Presentation is loading. Please wait.

Presentation is loading. Please wait.

This Week Finish relational semantics Hoare logic Interlude on one-point rule Building formulas from programs.

Published byCarlo Ion Modified over 9 years ago

Similar presentations

Presentation on theme: "This Week Finish relational semantics Hoare logic Interlude on one-point rule Building formulas from programs."— Presentation transcript:

1 This Week Finish relational semantics Hoare logic Interlude on one-point rule Building formulas from programs

2 Synthesis, Analysis, and Verification Lecture 03a Lectures: Viktor Kuncak Relational Semantics and Consequences Hoare Logic

3 Mapping Programs while (x > 1) { if (x % 2 = 0) x = x / 2 else x = 3 * x + 1 } into relations {((x 1,..., x n ), (x’ 1,..., x’ n )) | F(x 1,..., x n x’ 1,..., x’ n )}

4 Guarded Command Language assume(F) - stop execution if F does not hold pretend execution never happened s1 [] s2 - non-deterministic execution of both s1 and s2 s* - execute s zero, once, or more times

5 Guarded Commands and Relations - Idea x = T{(x,T) | true } gets more complex for more variables assume(F)Δ S S is set of values for which F is true (satisfying assignments of F) s*r* s 1 [] s 2 r 1 U r 2

6 Assignment for More Variables var x,y … y = x + 1

7 State as a Map from Variables to Values

8 ‘if’ condition using assume and [] if (F) s1 else s2 (assume(F); s1) [] (assume(  F); s2)

9 ‘while’ using assume and * while (F) c (assume(F); c)*; assume(  F)

10 Compute Relation for this Program r = 0; while (x > 0) { r = r + 3; x = x - 1 } As the program state use the pair of integer variables (r,x) 1) compute guarded command language for this program (express ‘while’ and ‘if’ using ‘assume’).

11 Compute Relation for this Program r = 0; while (x > 0) { r = r + 3; x = x - 1 } r = 0; ( assume(x>0); r = r + 3; x = x – 1 )* ; assume(x <= 0) assume(x>0); r = r + 3; x = x – 1 B*B* r = 0; B*; assume(x <= 0) 2) compute meaning of program pieces, from smaller to bigger

12 B r’ = r + 3 && x’ = x – k && x > 0

13 BkBk r’ = r + 3k && x’ = x – k && x > 0 && x – 1 > 0 &&... && x – (k-1) > 0 i.e. r’ = r + 3k && x’ = x – k && x – (k – 1) > 0i.e. x – k >= 0

14 B* (s,s’) in B*  exists k. (s,s’) in B k B* : exists k. k >= 0 && r’ = r + 3k && x’ = x – k && x – k >= 0 i.e. by one-point rule: r’ = r + 3(x-x’) && x’ >= 0 && x – x’ >= 0 and we must also add the diagonal

15 Havoc Statement Havoc statement is another useful declarative statement. It changes a given variable entirely arbitrarily: there will be one possible state for each possible value of integer variable. Expressing Assignment with Havoc+Assume We can prove that the following equality holds under certain conditions: x = E is havoc(x); assume(x==E) In other words, assigning a variable is the same as changing it arbitrarily and then assuming that it has the right value. Under what condition does this equality hold?

16 Correctness as Relation Inclusion program  relation p specification  relation s program meets specification: p s example: p = {((r,x),(r’,x’)). r’=2x && x’=0 } s = {((r,x),(r’,x’)). x > 0  r’ > x’ } then the above program p meets the specification s because implication holds: r’=2x && x’=0  ( x > 0  r’ > x’ )

17 Normal form for Loop-Free Programs Lemma: Let P be a program without loops. Then for some natural number n, where each p i is relation composition of – relations for assignments – diagonal relations Prove this.

18 Proof

19 Inductive Case

20 A Hoare Logic Proof //{0 <= y} i = y; //{0 <= y & i = y} r = 0; //{0 <= y & i = y & r = 0} while //{r = (y-i)*x & 0 <= i} (i > 0) ( //{r = (y-i)*x & 0 < i} r = r + x; //{r = (y-i+1)*x & 0 < i} i = i - 1 //{r = (y-i)*x & 0 <= i} ) //{r = x * y}

21 Hoare Logic see wiki

Download ppt "This Week Finish relational semantics Hoare logic Interlude on one-point rule Building formulas from programs."

Similar presentations

Technologies for finding errors in object-oriented software K. Rustan M. Leino Microsoft Research, Redmond, WA Lecture 1 Summer school on Formal Models.

Technologies for finding errors in object-oriented software K. Rustan M. Leino Microsoft Research, Redmond, WA Lecture 1 Summer school on Formal Models.
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Program Verification Using Hoares Logic Book: Chapter 7.

Program Verification Using Hoares Logic Book: Chapter 7.
Synthesis, Analysis, and Verification Lecture 04c Lectures: Viktor Kuncak VC Generation for Programs with Data Structures “Beyond Integers”

Synthesis, Analysis, and Verification Lecture 04c Lectures: Viktor Kuncak VC Generation for Programs with Data Structures “Beyond Integers”
Copyright 2003-04, Doron Peled and Cesare Tinelli. These notes are based on a set of lecture notes originally developed by Doron Peled at the University.

Copyright , Doron Peled and Cesare Tinelli. These notes are based on a set of lecture notes originally developed by Doron Peled at the University.
Functional Verification III Prepared by Stephen M. Thebaut, Ph.D. University of Florida Software Testing and Verification Lecture Notes 23.

Functional Verification III Prepared by Stephen M. Thebaut, Ph.D. University of Florida Software Testing and Verification Lecture Notes 23.
Hoare’s Correctness Triplets Dijkstra’s Predicate Transformers

Hoare’s Correctness Triplets Dijkstra’s Predicate Transformers
Rigorous Software Development CSCI-GA 3033-011 Instructor: Thomas Wies Spring 2012 Lecture 11.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 11.
1 Discrete Structures Lecture 29 Predicates and Programming Read Ch. 10.1 - 10.2.

1 Discrete Structures Lecture 29 Predicates and Programming Read Ch
Program Proving Notes Ellen L. Walker.

Program Proving Notes Ellen L. Walker.
1/22 Programs : Semantics and Verification Charngki PSWLAB Programs: Semantics and Verification Mordechai Ben-Ari Mathematical Logic for Computer.

1/22 Programs : Semantics and Verification Charngki PSWLAB Programs: Semantics and Verification Mordechai Ben-Ari Mathematical Logic for Computer.
CS 355 – Programming Languages

CS 355 – Programming Languages
CSE115/ENGR160 Discrete Mathematics 04/12/11 Ming-Hsuan Yang UC Merced 1.

CSE115/ENGR160 Discrete Mathematics 04/12/11 Ming-Hsuan Yang UC Merced 1.
Recursive Definitions Rosen, 3.4. Recursive (or inductive) Definitions Sometimes easier to define an object in terms of itself. This process is called.

Recursive Definitions Rosen, 3.4. Recursive (or inductive) Definitions Sometimes easier to define an object in terms of itself. This process is called.
1 CSE 417: Algorithms and Computational Complexity Winter 2001 Lecture 23 Instructor: Paul Beame.

1 CSE 417: Algorithms and Computational Complexity Winter 2001 Lecture 23 Instructor: Paul Beame.
4/17/2017 Section 3.6 Program Correctness ch3.6.

4/17/2017 Section 3.6 Program Correctness ch3.6.
Software Verification Bertrand Meyer Chair of Software Engineering Lecture 2: Axiomatic semantics.

Software Verification Bertrand Meyer Chair of Software Engineering Lecture 2: Axiomatic semantics.
Describing Syntax and Semantics

Describing Syntax and Semantics
Chapter 10 Sequences, Induction, and Probability Copyright © 2014, 2010, 2007 Pearson Education, Inc. 1 10.4 Mathematical Induction.

Chapter 10 Sequences, Induction, and Probability Copyright © 2014, 2010, 2007 Pearson Education, Inc Mathematical Induction.
Floyd Hoare Logic. Semantics A programming language specification consists of a syntactic description and a semantic description. Syntactic description:symbols.

Floyd Hoare Logic. Semantics A programming language specification consists of a syntactic description and a semantic description. Syntactic description:symbols.

Similar presentations

Ads by Google