gobra icon indicating copy to clipboard operation
gobra copied to clipboard
verified publisher icon viperproject

Disallow use of ghost members in non-ghost code

Open viper-admin opened this issue 5 years ago • 2 comments

Created by @arquintl on 2020-06-19 09:45

I’ve observed that the following code snippet successfully verifies with Gobra. However, in my opinion this should only work if h is marked as a ghost variable.

package main

type Rectangle struct {
    Width, Height int
}

ghost
requires acc(r.Height)
ensures acc(r.Height)
pure func GetHeight(r *Rectangle) (res int) {
    return r.Height
}

func main() {
    r! := Rectangle{Width: 2, Height: 5}
    h := GetHeight(&r)
    assert h == GetHeight(&r) && h == 5
}

viper-admin avatar Jun 19 '20 09:06 viper-admin

Here is another example from Peter. anotherExample.txt

Felalolf avatar Sep 30 '20 15:09 Felalolf

This issue might have been fixed by #239

ArquintL avatar Feb 04 '22 10:02 ArquintL