Presentation is loading. Please wait.

Presentation is loading. Please wait.

Partial correctness © Marcelo d’Amorim 2010.

Published byCharlotte Blankenship Modified over 9 years ago

Similar presentations

Presentation on theme: "Partial correctness © Marcelo d’Amorim 2010."— Presentation transcript:

1 Partial correctness http://pan.cin.ufpe.br © Marcelo d’Amorim 2010

2 Intuition Program and mathematical formula are similar. Both manipulate symbols and have precise syntax and semantics. © Marcelo d’Amorim 2010 Encode program state as a predicate and statements as predicate transformers.

3 For verification… Reason about programs as logical formulae © Marcelo d’Amorim 2010 Derive formula from program. If program is incorrect should find contradictions!

4 Basis: Floyd-Hoare Triples P and Q denote pre and post conditions on S © Marcelo d’Amorim 2010 {P} S {Q}

5 Semantic distinction Partial correctness: For all states that satisfy P, if S terminates, then Q must hold in that state Total correctness: For all states that satisfy P, then S terminates and the resulting state satisfies Q © Marcelo d’Amorim 2010 {P} S {Q}

6 Is this valid? © Marcelo d’Amorim 2010 {true} while (true) x:=2 {1==2}

7 Is this valid? Answer: Only under partial correctness since false (due to non termination) implies absurd © Marcelo d’Amorim 2010 {true} while (true) x:=2 {1==2}

8 Example © Marcelo d’Amorim 2010 {y<=3} x:=2*y+1 {x<=7 and y<=3}

9 Exercise Propose other preconditions P that makes this post condition to hold © Marcelo d’Amorim 2010 {P?} x:=2*y+1 {x<=7 and y<=3}

10 Definition: Weaker formula A formula A is weaker than B if B -> A. Given a set of formulas {A1,…,An}, Ai is the weakest in the set if Aj -> Ai for all j in [1,n]. © Marcelo d’Amorim 2010 Definition of stronger is symmetric.

11 Back to previous exercise Propose other preconditions P that makes this post condition to hold © Marcelo d’Amorim 2010 {P?} x:=2*y+1 {x<=7 and y<=3} We want to find the weakest predicate P (i.e., permissive/liberal/general) that is strong enough to make post condition hold.

12 Axiomatic semantics of programs Define semantics of each construct in terms of its effects on global state – Most popular definitions: wp and sp – Basis to automated derivation of pgm. obligations © Marcelo d’Amorim 2010

13 WP and SP wp (weakest precondition): Derive most general (weakest) accepting condition on state that results in correct executions sp (strongest postcondition): Derive most specific (strongest) condition that holds in every final states from correct executions © Marcelo d’Amorim 2010

14 Fragment of Pascal [ASSIGN] wp(x:=t, p(x)) = p(x) {x <- t} [COMP] wp(S1;S2, q) = wp(S1,wp(S2,q)) [COND] wp(if B then S1 else S2, q) = B-> wp(S1,q) and not B -> wp(S2,q) [WHILE] wp(while B do S, q) = (not B -> q) and B -> wp(S; while B do S, q) © Marcelo d’Amorim 2010 Oops… Cannot mechanically compute it!

15 Exercise: Compute the following wp(x:=x+1; y:=y+2, x < y) wp(x:=x+1; y:=y+2, x = (b - y)*a) wp(if y=0 then x:=0 else x:=y+1, x = y) © Marcelo d’Amorim 2010

16 Verification Conditions (VCs) © Marcelo d’Amorim 2010 S ; assert Q {?} S {Q} {P} S {Q} assume P ; S {P} S {True} {P => P0} S {True}

17 Verification Conditions (VCs) © Marcelo d’Amorim 2010 assume P; S ; assert Q {P} S {Q} {P => P0} S {Q}

18 VC generators One rule for each language statement Conceptually, one can derive a predicate for entire program with assistance of rules © Marcelo d’Amorim 2010 S 1 ; S 2 ; … ; S n P 1 P 2 P 3 P n-1 P n statements predicates

19 VC generators One rule for each language statement Conceptually, one can derive a predicate for entire program with assistance of rules © Marcelo d’Amorim 2010 S 1 ; S 2 ; … ; S n P 1 P 2 P 3 P n-1 P n statements predicates Interested reader should look George Necula’s work on proof-carrying code and also the Spec# and ESCJava tools.

20 Deductive System © Marcelo d’Amorim 2010 Mathematical Logic for Computer Science. Mordechai Ben-Ari, Springer

21 Exercise Generate weakest precondition for the program below to validate the assertion © Marcelo d’Amorim 2010 x := 0 y := b; while y <> 0 do begin x:= x + a; y:= y – 1 end; assert x = a * b

22 Conclusions Partial correctness is a cornerstone in program language and verification Very important to note. Not automatic! – Manual generation of loop invariants is costly – First-order logics alone is undecidable © Marcelo d’Amorim 2010

Download ppt "Partial correctness © Marcelo d’Amorim 2010."

Similar presentations

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Semantics Static semantics Dynamic semantics attribute grammars

Semantics Static semantics Dynamic semantics attribute grammars
PZ03D Programming Language design and Implementation -4th Edition Copyright©Prentice Hall, 2000 1 PZ03D - Program verification Programming Language Design.

PZ03D Programming Language design and Implementation -4th Edition Copyright©Prentice Hall, PZ03D - Program verification Programming Language Design.
Reasoning About Code; Hoare Logic, continued

Reasoning About Code; Hoare Logic, continued
Hoare’s Correctness Triplets Dijkstra’s Predicate Transformers

Hoare’s Correctness Triplets Dijkstra’s Predicate Transformers
Rigorous Software Development CSCI-GA 3033-011 Instructor: Thomas Wies Spring 2012 Lecture 11.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 11.
Rigorous Software Development CSCI-GA 3033-011 Instructor: Thomas Wies Spring 2012 Lecture 13.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 13.
David Evans CS655: Programming Languages University of Virginia Computer Science Lecture 19: Minding Ps & Qs: Axiomatic.

David Evans CS655: Programming Languages University of Virginia Computer Science Lecture 19: Minding Ps & Qs: Axiomatic.
Axiomatic Verification I Prepared by Stephen M. Thebaut, Ph.D. University of Florida Software Testing and Verification Lecture 17.

Axiomatic Verification I Prepared by Stephen M. Thebaut, Ph.D. University of Florida Software Testing and Verification Lecture 17.
Axiomatic Semantics The meaning of a program is defined by a formal system that allows one to deduce true properties of that program. No specific meaning.

Axiomatic Semantics The meaning of a program is defined by a formal system that allows one to deduce true properties of that program. No specific meaning.
Copyright © 2006 Addison-Wesley. All rights reserved.1-1 ICS 410: Programming Languages Chapter 3 : Describing Syntax and Semantics Axiomatic Semantics.

Copyright © 2006 Addison-Wesley. All rights reserved.1-1 ICS 410: Programming Languages Chapter 3 : Describing Syntax and Semantics Axiomatic Semantics.
ISBN 0-321-33025-0 Chapter 3 Describing Syntax and Semantics.

ISBN Chapter 3 Describing Syntax and Semantics.
Simple Example {i = 0} j := i * i {j < 100} Can we ‘verify’ this triple? Only if we know the semantics of assignment.

Simple Example {i = 0} j := i * i {j < 100} Can we ‘verify’ this triple? Only if we know the semantics of assignment.
Predicate Transformers

Predicate Transformers
Program Proving Notes Ellen L. Walker.

Program Proving Notes Ellen L. Walker.
Fall 20021 Semantics Juan Carlos Guzmán CS 3123 Programming Languages Concepts Southern Polytechnic State University.

Fall Semantics Juan Carlos Guzmán CS 3123 Programming Languages Concepts Southern Polytechnic State University.
Duminda WijesekeraSWSE 623 - Program Correctness1 SWSE 623 Program Correctness -Pre-condition, Post-conditions and Loop invariants.

Duminda WijesekeraSWSE Program Correctness1 SWSE 623 Program Correctness -Pre-condition, Post-conditions and Loop invariants.
1 Semantic Description of Programming languages. 2 Static versus Dynamic Semantics n Static Semantics represents legal forms of programs that cannot be.

1 Semantic Description of Programming languages. 2 Static versus Dynamic Semantics n Static Semantics represents legal forms of programs that cannot be.
1/22 Programs : Semantics and Verification Charngki PSWLAB Programs: Semantics and Verification Mordechai Ben-Ari Mathematical Logic for Computer.

1/22 Programs : Semantics and Verification Charngki PSWLAB Programs: Semantics and Verification Mordechai Ben-Ari Mathematical Logic for Computer.
CS 355 – Programming Languages

CS 355 – Programming Languages

Similar presentations

Ads by Google