[quentinkent1]

The goal of the user is to prove some properties over an input program. Usual properties are: all array accesses are within boundaries, no division by zero, all used values are initialized, all de-referenced pointers are non-null, etc... The kind of properties that makes a program safe to run and crash-free.

The tool will either prove that all the properties hold (user is happy), or prove that some property does not hold at some point in the program (user knows what to fix usually), or bail-out with no proof at all for a property at some point (user has to modify the program to make it more understandable by the tool).

The accepted language is still Turing-complete (C or C++) and the tool is not solving the halting problem in the general case since it can bail-out with no proof.

[planede]

Detecting division by zero with 100% accuracy in a general C or C++ program without assistance is equivalent to the halting problem.

Now I'm not saying that they solved the halting problem, as that is not possible. Rather that there is missing information on the linked page. Either:

1. The tool requires the an external machine-checkable proof that no division by zero happens.

2. Certain language constructs are disallowed. They probably just ban goto (this is fine), possibly also recursion, multiple return statements, loops without a hard bound of iteration, etc... .

Or both. Where can I find information about this?

[aeneasmackenzie]

Usually these tools just bail out. This is fine for the domain. Any division where the divisor is not known nonzero is a bug even if it will never happen because you probably aren't sure it will never happen either.

[muldvarp]

> Or both.

Neither, the tool has false positives, i.e. it sometimes reports divions as a potential divion by zero even though it isn't one.