Questions tagged [spark-formal-verification]
10 questions
12
votes
3 answers
Proving Floor_Log2 in Spark
New to Spark, and new to Ada, so this question may be overly broad. However, it's asked in good faith, as part of an attempt to understand Spark. Besides direct answers to the questions below, I welcome critique of style, workflow, etc.
As my first…
addaon
- 1,097
- 9
- 25
4
votes
2 answers
How to mark unreachable code in Ada/SPARK
I have the following code:
function Linear_Search (A : Elem_Array; E : Elem) return Index is
begin
for i in A'Range loop
pragma Loop_Invariant (for some J in i .. A'Last => A (J) = E);
if A (i) = E then
…
TamaMcGlinn
- 2,840
- 23
- 34
4
votes
1 answer
Potential aliasing violation in swap array indexes SPARK-Ada
The Introduction to Spark course contains an example (#5) where GNATprove fails to prove that no aliasing occurs in a procedure that swaps two elements of an array:
package P
with SPARK_Mode => On
is
type P_Array is array (Natural range <>) of…
Daniel Ricketts
- 447
- 2
- 8
3
votes
3 answers
Do pre and post conditions take the place of in function validation?
I have been trying to learn the basics of using SPARK and I have got my head round using the pre and post conditions, but I am unsure whether they take the place of validation? for example a function for a plane that will not switch into takeoff…
HubertBlu
- 747
- 1
- 7
- 20
2
votes
1 answer
Can SPARK be used to prove that Quicksort actually sorts?
I'm not a user of SPARK. I'm just trying to understand the capabilities of the language.
Can SPARK be used to prove, for example, that Quicksort actually sorts the array given to it?
(Would love to see an example, assuming this is simple)
MWB
- 11,740
- 6
- 46
- 91
2
votes
2 answers
Find factor of a number
I want to find the smallest factor of a value with below specification
procedure S_Factor (N : in out Positive; Factor : out Positive) with
SPARK_Mode,
Pre => N > 1,
Post => (Factor > 1) and
(N'Old / Factor = N)…
PoliteMan
- 43
- 4
1
vote
1 answer
Can you cheat contracts / asserts in SPARK?
Suppose I have a subprogram written using the SPARK Ada subset with postconditions verifying some property - for example, that the returned array is sorted, whose body just calls out to a function external to SPARK - for example, a C/C++ function…
TamaMcGlinn
- 2,840
- 23
- 34
1
vote
1 answer
How to use Assert and loop_invariants
Specification:
package PolyPack with SPARK_Mode is
type Vector is array (Natural range <>) of Integer;
function RuleHorner (X: Integer; A : Vector) return Integer
with
Pre => A'Length > 0 and A'Last < Integer'Last;
end PolyPack ;
I want to write…
PoliteMan
- 43
- 4
1
vote
1 answer
GNATprove: "postcondition might fail" in simple function
I want to write a simple function that finds the biggest number in given Integer array. Here is specification:
package Maximum with SPARK_Mode is
type Vector is array(Integer range <>) of Integer;
function Maximum (A : in Vector) return…
Android developer
- 1,272
- 1
- 12
- 17
1
vote
3 answers
Spark Proof annotation
hello I am trying to write proof annotations from this function .. this is written using the Spark programming language
function Read_Sensor_Majority return Sensor_Type is
count1:Integer:=0;
count2:Integer:=0;
…
mohammad Mustafa
- 41
- 1
- 1
- 4