To run CPAcheck, we need to install the Java runtime. This is available in the Ubuntu repository, and we use apt-get to install it.

The next step is to download CPAcheck itself. We use the wget tool to download the archive file and feed it to tar utility immediately to extract it. When completed, the tool can be found in the CPAchecker-1.9-unix directory.

We use one of the pre-packaged example files to check how the tool works:

./scripts/cpa.sh -default doc/examples/example.c

It generates the following output:

We can see, the tool has not discovered any issues with this file. There is no similar file that contains bugs in the CPAcheck archive, but we can download it from its site:

$ wget https://raw.githubusercontent.com/sosy-lab/cpachecker/trunk/doc/examples/example_bug.c

We run the tool again and get the following output:

Now, the result is different: an error was detected. We can open an HTML report generated by the tool for further analysis. Besides logs and statistics, it also displays a flow automation graph:

Formal validation methods and tools are complex and can deal with relatively simple applications, but they guarantee the correctness of application logic in all cases.