Mathematical Reasoning - PowerPoint PPT Presentation

1 / 21
About This Presentation
Title:

Mathematical Reasoning

Description:

Mathematical Reasoning Lecture SE-5 Computer Science and Engineering College of Engineering The Ohio State University Computer Science and Engineering ... – PowerPoint PPT presentation

Number of Views:139
Avg rating:3.0/5.0
Slides: 22
Provided by: PaulSiv4
Category:

less

Transcript and Presenter's Notes

Title: Mathematical Reasoning


1
Mathematical Reasoning
  • Lecture SE-5

2
Overview
  • Methods for checking code is correct, i.e., it
    meets specification
  • Testing
  • Tracing or inspection
  • Formal verification of correctness

3
Testing
  • Goal To find bugs
  • Method Identify adequate test points
  • Recall Test point (valid input, expected
    output)
  • Method Execute the code on those inputs
  • Cannot test on all inputs
  • Can only show presence of bugs, not absence

4
Tracing or Formal Inspection
  • Goal To find bugs
  • Method Identify adequate tracing points
  • Tracing point test point (valid input,
    expected output)
  • Method Hand trace the code on those inputs
  • Cannot trace on all inputs
  • Can only show presence of bugs, not absence but
    some logic check is done

5
Formal Verification
  • Goal To prove correctness
  • Method The rest of this presentation
  • Can prove correctness on all valid inputs
  • Can only show absence of bugs

6
Example
Goal Prove that the following code requires
ensures I J and J I Code I sum(I,
J) J difference(I, J) I difference(I, J)
7
Example
Goal Prove that the following code requires
ensures I J and J I Code I sum(I,
J) J difference(I, J) I difference(I, J)
8
Recall Specification of Integer Operations
  • Think of ints as integers in math
  • constraints for all integer I
  • MIN_VALUE lt I lt MAX_VALUE
  • int sum (int I, int J)
  • requires MIN_VALUE lt I J and I J lt
    MAX_VALUE
  • ensures sum I J
  • int difference (int I, int J)
  • requires MIN_VALUE lt I - J and I - J lt
    MAX_VALUE
  • ensures difference I - J

9
Example
Goal Prove that the following code requires
ensures I J and J I Code I sum(I,
J) J difference(I, J) I difference(I, J)
10
Establish the goals in state-oriented terms using
a table
Assume Confirm 0 I sum(I, J) 1 J
difference(I, J) 2 I difference(I,
J) 3 I3 J0 and J3 I0
11
Establish assumptions (and obligations)
Assume Confirm 0 I sum(I,
J) 1 I1 I0 J0 and J1 J0 J
difference(I, J) 2 J2 I1 - J1 and
I2 I1 I difference(I, J) 3 I3
I2 J2 and I3 J0 and J3 J2 J3
I0
12
Prove all assertions to be confirmed
  • Prove I3 J0 and J3 I0
  • Proof of I3 J0
  • I3 I2 J2
  • (I1 J1) I1 substitution for I2 and J2
  • J1 simplification
  • J0 substitution for J1
  • Proof of J3 I0
  • exercise
  • Code is correct if all assertions to be confirmed
    are proved

13
Example Confirm callers obligations (Why?)
Assume Confirm 0 I sum(I,
J) 1 I1 I0 J0 and MIN_VALUE lt J1
J0 (I1 J1) lt MAX_VALUE J
difference(I, J) 2
14
Confirm callers obligations
Assume Confirm 0 MIN_VALUE lt I0 J0
lt MAX_VALUE I sum(I, J) 1
MIN_VALUE lt I1 J1 lt MAX_VALUE J
difference(I, J) 2 MIN_VALUE lt I2 J2
lt MAX_VALUE I difference(I,
J) 3 I3 J0 and J3 I0
15
Prove all assertions to be confirmed
  • Proofs - exercises
  • Given the goal
  • requires MIN_VALUE lt I J and I J lt
    MAX_VALUE
  • ensures I J and J I
  • The code below is correct
  • I sum(I, J)
  • J difference(I, J)
  • I difference(I, J)

16
Basics of Mathematical Reasoning
  • Suppose you are verifying code for some operation
    P
  • Assume its requires clause in state 0
  • Confirm its ensures clause at the end
  • Suppose that P calls Q
  • Confirm the requires clause of Q in the state
    before Q is called
  • Why? Because caller is responsible
  • Assume the ensures clause of Q in the state after
    Q
  • Why? Because Q is assumed to work
  • Prove assertions to be confirmed

17
Another Example
Specification Operation Do_Nothing (restores S
Stack) Goal Same as ensures S
S Code Procedure Do_Nothing (restores S
Stack) Var E Entry Pop(E, S) Push(E,
S) end Do_Nothing
18
Exercise Complete table and prove!
Assume Confirm 0 Pop(E,
S) 1 Push(E. S) 2
19
Recall Specification of Stack Operations
Operation Push (alters E Entry updates S
Stack) requires S lt Max_Depth ensures S
ltEgt o S Operation Pop (replaces R Entry
updates S Stack) requires S gt 0 ensures S
ltRgt o S Operation Depth (restores S Stack)
Integer ensures Depth S
20
Collaborative Exercise Answers
Assume Confirm 0 S gt 0 Pop(E,
S) 1 S0 ltE1gt o S1 S lt Max_Depth
Push(E. S) 2 S2 ltE1gt o S1 S2 S0
21
Discussion
  • Is the code Correct? If not, fix it
  • Important Idea The reasoning table can be filled
    mechanically
  • Principles of reasoning about all objects and
    operations are the same
  • Need mathematical specifications
  • VC generation and automated verification demo
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Mathematical Reasoning" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!