Auto-Active Proof of Red-Black Trees in SPARK

  title={Auto-Active Proof of Red-Black Trees in SPARK},
  author={Claire Dross and Yannick Moy},
Formal program verification can guarantee that a program is free from broad classes of errors (like reads of uninitialized data and run-time errors) and that it complies with its specification. Tools such as SPARK make it cost effective to target the former in an industrial context, but the latter is much less common in industry, owing to the cost of specifying the behavior of programs and even more the cost of achieving proof of such specifications. We have chosen in SPARK to rely on the… CONTINUE READING


Publications citing this paper.