Presentation is loading. Please wait.

Presentation is loading. Please wait.

Specifying an ADT Give function specification. Identify partial functions A function which cannot be applied on all of its possible parameters Categorize.

Published byGwenda Carr Modified over 8 years ago

Similar presentations

Presentation on theme: "Specifying an ADT Give function specification. Identify partial functions A function which cannot be applied on all of its possible parameters Categorize."— Presentation transcript:

1 Specifying an ADT Give function specification. Identify partial functions A function which cannot be applied on all of its possible parameters Categorize functions into: creator: creates a new ADT query: returns a value other than the ADT command: receives a value of the new ADT and returns a value of the new ADT Give preconditions for partial functions Give axioms to describe ADT behavior.

2 Preconditions Every partial function should have a precondition. If a function cannot return a value or should not be applied in a specific situation, it must have a precondition. Item-at(s:stack[G], i:integer) - cannot be applied unless 0 < i <= count() remove(s: stack[G]) – cannot be applied unless !empty(s)

3 Axioms Write axioms to describe the behavior of the ADT. The axioms are used for reasoning and for proving sufficiently completeness, therefore they should simplify expressions. You should have an axiom for every query applied on every command. If necessary add axioms of commands applied on commands. The expression on the right hand side of the axiom should be simpler than the one on the left hand side. In axioms, a simpler expression is shorter than a more complicated one: item-at(put(s, x), i) = item-at(s, i-1)

4 Forgetful Stack make: INTEGER FS[G] capacity: FS[G]  INTEGER item: FS[G] G put: FS[G]  G FS[G] remove: FS[G] FS[G] count: FS[G]  INTEGER item-at: FS[G]  INTEGER G AXIOMS A1.capacity(make(n)) = n A2.capacity(put(s, x)) = capacity(s) A3.capacity(remove(s)) = capacity(s) A4.count(make(n)) = 0 A5.count(put(s,x))=min(count(s)+1,capacity(s)) A6.count(remove(s)) = count(s) –1 A7.item(s) = item-at(s, 1) A8.item-at(put(s, x), 1) = x A9.i>1  item-at(put(s, x), i) = item-at(s, i-1) A10.item-at(remove(s), i) = item-at(s, i+1)      Preconditions make(n) require n  0 item(s) require count(s) > 0 put(s, x) require capacity(s) > 0 remove(s) require count(s) > 0 item-at(s, i) require 1  i  count(s)

5 Sufficiently complete Show correctness (explained later) Show that every query q i applied on every command cmd j reduces the expression. Use q i (make(n)) as base case for the induction. Assume that applying q i on an expression of size n returns a value. Show, using axioms, for every cmd j how to reduce q i (cmd j (s)) to q i (s) - the induction step.

6 Forgetful stack example q 1 = capacity cmd 1 = make(n) - Base case q 1 (cmd 1 ) = capacity(make(n)) = n (By Axiom 1) cmd 2 = put(s, x) q 1 (cmd 2 ) = capacity(put(s, x)) = capacity(s) (By Axiom 2) cmd 3 = remove(s) q 1 (cmd 3 ) = capacity(remove(s)) = capacity(s) (By Axiom 3)

7 Correctness Given expression e, prove using preconditions and axioms that every subexpression of e is correct. Proof by induction on the weight of expression e. Define a weight function on the functions of the ADT. Each ADT has its own weight function.

8 Correctness The creator is of zero weight - Base case Give a weight to every command. In the stack example: put increments the weight by 1 remove decrements the weight by 1 Assume the correctness of an expression e. Prove by induction by applying a command on an assumed correct expression s. The weight of s >= 0 (by the assumption)

9 Correctness Show that the weight of e 1 = cmd i (s) is non negative for every command cmd i. If cmd i has no precondition, like put(s, x) then e 1 = put(s, x) is correct, s assumed correct (non negative weight)  e 1 has non negative (positive) weight. Else, the outermost (last) command in e can be one of cmd j : cmd i  cmd j. e 1 = cmd i (s)  s = cmd j (s’)  e 1 = cmd i (cmd j (s ’ )) e 1 = remove(s)  s = put(s’, x)  e 1 = remove(put(s’, x)) Show using preconditions and axioms how the weight of e 1 remains non negative.

Download ppt "Specifying an ADT Give function specification. Identify partial functions A function which cannot be applied on all of its possible parameters Categorize."

Similar presentations

THE WELL ORDERING PROPERTY Definition: Let B be a set of integers. An integer m is called a least element of B if m is an element of B, and for every x.

THE WELL ORDERING PROPERTY Definition: Let B be a set of integers. An integer m is called a least element of B if m is an element of B, and for every x.
Introduction to Proofs

Introduction to Proofs
To prove by induction that 2 n ≥ n 2 for n ≥ 4, n  N Next (c) Project Maths Development Team 2011.

To prove by induction that 2 n ≥ n 2 for n ≥ 4, n  N Next (c) Project Maths Development Team 2011.
We want to prove the above statement by mathematical Induction for all natural numbers (n=1,2,3,…) Next SlideSlide 1.

We want to prove the above statement by mathematical Induction for all natural numbers (n=1,2,3,…) Next SlideSlide 1.
22C:19 Discrete Structures Induction and Recursion Fall 2014 Sukumar Ghosh.

22C:19 Discrete Structures Induction and Recursion Fall 2014 Sukumar Ghosh.
Scientific Notation.

Scientific Notation.
© 2003, Yishai Feldman Proving Sufficient Completeness Example: Set ADT.

© 2003, Yishai Feldman Proving Sufficient Completeness Example: Set ADT.
Reasoning About Code; Hoare Logic, continued

Reasoning About Code; Hoare Logic, continued
© M. Winter COSC 4P41 – Functional Programming 10. 1 Testing vs Proving Testing –uses a set of “typical” examples, –symbolic testing, –may find errors,

© M. Winter COSC 4P41 – Functional Programming Testing vs Proving Testing –uses a set of “typical” examples, –symbolic testing, –may find errors,
Chair of Software Engineering OOSC - Summer Semester 2005 1 Object-Oriented Software Construction Bertrand Meyer Lecture 3: Abstract Data Types.

Chair of Software Engineering OOSC - Summer Semester Object-Oriented Software Construction Bertrand Meyer Lecture 3: Abstract Data Types.
Comparing Integers Lesson 1.1.1.

Comparing Integers Lesson
Topic 15 Implementing and Using Stacks

Topic 15 Implementing and Using Stacks
1 Module 2: Fundamental Concepts Problems Programs –Programming languages.

1 Module 2: Fundamental Concepts Problems Programs –Programming languages.
Design by Contract. Specifications Correctness formula (Hoare triple) {P} A {Q} – A is some operation (for example, a routine body) – P and Q are predicates.

Design by Contract. Specifications Correctness formula (Hoare triple) {P} A {Q} – A is some operation (for example, a routine body) – P and Q are predicates.
Self-Reference - Induction Cmput 115 - Lecture 7 Department of Computing Science University of Alberta ©Duane Szafron 1999 Some code in this lecture is.

Self-Reference - Induction Cmput Lecture 7 Department of Computing Science University of Alberta ©Duane Szafron 1999 Some code in this lecture is.
Lecture 2: Fundamental Concepts

Lecture 2: Fundamental Concepts
Chair of Software Engineering OOSC - Lecture 4 1 Object-Oriented Software Construction Bertrand Meyer.

Chair of Software Engineering OOSC - Lecture 4 1 Object-Oriented Software Construction Bertrand Meyer.
Dr. Muhammed Al-Mulhem 1ICS535-101 ICS 535 Design and Implementation of Programming Languages Part 1 Fundamentals (Chapter 4) Axiomatic Semantics ICS 535.

Dr. Muhammed Al-Mulhem 1ICS ICS 535 Design and Implementation of Programming Languages Part 1 Fundamentals (Chapter 4) Axiomatic Semantics ICS 535.
CHAPTER 6 Stacks. 2 A stack is a linear collection whose elements are added and removed from one end The last element to be put on the stack is the first.

CHAPTER 6 Stacks. 2 A stack is a linear collection whose elements are added and removed from one end The last element to be put on the stack is the first.
Topic 15 Implementing and Using Stacks

Topic 15 Implementing and Using Stacks

Similar presentations

Ads by Google