S , an - Cs - 73 - 365 a Automatic Program Verification I : Logical Basis and Its Implementation by Shigeru Igarashi Ralph
نویسندگان
چکیده
D e f i n i n g t h e s e m a n t i c s o f p r o g r a m m i n g l a n g u a g e s b y a x i o m s a n d r u l e s o f i n f e r e n c e y i e l d s a d e d u c t i o n s y s t e m w i t h i n w h i c h p r o o f s may be g i ven t h a t p r o g r a m s s a t i s f y specificati’ons, T h e d e d u c t i o n s y s t e m h e r e i n i s s h o w n t o b e c o n s i s t e n t a n d a l s o deduc t i on c o m p l e t e .wi th r e s p e c t t o Hoare’s s y s t e m . A s u b g o a l e r f o r t h e d e d u c t i o n s y s t e m i s d e s c r i b e d w h o s e i n p u t i s a s i g n i f i c a n t s u b s e t o f Pasta I p r o g r a m s p l u s i n d u c t i v e a s s e r t i o n s . T h e o u t p u t i s a s e t o f v e r i f i c a t i o n c o n d i t i o n s o r l e m m a s t o b e p r o v e d , Severa I n o n t r i v i a l a r i t h m e t i c a n d s o r t i n g p r o g r a m s h a v e b e e n s h o w n t o s a t i s f y s p e c i f i c a t i o n s b y u s i n g a n i n t e r a c t i v e t h e o r e m p r o v e r t o a u t o m a t i c a l l y g e n e r a t e p r o o f s o f t h e v e r i f i c a t i o n condi t ions, A d d i t i o n a l c o m p o n e n t s f o r a m o r e p o w e r f u l v e r i f i c a t i o n s y s t e m a r e u n d e r c o n s t r u c t i o n . A u t h o r s ’ a d d r e s s e s : I g a r a s h i , R e s e a r c h I n s t i t u t e f o r M a t h e m a t i c a l S c i e n c e s , K y o t o U n i v e r s i t y , K y o t o 6 0 6 , J a p a n ; L o n d o n , U S C I n f o r m a t i o n S c i e n c e s I n s t i t u t e , 4 6 7 6 A d m i r a l t y W a y , M a r i n a Del R e y , C a l i f o r n i a 9 0 2 9 1 ; Luckham, C o m p u t e r S c i e n c e D e p a r t m e n t , S t a n f o r d U n i v e r s i t y , S t a n f o r d , C a l i f o r n i a 94385. T h i s r e s e a r c h i s s u p p o r t e d b y t h e A d v a n c e d R e s e a r c h P r o j e c t s A g e n c y u n d e r C o n t r a c t s S D 1 8 3 a n d D A H C 1 5 7 2 C 0 3 0 8 , a n d b y t h e N a t i o n a l A e r o n a u t i c s a n d S p a c e A d m i n i s t r a t i o n u n d e r C o n t r a c t N S R 0 5 0 2 0 5 0 0 . T h e v i e w s a n d c o n c l u s i o n s c o n t a i n e d i n t h i s d o c u m e n t a r e t h o s e o f t h e a u t h o r s a n d s h o u l d n o t b e i n t e r p r e t e d a s n e c e s s a r i l y r e p r e s e n t i n g t h e o f f i c i a l p o l icies, e i t h e r e x p r e s s e d o r i m p l i e d , o f A R P A , N A S A , o r t h e U . S . G o v e r n m e n t . R e p r o d u c e d i n t h e U S A , A v a i l a b l e f r o m t h e N a t i o n a l T e c h n i c a l I n f o r m a t i o n S e r v i c e , S p r i n g f i e l d , V i r g i n i a 22151. AUTOMATIC PROGRAM VERIFICATION I: A LOGICAL BASIS AND ITS IMPLEMENTATION bY S h i g e r u I g a r a s h i , R a l p h L. L o n d o n , a n d D a v i d C, Luckham 1 . INTRODUCTION V e r i f y i n g t h a t a c o m p u t e r p r o g r a m i s c o r r e c t h a s b e e n d i s c u s s e d i n many r e c e n t pub1 i c a t i o n s , f o r example [Hoare 1 9 6 9 , K i n g 1 9 6 9 , M c C a r t h y a n d P a i n t e r 19671. T h e “ v e r i f i c a t i o n prob I em” has bec0m.e “ c o r r e c t n e s s prob I em” o r p o p u l a r e s s e n t i a l l y b e c a u s e i t r e p r e s e n t s a s i g n i f i c a n t f i r s t s t e p t o w a r d s w r i t i n g p r o g r a m s t h a t c a n b e g u a r a n t e e d t o d o w h a t t h e i r a u t h o r s i n t e n d e d . T h e r e a r e s e v e r a l d i f f e r e n t i n t e r p r e t a t i o n s o f e x a c t l y w h a t i t m e a n s , H e r e , w e a d o p t t h e p o i n t o f v i e w that a p r o g r a m h a s b e e n “ver i f ied” w h e n i t i s p r o v e d w i t h i n a s y s t e m o f l o g i c t o b e c o n s i s t e n t w i t h d o c u m e n t a t i o n , i.e. a s t a t e m e n t o f w h a t i t i s s u p p o s e d t o d o . O u r d i s c u s s i o n i s r e s t r i c t e d t o p r o g r a m s t h a t c a n b e w r i t t e n i n a v e r y p r e c i s e m o d e r n p r o g r a m m i n g langage, P a s c a l [Wirth 1 9 7 1 1 . O f c o u r s e , w e d o n o t d e a l w i t h a l l P a s c a l p r o g r a m s , b u t w i t h a s u b s e t t h a t i s r i ch e n o u g h t o i n c l u d e pub1 ished a I gor i t hms s u c h a s F I N D [Hoare 1371b1, TREESORT [ F l o y d 1 9 6 4 3 , a n d a s i m p l e c o m p i l e r EMcCar t hy a n d P a i n t e r 1 9 6 7 1 . S i n c e P a s c a l i s a n A l g o l l i k e l a n g u a g e w e e x p e c t t h a t w h a t i s d o n e h e r e c a n b e r e p e a t e d w i t h o u t m u c h e f f o r t for Algol or o t h e r s u c h I a n g u a g e s . W e a d o p t a D O C U M E N T A T I O N L A N G U A G E t h a t i s r o u g h l y s p e a k i n g t h e l a n g u a g e o f q u a n t i f i e d A l g o l B o o l e a n e x p r e s s i o n s , (i.e. f i r s t o r d e r number t h e o r y w i t h d e f i n i t i o n a l e x t e n s i o n and some n o t a t i o n a l c o n v e n i e n c e s ) . I t d o e s n o t c o n t a i n any c o n s t r u c t s f o r r e p r e s e n t i n g such n o t i o n s a s t e n s e ( t i m e d e p e n d e n c y ) , p o s s i b i I i t y ( c a n d o ) , e t c . t h a t m a y w e l l p r o v e u s e f u l i n d e s c r i b i n g p r o g r a m s . S o t h e d o c u m e n t a t i o n l a n g u a g e i s a s l i g h t e x t e n s i o n o f w h a t p r o g r a m m e r s n o r m a l l y u s e t o s t a t e t h o s e c o n d i t i o n s o n c o m p u t a t i o n s t h a t c o n t r o l their p r o g r a m s , S t a t e m e n t s o f t h e d o c u m e n t a t i o n l a n g u a g e a r e c a l l e d ASSERTIONS. A d o c u m e n t e d p r o g r a m i s , f o r u s , a P a s c a l p r o g r a m i n w h i c h a s s e r t i o n s h a v e b e e n p l a c e d b e t w e e n i t s s t a t e m e n t s a t c e r t a i n p o i n t s . W e r e f e r t o s u c h p r o g r a m s w i t h d o c u m e n t a t i o n a s A S S E R T E D -PROGRAMS. T h e g e n e r a l i d e a o f h o w t o g o a b o u t v e r i f y i n g a n a s s e r t e d p r o g r a m i s t o r e d u c e t h i s p r o b l e m t o q u e s t i o n s a b o u t w h e t h e r c e r t a i n a s s o c i a t e d log.ical c o n d i t i o n s ( h e n c e f o r t h c a l l e d V E R I F I C A T I O N CONOITIONS) a r e trge o f (i.e. t h e o r e m s i n ) v a r i o u s s t a n d a r d f i r s t o r d e r t h e o r i e s . T h e u s u a l m e t h o d o f r e d u c t i o n [Flogd 1 9 6 7 1 i n v o l v e s e n u m e r a t i n g a l I p o s s i b l e p a t h s b e t w e e n a s s e r t i o n s i n t h e p r o g r a m a n d t h e n c o m p u t i n g a v e r i f i c a t i o n c o n d i t i o n f o r e a c h p a t h i n t e r m s o f o p e r a t i o n s and a s s e r t i o n s o n t h a t p a t h : t h e s e v e r i f i c a t i o n c o n d i t i o n s m u s t t h e n b e p r o v e d . S e e L o n d o n cl9721 f o r a b i bl i o g r a p h y o f e x i s t i n g p r o g r a m s f o r g e n e r a t i n g v e r i f i c a t i o n c o n d i t i o n s ,
منابع مشابه
Automatic Program Verification Ii : Verifying Programs by Algebraic and Logical Reduction
Methode for verifying progroms uritten in a higher level programming language are deviled and imp!em-nted. The system can verify programs uritten in a subset of PASCAL, which may have data structures and control structures such as WHILE, REPEAT. FOR, PROCEDURE. FUNCTION and COROUTINE. The process of creation of verification conditions is an extension of the work done by Igarashi, London and Luc...
متن کاملEpidemiological Trends in Cesarean Section Rate in Qom Province, Iran During 2005-2017; A Joinpoint Regression Analysis
Background and Objectives: an important problem challenging cesarean section is its extensive use as a common method of delivery. Due to the growing trend of cesarean section in Iran in recent years, the natural delivery promotion program was implemented as one the programs incorporated in the Health System Reform Plan in 2014. In this study, the trend of changes in the percentage of CS deliver...
متن کاملIntroduction of a Reliable Software for the Calculation of the Gamma Index
Introduction: The gamma index is a known parameter for radiotherapy dose verification. Many free and commercial programs have been written for the calculation of this index. However, the verification of the results has been overlooked in many of the programs. The present study tested the validity of three gamma index calculator programs. Material and ...
متن کاملAn Exercise in Invariant-based Programming with Interactive and Automatic Theorem Prover Support
Invariant-Based Programming (IBP) is a diagram-based correct-by-construction programming methodology in which the program is structured around the invariants, which are additionally formulated before the actual code. Socos is a program construction and verification environment built specifically to support IBP. The front-end to Socos is a graphical diagram editor, allowing the programmer to con...
متن کاملLogical s-t Min-Cut Problem: An Extension to the Classic s-t Min-Cut Problem
Let $G$ be a weighted digraph, $s$ and $t$ be two vertices of $G$, and $t$ is reachable from $s$. The logical $s$-$t$ min-cut (LSTMC) problem states how $t$ can be made unreachable from $s$ by removal of some edges of $G$ where (a) the sum of weights of the removed edges is minimum and (b) all outgoing edges of any vertex of $G$ cannot be removed together. If we ignore the second constraint, ca...
متن کاملSpecification and Verification of Object-Oriented Software
The specification of object-oriented and other pointer-based programs must be able to describe the structure of the program’s dynamically allocated data as well as some abstract view of what the code implements. The verification of such programs can be done by generating logical verification conditions from the program and its specifications and then analyzing the verification conditions by a m...
متن کامل