable binary parsers, message generators and protocol state machines

Apache License 2.0

104 stars 6 forks source link

Closed kanigsson closed 2 years ago

kanigsson commented 2 years ago

The postcondition of Set_Scalar doesn't state that the parameters of a parameterized message stay unchanged, which leads to unprovable checks.