|
|
|
|
|
|
by tinco
3621 days ago
|
|
|
It is not the verification that is laborious, although it can be computationally intensive, it is the specification. It is making sure that whatever it is you are proving is actually exactly and completely what you desire of the function. In this case the proof did not properly account for the full range of inputs, of at least skipped over the fact that in real hardware the integer domains are finite. There's a lot of formal verification tools out there though, they do make it easier,easy enough to at least properly verify the correctness of a simple sorting algorithm. |
|
|