Presentation is loading. Please wait.

Presentation is loading. Please wait.

Section 1: Code Reasoning

Published byĐỗ Triệu Modified over 5 years ago

Similar presentations

Presentation on theme: "Section 1: Code Reasoning"— Presentation transcript:

1 Section 1: Code Reasoning

2 Today’s Goals Review of code reasoning
Practice forward and backward reasoning on straight-line and if-statement code Practice identifying the strongest assertion

3 Before we begin . . . “=” vs. “==” Read the lecture notes

4 Reasoning About Code Two purposes
Prove our code is correct Understand why code is correct Forward reasoning: determine what follows from initial conditions Backward reasoning: determine sufficient conditions to obtain a certain result

5 Worksheet Problems 1 through 4 15 Minutes – get as far as you can
You can collaborate with other students Grab a TA if you feel stuck

6 Forward Reasoning {x >= 0, y >= 0}
y = 16; x = x + y x = sqrt(x) y = y - x {x >= 0, y = 16} {x >= 16, y = 16} {x >= 4, y = 16} {x >= 4, y <= 12}

7 Forward Reasoning {true} if (x > 0) { abs = x } else { abs = -x
{x > 0, abs = x OR x <= 0, abs = -x} {abs = |x|}

8 Backward Reasoning {x + 3b - 4 > 0} a = x + b; c = 2b - 4 x = a + c
{a + 2b – 4 > 0} {a + c > 0} {x > 0}

9 Backward Reasoning {y > 15 || (y <= 5 && y + z > 17)}
if (y > 5) { x = y + 2 } else { x = y + z; {y > 15} {x > 17} {y + z > 17} {x > 17} {x > 17}

10 Implication Hoare triples are just an extension of logical implication
Hoare triple: {P} S {Q} P → Q after statement S P Q P → Q T F T F Everything implies true False implies everything

11 Weaker vs. Stronger If P1 → P2, then
P1 is stronger than P2 P2 is weaker than P1 Weaker statements are more general Stronger statements are more restrictive

12 Worksheet Problem 5

13 Worksheet “y > 23” “y >= 23” “y = 23” “y >= 23”
“I attend quiz sections.” “I attend quiz sections on Thursdays.” “y > 23” “y >= 23” “y = 23” “y >= 23” “y < ” “y < 0.23” “y is prime” “y <= 17”

14 Worksheet “y > 23” “y >= 23” “y = 23” “y >= 23”
“I attend quiz sections.” “I attend quiz sections on Thursdays.” “y > 23” “y >= 23” “y = 23” “y >= 23” “y < ” “y < 0.23” “y is prime” “y <= 17”

15 Worksheet “y > 23” “y >= 23” “y = 23” “y >= 23”
“I attend quiz sections.” “I attend quiz sections on Thursdays.” “y > 23” “y >= 23” “y = 23” “y >= 23” “y < ” “y < 0.23” “y is prime” “y <= 17”

16 Worksheet “y > 23” “y >= 23” “y = 23” “y >= 23”
“I attend quiz sections.” “I attend quiz sections on Thursdays.” “y > 23” “y >= 23” “y = 23” “y >= 23” “y < ” “y < 0.23” “y is prime” “y <= 17”

17 Worksheet “y > 23” “y >= 23” “y = 23” “y >= 23”
“I attend quiz sections.” “I attend quiz sections on Thursdays.” “y > 23” “y >= 23” “y = 23” “y >= 23” “y < ” “y < 0.23” “y is prime” “y <= 17”

18 Worksheet “y > 23” “y >= 23” “y = 23” “y >= 23”
“I attend quiz sections.” “I attend quiz sections on Thursdays.” “y > 23” “y >= 23” “y = 23” “y >= 23” “y < ” “y < 0.23” “y is prime” “y <= 17” -- ?

19 Weakest Precondition The most lenient assumptions such that a postcondition will be satisfied If P* is the weakest precondition for {P} S {Q}, then P → P* for all P that make the Hoare triple valid Notation: WP = wp(S, Q)

20 Weakest Precondition wp(x = y*y, x > 4)

21 Weakest Precondition wp(x = y*y, x > 4) |y| > 2

22 Weakest Precondition wp(x = y*y, x > 4) |y| > 2
wp(y = x+1;z = y-3, z = 10)

23 Weakest Precondition wp(x = y*y, x > 4) wp(y = x+1;z = y-3, z = 10)
wp(y = x+1, wp(z = y-3, z = 10)) wp(y = x+1, y-3 = 10) wp(y = x+1, y = 13) x = 12

24 Questions

Download ppt "Section 1: Code Reasoning"

Similar presentations

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
ICE1341 Programming Languages Spring 2005 Lecture #6 Lecture #6 In-Young Ko iko.AT. icu.ac.kr iko.AT. icu.ac.kr Information and Communications University.

ICE1341 Programming Languages Spring 2005 Lecture #6 Lecture #6 In-Young Ko iko.AT. icu.ac.kr iko.AT. icu.ac.kr Information and Communications University.
Reasoning About Code; Hoare Logic, continued

Reasoning About Code; Hoare Logic, continued
Hoare’s Correctness Triplets Dijkstra’s Predicate Transformers

Hoare’s Correctness Triplets Dijkstra’s Predicate Transformers
Pre and Post Condition Rules Definition : If R and S are two assertions, then R is said to be stronger than S if R -> S (R implies S). –Example : the assertion.

Pre and Post Condition Rules Definition : If R and S are two assertions, then R is said to be stronger than S if R -> S (R implies S). –Example : the assertion.
1 University of Toronto Department of Computer Science © 2001, Steve Easterbrook Lecture 10: Formal Verification Formal Methods Basics of Logic first order.

1 University of Toronto Department of Computer Science © 2001, Steve Easterbrook Lecture 10: Formal Verification Formal Methods Basics of Logic first order.
David Evans CS655: Programming Languages University of Virginia Computer Science Lecture 19: Minding Ps & Qs: Axiomatic.

David Evans CS655: Programming Languages University of Virginia Computer Science Lecture 19: Minding Ps & Qs: Axiomatic.
Axiomatic Verification I Prepared by Stephen M. Thebaut, Ph.D. University of Florida Software Testing and Verification Lecture 17.

Axiomatic Verification I Prepared by Stephen M. Thebaut, Ph.D. University of Florida Software Testing and Verification Lecture 17.
Partial correctness © Marcelo d’Amorim 2010.

Partial correctness © Marcelo d’Amorim 2010.
Axiomatic Semantics The meaning of a program is defined by a formal system that allows one to deduce true properties of that program. No specific meaning.

Axiomatic Semantics The meaning of a program is defined by a formal system that allows one to deduce true properties of that program. No specific meaning.
Copyright © 2006 Addison-Wesley. All rights reserved.1-1 ICS 410: Programming Languages Chapter 3 : Describing Syntax and Semantics Axiomatic Semantics.

Copyright © 2006 Addison-Wesley. All rights reserved.1-1 ICS 410: Programming Languages Chapter 3 : Describing Syntax and Semantics Axiomatic Semantics.
ISBN 0-321-33025-0 Chapter 3 Describing Syntax and Semantics.

ISBN Chapter 3 Describing Syntax and Semantics.
Simple Example {i = 0} j := i * i {j < 100} Can we ‘verify’ this triple? Only if we know the semantics of assignment.

Simple Example {i = 0} j := i * i {j < 100} Can we ‘verify’ this triple? Only if we know the semantics of assignment.
1 Discrete Structures Lecture 29 Predicates and Programming Read Ch. 10.1 - 10.2.

1 Discrete Structures Lecture 29 Predicates and Programming Read Ch
1 Design by Contract Building Reliable Software. 2 Software Correctness Correctness is a relative notion  A program is correct with respect to its specification.

1 Design by Contract Building Reliable Software. 2 Software Correctness Correctness is a relative notion  A program is correct with respect to its specification.
Predicate Transformers

Predicate Transformers
Program Proving Notes Ellen L. Walker.

Program Proving Notes Ellen L. Walker.
CSE 331 Software Design & Implementation Dan Grossman Winter 2014 Lecture 2 – Reasoning About Code With Logic 1CSE 331 Winter 2014.

CSE 331 Software Design & Implementation Dan Grossman Winter 2014 Lecture 2 – Reasoning About Code With Logic 1CSE 331 Winter 2014.
1/22 Programs : Semantics and Verification Charngki PSWLAB Programs: Semantics and Verification Mordechai Ben-Ari Mathematical Logic for Computer.

1/22 Programs : Semantics and Verification Charngki PSWLAB Programs: Semantics and Verification Mordechai Ben-Ari Mathematical Logic for Computer.
CSE 3341.03 Winter 2008 Introduction to Program Verification symbolic execution continued.

CSE Winter 2008 Introduction to Program Verification symbolic execution continued.

Similar presentations

Ads by Google