Skip to content

Commit aad4f6f

Browse files
committed
Suppress spurious proof warning for gen_matrix()
gen_matrix() does not have loop invariants, so goto-instrument warns about this, even though gen_matrix() is not called directly by indcpa_enc() but it _does_ appears in the same translation unit. The warning can be suppressed by explicitly adding gen_matrix() to the USE_FUNCTION_CONTRACTS list in the Makefile. Signed-off-by: Rod Chapman <rodchap@amazon.com>
1 parent fc46b0a commit aad4f6f

1 file changed

Lines changed: 5 additions & 0 deletions

File tree

proofs/cbmc/indcpa_enc/Makefile

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,11 @@ CHECK_FUNCTION_CONTRACTS=mlk_indcpa_enc
2323
USE_FUNCTION_CONTRACTS = mlk_indcpa_enc_u
2424
USE_FUNCTION_CONTRACTS += mlk_indcpa_enc_v
2525
USE_FUNCTION_CONTRACTS += mlk_zeroize
26+
27+
# Suppress spurious warning for gen_matrix() not having loop contracts
28+
# by making it appear to be call-by-contract
29+
USE_FUNCTION_CONTRACTS += mlk_gen_matrix
30+
2631
APPLY_LOOP_CONTRACTS=on
2732
USE_DYNAMIC_FRAMES=1
2833

0 commit comments

Comments
 (0)