Presentation is loading. Please wait.

Presentation is loading. Please wait.

ECI 2007: Specification and Verification of Object- Oriented Programs Lecture 7.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "ECI 2007: Specification and Verification of Object- Oriented Programs Lecture 7."— Presentation transcript:

1 ECI 2007: Specification and Verification of Object- Oriented Programs Lecture 7

2 Theory of lists Axioms: –  x,y. car(cons(x,y)) = x –  x,y. cdr(cons(x,y)) = y Extend congruence closure to deal with these axioms   Formula := A |    A  Atom := t = t | t  t t  Term := c | car(t) | cdr(t) | cons(t,t) c  SymConst

3 x = cons(u,v)  cons(car(x), cdr(x))  x cons uv car x cdr Car axiom:  x,y. car(cons(x,y)) = x Cdr axiom:  x,y. cdr(cons(x,y)) = y Car axiom Cdr axiom

4 cons(u,v) = cons(x,y)  u  x cons uvxy Car axiom:  x,y. car(cons(x,y)) = x Cdr axiom:  x,y. cdr(cons(x,y)) = y Suppose cons(x,y) = cons(u,v) = n. Then car(n) = x and car(n) = u, which contradicts u  x. Hence, our current algorithm is incomplete.

5 Problem: There are not enough terms in the e-graph. Solution: Whenever the term cons(u,v) exists in the e-graph, add the term car(cons(u,v)) to the e-graph. cons(u,v) = cons(x,y)  u  x cons uvxy car

6 cons(u,v) = cons(x,y)  v  y cons uvxy Problem: There are not enough terms in the e-graph. Solution: Whenever the term cons(u,v) exists in the e-graph, add the term cdr(cons(u,v)) to the e-graph.

7 Algorithm 1.Add terms to the e-graph as follows: if cons(u,v) exists, add car(cons(u,v)) and cdr(cons(u,v)) 2. Close the graph under congruence and the car and cdr axioms 3. If there is a disequality t1  t2 and an equivalence class containing both t1 and t2, return unsatisfiable. 4. Otherwise, return satisfiable.

8 Completeness I(c) = EC(c) For f  {cons, car, cdr}: I(f)(  ) = EC(f(u)),if f(  )  G I(f)(  ) is undefined,otherwise An e-graph G defines a partial interpretation I over the set U of equivalence classes of G. Definition: Suppose  and  are equivalence classes of G. (1) car(  )  G iff  u  s.t. car(u) is a term in G. (2) cdr(  )  G iff  u  s.t. cdr(u) is a term in G. (3) cons( ,  )  G iff  u ,v   s.t. cons(u,v) is a term in G. Definition: Suppose t  G. Then EC(t) is the equivalence class containing t.

9 If there are equivalence classes ,  of G i such that cons( ,  )  G i uv cons carcdr G 0 = e-graph at the termination of the algorithm G i+1 is obtained from G i by adding terms as follows: Case I:

10 If there is an equivalence class  of G i such that car(  )  G i carcdru car If there is an equivalence class  of G i such that cdr(  )  G i carcdru Case II:

11 Suppose I k is the partial interpretation corresponding to the e-graph G k. Then I k+1 extends I k for all k  0. The model is given by the infinite union U k  0 I k. Model

12 Theory of arrays   Formula := A |    A  Atom := t = t | t  t | m = m | m  m t  Term := c | Select(m,t) m  MemTerm := f | Update(m,t,t) c  SymConst for all objects o and o’, and memories m:  o = o’  Select(Update(m,o,v),o’) = v  o  o’  Select(Update(m,o,v),o’) = Select(m,o’) Extend congruence closure with these axioms

13 b = Update(a,i,v)  Select(b,i) = u  u  v Update aiv Select bu

14 Update b = Update(a,i,e)  b = Update(a’,i,e’)  e  e’ a’ie’ Update ae b Select(b,i) = e and Select(b,i) = e’, which contradicts e  e’. Hence, algorithm is incomplete.

15 Rule 1 Update aie Select

16 Update b = Update(a,i,e)  b = Update(a’,i,e’)  e  e’ a’ie’ Update ae b Select

17 x = Select(Update(a,i,e),j)  i  j  y = Select(Update(a,i’,e’),j)  i’  j  x  y Update aie i’e’ Select j xy

18 Rule 2 Update aie Select j

19 x = Select(Update(a,i,e),j)  i  j  y = Select(Update(a,i’,e’),j)  i’  j  x  y Update aie i’e’ Select j xy

20 Update(a,i,e) = Update(a’,i’,e’)  Select(a,j)  Select(a’,j)  i  j  i’  j Update aie a’i’e’j Select Suppose Update(a,i,e) = Update(a’,i’,e’) = n Select(n,j) = Select(a,j) since i  j Select(n,j) = Select(a’,j) since i’  j Hence, we get a contradiction

21 Rule 3 Update aie Select j

22 Update(a,i,e) = Update(a’,i’,e’)  Select(a,j)  Select(a’,j)  i  j  i’  j Update aie a’i’e’j Select

23 Algorithm Construct e-graph G for initial set of constraints For each Update(a,b,c)  G, add to G: (Rule 1) - term Select(Update(a,b,c),b) - constraint Select(Update(a,b,c),b) = c Maintain e-graph G and set of disequalities D Iterate: - Generate case split - Add new terms, equalities, and disequalities to satisfy Rules 2 and 3 - If satisfiable return else backtrack

24 G, Di j  Select(Update(a,i,v),j)  G  Case split: G  i = j, DCase I (G  Select(a,j))  Select(Update(a,i,v),j) = Select(a,j), D  i  j Case II

25 G, Di j  Update(a,i,v)  G  Select(a,j)  G  Case split: G  i = j, DCase I (G  Select(Update(a,i,v),j))  Select(Update(a,i,v),j) = Select(a,j), D  i  j Case II

26 Completeness Similar to the theory of lists

Download ppt "ECI 2007: Specification and Verification of Object- Oriented Programs Lecture 7."

Similar presentations

A Randomized Satisfiability Procedure for Arithmetic and Uninterpreted Function Symbols Sumit Gulwani George Necula EECS Department University of California,

A Randomized Satisfiability Procedure for Arithmetic and Uninterpreted Function Symbols Sumit Gulwani George Necula EECS Department University of California,
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Completeness and Expressiveness

Completeness and Expressiveness
Some important properties Lectures of Prof. Doron Peled, Bar Ilan University.

Some important properties Lectures of Prof. Doron Peled, Bar Ilan University.
Dana Nau: Lecture slides for Automated Planning Licensed under the Creative Commons Attribution-NonCommercial-ShareAlike License:

Dana Nau: Lecture slides for Automated Planning Licensed under the Creative Commons Attribution-NonCommercial-ShareAlike License:
Iterative Deepening A* & Constraint Satisfaction Problems Lecture Module 6.

Iterative Deepening A* & Constraint Satisfaction Problems Lecture Module 6.
Propositional and First Order Reasoning. Terminology Propositional variable: boolean variable (p) Literal: propositional variable or its negation p 

Propositional and First Order Reasoning. Terminology Propositional variable: boolean variable (p) Literal: propositional variable or its negation p 
1 PROPERTIES OF A TYPE ABSTRACT INTERPRETATER. 2 MOTIVATION OF THE EXPERIMENT § a well understood case l type inference in functional programming à la.

1 PROPERTIES OF A TYPE ABSTRACT INTERPRETATER. 2 MOTIVATION OF THE EXPERIMENT § a well understood case l type inference in functional programming à la.
François Fages MPRI Bio-info 2007 Formal Biology of the Cell Inferring Reaction Rules from Temporal Properties François Fages, Constraint Programming Group,

François Fages MPRI Bio-info 2007 Formal Biology of the Cell Inferring Reaction Rules from Temporal Properties François Fages, Constraint Programming Group,
Rigorous Software Development CSCI-GA 3033-011 Instructor: Thomas Wies Spring 2012 Lecture 13.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 13.
 Dr. Vered Gafni 1 LTL Decidability Enables consistency check, but also base for verification.

 Dr. Vered Gafni 1 LTL Decidability Enables consistency check, but also base for verification.
Number Theory and Cryptography

Number Theory and Cryptography
1.  Detailed Study of groups is a fundamental concept in the study of abstract algebra. To define the notion of groups,we require the concept of binary.

1.  Detailed Study of groups is a fundamental concept in the study of abstract algebra. To define the notion of groups,we require the concept of binary.
Lectures on Network Flows

Lectures on Network Flows
1 Introduction to Computability Theory Lecture12: Decidable Languages Prof. Amos Israeli.

1 Introduction to Computability Theory Lecture12: Decidable Languages Prof. Amos Israeli.
Plan for today Proof-system search ( ` ) Interpretation search ( ² ) Quantifiers Equality Decision procedures Induction Cross-cutting aspectsMain search.

Plan for today Proof-system search ( ` ) Interpretation search ( ² ) Quantifiers Equality Decision procedures Induction Cross-cutting aspectsMain search.
Last time Proof-system search ( ` ) Interpretation search ( ² ) Quantifiers Equality Decision procedures Induction Cross-cutting aspectsMain search strategy.

Last time Proof-system search ( ` ) Interpretation search ( ² ) Quantifiers Equality Decision procedures Induction Cross-cutting aspectsMain search strategy.
Congruence class arithmetic. Definitions: a ≡ b mod m iff a mod m = b mod m. a  [b] iff a ≡ b mod m.

Congruence class arithmetic. Definitions: a ≡ b mod m iff a mod m = b mod m. a  [b] iff a ≡ b mod m.
Automated Theorem Proving Lecture 4.   Formula := A |  |    A  Atom := b | t = 0 | t < 0 | t  0 t  Term := c | x | t + t | t – t | ct | Select(m,t)

Automated Theorem Proving Lecture 4.   Formula := A |  |    A  Atom := b | t = 0 | t < 0 | t  0 t  Term := c | x | t + t | t – t | ct | Select(m,t)
Solving Partial Order Constraints for LPO termination.

Solving Partial Order Constraints for LPO termination.

Similar presentations

Ads by Google