You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: tutorial/FrameConditions.md
+10-2Lines changed: 10 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -47,6 +47,16 @@ so its use is not recommended.
47
47
An explicit frame condition states which memory locations might be changed by the method at hand. Anything not mentioned is assumed to be unchanged. In fact, a method
48
48
is not allowed to *assign* to a memory location (even with the same value) unless it is listed in the frame condition --- this makes the check for violations of the frame condition, whether by tool or by eye, independent of the values computed.
49
49
50
+
If there is no explicit frame condition clause in a method's specification (case), then a default is used, namely `assigns \everything;`--- which means exactly that: after a call of this method, any memory location in the state might have been written to and might be changed. It is very difficult to prove anything about a program that includes a call to a method with such a frame condition. Thus *you must include a frame condition for any method that is called within a program*.
51
+
52
+
In our example above, before we added a frame clause, the effective frame
53
+
clause was `assigns \everything`. Then in method `test` the call of
54
+
`increment1` is specified as potentially changing every memory location,
55
+
including `counter2` in this example.
56
+
57
+
You can also write `assignss \nothing`, which means no memory locations
58
+
may be assigned to.
59
+
50
60
So now our example looks like this:
51
61
```
52
62
{% include_relative T_frame3.java %}
@@ -69,8 +79,6 @@ that is written to in the body of `m`.
69
79
*`a[*]` for array expression `a` means all elements of that array
70
80
*`a[i..j]` for expressions `a`, `i`, and `j` means the stated range of array elements, from `i` to `j` inclusive.
71
81
72
-
If there is no frame condition clause at alli in a method's specifications, then a default is used, namely `assigns \everything;`--- which means exactly that: after a call of this method, any memory location in the state might have been written to and might be changed. It is very difficult to prove anything about a program that includes a call to a method with such a frame condition. Thus *you must include a frame condition for any method that is called within a program*.
73
-
74
82
A shorthand way to say that a method `assigns \nothing;` is to designate it `pure`, as in
0 commit comments