0

I am working with Frama-C formal specification for two methods:

/*@ requires n >= 0;
    ensures result >= 0;    
    terminates n == 0; 
 */
int decimal_binary(int n)  
{
    int rem, i = 1, binary = 0;
    while (n != 0)
    {
        rem = n % 2;
        n /= 2;
        binary += rem * i;
        i *= 10;
    }
    return binary;
}
/*@ requires n >= 0;
    ensures result >= 0;    
    terminates n == 0; 
*/
int binary_decimal(int n) 
{
    int decimal = 0, i = 1, rem;
    while (n != 0)
    {
        rem = n % 10;
        n /= 10;
        decimal += rem * i;
        i = i << 1;
    }
    return decimal;
}

This above is what i got after my current work. I dont have idea how describe variables and loops.

Pascal Cuoq
  • 79,187
  • 7
  • 161
  • 281
user2667455
  • 99
  • 2
  • 9
  • what is your question? it would be a good idea to declare everything as `unsigned int` or query the input to be > 0. – mch Feb 12 '15 at 17:01
  • My question is how for example describe: int decimal, i and rem variables in binary_decimal. Also how to describe behaviours in loops ? – user2667455 Feb 12 '15 at 17:11
  • Are you referring to Binary Coded Decimal (BCD) to do you need to know how to output in binary or decimal? – Thomas Matthews Feb 12 '15 at 17:13
  • I am working with ACSL formal specification. I found this: http://frama-c.com/acsl_tutorial_index.html . But i still dont know how to describe variables , and loops. – user2667455 Feb 12 '15 at 17:14
  • It is still unclear what you mean by "describe variables and loops". In ACSL, you write `loop invariant`s that indicate properties that hold for any number of loop steps (including 0), and that can refer to any variable in scope at the loop statement itself. Note in addition that you're missing the `\` in `\result`. Finally, your question is purely about C, you should remove the C++ tag. – Virgile Feb 12 '15 at 17:45
  • My problem is that i need template/clue how to describe variables and while loop – user2667455 Feb 12 '15 at 17:57

0 Answers0