formal-verification

What tools exist to help one to experiment with weakly ordered concurrency? That is, in what sandbox can one play while teaching oneself about partial fences, weak atomics, acquire/consume/release semantics, lock-free algorithms and the like? The tool or sandbox one wants would exercise and stress one's weakly ordered, threaded algorithm, exposing the various ways in which the algorithm might theoretically fail. Physically running on an x86, for example, the tool would nevertheless be able to expose ARM-type failures. An open-source tool would be preferable. Please advise. References: the C+

I am a newbie user of Frama-C and have a few questions regarding assertions over pointers. Consider the C fragment below involving: two related data structures Data and Handle, s.t. Handle has a pointer to Data; a 'state' field in Data indicating whether some hypothetical operation has completed three functions: init(), start_operation() and wait(); a main() function using the above, and containing 6 assertions (A1-A6) Now, why is it that A5 and A6 cannot be asserted with the WP verifier ("frama-c -wp file.c") Shouldn't they hold due to the last "ensures" clause on start_operation()? What am I

I'm looking at doing some verification work where I've got regular tree grammars as an underlying theory. Z3 lets you define your own stuff with uninterpreted functions, but that doesn't tend to work well any time your decision procedures are recursive. They used to allow for plugins but that has been depricated, I think. I'm wondering, does anybody have a recommendation of a decent SMT solver that allows you to write decision procedures for custom theories? There are several options given that most reasonable SMT solvers are open source you can integrate theory solvers in any detail depending

I'm working my way through the chapter 4 of the lean tutorial . I'd like to be able to prove simple equalities, such as a = b → a + 1 = b + 1 without having to use the calc environment. In other words I'd like to explicitly construct the proof term of: example (a b : nat) (H1 : a = b) : a + 1 = b + 1 := sorry My best guess is that I need to use eq.subst and some relevant lemma about equality on natural numbers from the standard library, but I'm at loss. The closest lean example I can find is this: example (A : Type) (a b : A) (P : A → Prop) (H1 : a = b) (H2 : P a) : P b := eq.subst H1 H2 While

I was thinking about the fact that we can prove a program has bugs. We can test it to assess that it is more or less bug resistant. But is there a way (even theoretically) to prove that a program has no bug ? For simple programs, such as a "Hello World", I guess we should be able to do it. But what about larger programs ? There are nowadays many different formalisms that can be used to prove programs correct (e.g., formalizations in proof assistants, dependently typed programming languages, separation logic, ...). As noted by others, there is no automatic way to prove any given program correct

I came across the terms "concrete & symbolic execution" when I was going through the concept of concolic testing . (The article mentioned there, "CUTE: A concolic unit testing engine for C" , uses that term in its abstract section.) "The approach used builds on previous work combining symbolic and concrete execution, and more specifically, using such a combination to generate test inputs to explore all feasible execution paths." Can anyone please confirm what "concrete execution" means? In spite of my search, I could not find any direct citations / explicit statements. From what I have