Pre/Post Condition Logic 03/06/2013. Agenda Hoare’s Logic Overview Application to Pre/Post Conditions.

Slides:



Advertisements
Similar presentations
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Advertisements

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 12.
Semantics Static semantics Dynamic semantics attribute grammars
PZ03D Programming Language design and Implementation -4th Edition Copyright©Prentice Hall, PZ03D - Program verification Programming Language Design.
ICE1341 Programming Languages Spring 2005 Lecture #6 Lecture #6 In-Young Ko iko.AT. icu.ac.kr iko.AT. icu.ac.kr Information and Communications University.
Reasoning About Code; Hoare Logic, continued
Hoare’s Correctness Triplets Dijkstra’s Predicate Transformers
Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 11.
Partial correctness © Marcelo d’Amorim 2010.
Axiomatic Semantics The meaning of a program is defined by a formal system that allows one to deduce true properties of that program. No specific meaning.
Copyright © 2006 Addison-Wesley. All rights reserved.1-1 ICS 410: Programming Languages Chapter 3 : Describing Syntax and Semantics Axiomatic Semantics.
ISBN Chapter 3 Describing Syntax and Semantics.
1 Discrete Structures Lecture 29 Predicates and Programming Read Ch
Predicate Transformers
1 Semantic Description of Programming languages. 2 Static versus Dynamic Semantics n Static Semantics represents legal forms of programs that cannot be.
VIDE Integrated Environment for Development and Verification of Programs.
Copyright W. Howden1 Lecture 13: Programming by Contract.
Static and Dynamic Contract Verifiers For Java Hongming Liu.
Axiomatic Semantics Dr. M Al-Mulhem ICS
Copyright © 2006 The McGraw-Hill Companies, Inc. Programming Languages 2nd edition Tucker and Noonan Chapter 18 Program Correctness To treat programming.
PSUCS322 HM 1 Languages and Compiler Design II Formal Semantics Material provided by Prof. Jingke Li Stolen with pride and modified by Herb Mayer PSU Spring.
Dr. Muhammed Al-Mulhem 1ICS ICS 535 Design and Implementation of Programming Languages Part 1 Fundamentals (Chapter 4) Axiomatic Semantics ICS 535.
CS 330 Programming Languages 09 / 16 / 2008 Instructor: Michael Eckmann.
Software Verification Bertrand Meyer Chair of Software Engineering Lecture 2: Axiomatic semantics.
Describing Syntax and Semantics
Floyd Hoare Logic. Semantics A programming language specification consists of a syntactic description and a semantic description. Syntactic description:symbols.
Proving Program Correctness The Axiomatic Approach.
MCA –Software Engineering Kantipur City College. Topics include  Formal Methods Concept  Formal Specification Language Test plan creation Test-case.
Reading and Writing Mathematical Proofs
Aquinas Hobor and Cristian Gherghina (National University of Singapore) TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.:
Chapter 25 Formal Methods Formal methods Specify program using math Develop program using math Prove program matches specification using.
ISBN Chapter 3 Describing Semantics -Attribute Grammars -Dynamic Semantics.
CS 363 Comparative Programming Languages Semantics.
Application: Correctness of Algorithms Lecture 22 Section 4.5 Fri, Mar 3, 2006.
Reading and Writing Mathematical Proofs Spring 2015 Lecture 4: Beyond Basic Induction.
Chapter 5: Sequences, Mathematical Induction, and Recursion 5.5 Application: Correctness of Algorithms 1 [P]rogramming reliability – must be an activity.
Reasoning about programs March CSE 403, Winter 2011, Brun.
Program Analysis and Verification Spring 2014 Program Analysis and Verification Lecture 4: Axiomatic Semantics I Roman Manevich Ben-Gurion University.
Application: Correctness of Algorithms Lecture 22 Section 4.5 Fri, Feb 18, 2005.
ISBN Chapter 3 Describing Semantics.
Chapter 3 Part II Describing Syntax and Semantics.
Programming Languages and Design Lecture 3 Semantic Specifications of Programming Languages Instructor: Li Ma Department of Computer Science Texas Southern.
Semantics In Text: Chapter 3.
Languages and Compilers
COP4020 Programming Languages Introduction to Axiomatic Semantics Prof. Robert van Engelen.
13 Aug 2013 Program Verification. Proofs about Programs Why make you study logic? Why make you do proofs? Because we want to prove properties of programs.
Verifying Properties of Parallel Programs: An Axiomatic Approach Susan Owicki and David Gries Communications of the ACM, 1976 Presented by Almog Benin.
Principle of Programming Lanugages 3: Compilation of statements Statements in C Assertion Hoare logic Department of Information Science and Engineering.
Pre/Post Condition Discussion 03/13/2013. Quicksort int main(int argc, char* argv[]) { int numbers[SIZE] = {2,5,3…} struct Sorter s; // initialize generic.
Dr. Naveed Riaz Design and Analysis of Algorithms 1 1 Formal Methods in Software Engineering Lecture # 26.
Cs7100(Prasad)L18-9WP1 Axiomatic Semantics Predicate Transformers.
CSC3315 (Spring 2009)1 CSC 3315 Languages & Compilers Hamid Harroud School of Science and Engineering, Akhawayn University
1 Computer Algorithms Tutorial 2 Mathematical Induction Some of these slides are courtesy of D. Plaisted et al, UNC and M. Nicolescu, UNR.
CORRECTNESS ISSUES AND LOOP INVARIANTS Lecture 8 CS2110 – Fall 2014.
Chapter 3 of Programming Languages by Ravi Sethi
Reasoning About Code.
Reasoning about code CSE 331 University of Washington.
Formal Methods in Software Engineering 1
Lecture 5 Floyd-Hoare Style Verification
Programming Languages and Compilers (CS 421)
Programming Languages 2nd edition Tucker and Noonan
Formal Methods in software development
Predicate Transformers
Formal Methods in software development
Program correctness Axiomatic semantics
Program Verification with Hoare Logic
Programming Languages and Compilers (CS 421)
Programming Languages 2nd edition Tucker and Noonan
COP4020 Programming Languages
Presentation transcript:

Pre/Post Condition Logic 03/06/2013

Agenda Hoare’s Logic Overview Application to Pre/Post Conditions

Hoare Logic Prove partial correctness of computer programs Prove termination separately Hoare triple {P} C {Q} P and Q are assertions P = precondition Q = postcondition C is a command When P holds a state before C is executed, then Q will hold after (or C does not terminate)

Hoare Logic Partially correct Assuming precondition is true before function executes Postcondition is true after function executes Totally correct Precondition is true Function guaranteed to terminate Postcondition is true Total correctness = Partial correctness + termination

Hoare Logic Rules Empty statement {P} skip {P} Skip statement doesn’t change program state Assignment {x = 5} x := x * 2 {x > 0} Clearly correct, but not precise x > 5 && x < 20 is better as a postcondition { ∃ x, y. (y > 0) ∧ (n = x y )} n := n * (n + 1) { ∃ x, y. (n = x y )} With quantifiers To me, seems to be basic predicate logic as applied to programming constructs

Hoare Logic Example r := 1; i := 0; while i < m do r := r * n; i := i + 1

Hoare Logic Example r := 1; i := 0; while i < m do r := r * n; i := i + 1 Prove that function computes nth power of m, and leaves result in r

Hoare Logic Postcondition definition r := 1; i := 0; while i < m do r := r * n; i := i + 1 Postcondition: r = n m

Hoare Logic Defining pre- and postconditions r := 1; i := 0; while i < m do r := r * n; i := i + 1 Determine precondition(s) Must have m >= 0 No provision for dividing by n 0 0 Precondition: m >= 0 && n > 0 Determine precondition(s) Must have m >= 0 No provision for dividing by n 0 0 Precondition: m >= 0 && n > 0

Hoare Logic Next step would be to generate a proof to ensure specification is correct Get into SAT solvers, etc.

Application Based on Hoare’s logic syntax, the sorting algorithms had pre/postconditions added void call_sort(struct Sorter* sorter_) { if (sorter_->sort_fn != NULL) { sorter_->sort_fn(sorter_->numbers_, 0, SIZE-1); } Composing in wrapper

Application Based on Hoare’s logic syntax, the sorting algorithms had pre/postconditions added // preconditions: sorter_ != NULL // preconditions: sorter_.numbers_ = array of integers // preconditions: sorter_.sort_fn != NULL // postconditions: sorter_.numbers_[0] <=... <= // sorter_.numbers_[SIZE-1] void call_sort(struct Sorter* sorter_) { if (sorter_->sort_fn != NULL) { sorter_->sort_fn(sorter_->numbers_, 0, SIZE-1); }

Application Based on Hoare’s logic syntax, the sorting algorithms had pre/postconditions added // preconditions: sorter_ != NULL // preconditions: sorter_.numbers_ = array of integers // preconditions: sorter_.sort_fn != NULL // postconditions: sorter_.numbers_[0] <=... <= // sorter_.numbers_[SIZE-1] void call_sort(struct Sorter* sorter_) { if (sorter_->sort_fn != NULL) { sorter_->sort_fn(sorter_->numbers_, 0, SIZE-1); } Ensure incoming array is not unassigned

Application Based on Hoare’s logic syntax, the sorting algorithms had pre/postconditions added Array type // preconditions: sorter_ != NULL // preconditions: sorter_.numbers_ = array of integers // preconditions: sorter_.sort_fn != NULL // postconditions: sorter_.numbers_[0] <=... <= // sorter_.numbers_[SIZE-1] void call_sort(struct Sorter* sorter_) { if (sorter_->sort_fn != NULL) { sorter_->sort_fn(sorter_->numbers_, 0, SIZE-1); }

Application Based on Hoare’s logic syntax, the sorting algorithms had pre/postconditions added Precondition that function pointer must be active // preconditions: sorter_ != NULL // preconditions: sorter_.numbers_ = array of integers // preconditions: sorter_.sort_fn != NULL // postconditions: sorter_.numbers_[0] <=... <= // sorter_.numbers_[SIZE-1] void call_sort(struct Sorter* sorter_) { if (sorter_->sort_fn != NULL) { sorter_->sort_fn(sorter_->numbers_, 0, SIZE-1); }

Application Based on Hoare’s logic syntax, the sorting algorithms had pre/postconditions added Postcondition that the array must be sorted in ascending order // preconditions: sorter_ != NULL // preconditions: sorter_.numbers_ = array of integers // preconditions: sorter_.sort_fn != NULL // postconditions: sorter_.numbers_[0] <=... <= // sorter_.numbers_[SIZE-1] void call_sort(struct Sorter* sorter_) { if (sorter_->sort_fn != NULL) { sorter_->sort_fn(sorter_->numbers_, 0, SIZE-1); }

Application Based on Hoare’s logic syntax, the sorting algorithms had pre/postconditions added No postcondition for what type of array…. // preconditions: sorter_ != NULL // preconditions: sorter_.numbers_ = array of integers // preconditions: sorter_.sort_fn != NULL // postconditions: sorter_.numbers_[0] <=... <= // sorter_.numbers_[SIZE-1] void call_sort(struct Sorter* sorter_) { if (sorter_->sort_fn != NULL) { sorter_->sort_fn(sorter_->numbers_, 0, SIZE-1); }

Application The majority of the other examples boiled down to the same thing Incoming array Outgoing sorted array

Thoughts Tool could be written in Python to automatically parse pre/postconditions Easy to use for text parsing Also pull out method signature Format and send output/objects to Puppy for use in algorithm Initial pass could verify overall correctness of logical syntax Could be called as an entry point into the developed tool (We could also leverage some of the STL/Boost libraries as well if the preference is to stick with a single language)

References Hoare, Charles Antony Richard. "An axiomatic basis for computer programming." Communications of the ACM (1969): hoare-notes.pdf pdf

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.