top | item 42532225

(no title)

One thing that’s kind of interesting about SPARK in particular - all the contracts get compiled to why3ml as an intermediate step before running through the solvers. If there are any VCs that can’t be discharged using the automatic provers, you can manually prove them using Coq: https://blog.adacore.com/using-coq-to-verify-spark-2014-code

I think the lines between what some consider true DT and what is possible w/ Ada might be more blurred than people expect.

discuss

No comments yet.