The Spec - PowerPoint PPT Presentation

1 / 12
About This Presentation
Title:

The Spec

Description:

axiom DATE : ANY; axiom C : ANY; function AllocatedType(obj: ref) returns (typ: name) ... procedure DATE.make_today(current: ref); requires current != null; ... – PowerPoint PPT presentation

Number of Views:54
Avg rating:3.0/5.0
Slides: 13
Provided by: Rustan5
Category:
Tags: date | spec

less

Transcript and Presenter's Notes

Title: The Spec


1
The Spec programming system
  • Mike BarnettRob DeLineManuel FähndrichBart
    JacobsK. Rustan M. LeinoWolfram SchulteHerman
    Venter

Bor-Yuh Evan ChangDaan LeijenPeter MüllerDavid
A. Naumann
11 Oct 2005VSTTEZurich, Switzerland
2
Spec
  • Spec C contracts
  • 3 levels of checking
  • static type checking
  • runtime checking
  • program verification

3
Outline
  • 0. Spec demo, writing a small program
  • 1. A call for programming methodology
  • 2. BoogiePL, a shared intermediate language

4
0. Spec demo
a programming toolto be used routinely
5
public class Chunker string! src public
readonly int ChunkSize invariant 0 lt
ChunkSize int n // characters returned so
far invariant 0 lt n n lt src.Length
public virtual string! NextChunk() ensures
result.Length lt ChunkSize expose (this)
string s if (n ChunkSize lt
src.Length) s src.Substring(n,
ChunkSize) else s
src.Substring(n) n s.Length
return s
public Chunker(string! source,
int chunkSize) requires 0 lt chunkSize
src source ChunkSize chunkSize n
0 base()
6
1. Programming methodology
identify structures that make programs verifiable
(cf. Bernhard Steffens and Greg Nelsons
comments yesterday, and Peter Müllers and Dave
Naumanns talks today)
7
2. Spec static verifier architecture
Spec program
Spec compiler
MSIL
Spec static program verifier (aka Boogie)
translator
abstract interpreter
Boogie PL
V.C. generator
verification condition
automatictheorem prover
correct or list of errors
8
Eiffel
class C inherit ANY feature -- access d
DATE y INTEGER feature -- setters
my_method is do create d.make_today
y 15 end end
9
BoogiePL 0
const ANY name // class const DATE name //
class const C name // class axiom DATE lt
ANY axiom C lt ANY function AllocatedType(obj
ref) returns (typ name) const allocated name
// ghost attribute const C.d name //
attribute const C.y name // attribute function
IsHeap(heap ref,nameany) returns
(bool) axiom (forall h ref,nameany, o ref
IsHeap(h) o ! null
AllocatedType(o) lt C gt
ho, C.d ! null
AllocatedType(cast(ho, C.d, ref)) lt DATE)
10
BoogiePL 1
var Heap ref,nameany procedure
C.my_method(current ref) requires current !
null modifies Heap procedure
DATE.make_today(current ref) requires current
! null modifies Heap
11
BoogiePL 2
implementation C.my_method(current ref) var
tmp ref entry assume AllocatedType(curre
nt) lt C assume IsHeap(Heap) havoc
tmp assume ! cast(Heaptmp, allocated,
bool) assume tmp ! null
AllocatedType(tmp) lt DATE Heaptmp,
allocated true call DATE.make_today(tmp)
Heapcurrent, C.d tmp assert
current ! null Heapcurrent, C.y 15
return
12
Conclusion
  • Spec
  • download research.microsoft.com/specsharp
  • program!
  • teach!
  • We need more programming methodology
  • Try BoogiePL as your intermediate verification
    language
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "The Spec" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!