hoare logic
play

Hoare Logic Andreas Podelski November 8, 2011 Hoare logic - PowerPoint PPT Presentation

May 29, 2023 •31 likes •401 views

Hoare Logic Andreas Podelski November 8, 2011 Hoare logic introduced by Hoare in 1969 builds on first-order logic Hoare logic introduced by Hoare in 1969 builds on first-order logic correctness specification = pre- and

  1. Hoare Logic Andreas Podelski November 8, 2011

  2. Hoare logic ◮ introduced by Hoare in 1969 builds on first-order logic

  3. Hoare logic ◮ introduced by Hoare in 1969 builds on first-order logic ◮ correctness specification = pre- and postcondition pair

  4. Hoare logic ◮ introduced by Hoare in 1969 builds on first-order logic ◮ correctness specification = pre- and postcondition pair ◮ standard presentation of Hoare logic: proof uses invariant for every loop in program

  5. Hoare logic ◮ introduced by Hoare in 1969 builds on first-order logic ◮ correctness specification = pre- and postcondition pair ◮ standard presentation of Hoare logic: proof uses invariant for every loop in program ◮ here: invariants are given as part of correctness specification

  6. Hoare logic ◮ introduced by Hoare in 1969 builds on first-order logic ◮ correctness specification = pre- and postcondition pair ◮ standard presentation of Hoare logic: proof uses invariant for every loop in program ◮ here: invariants are given as part of correctness specification ◮ correctness proof possible only if invariants are adequate for pre- and postcondition pair

  7. Programs ◮ (program) expression e ::= x | f ( e 1 , . . . , e n ) where f maps into domain of values

  8. Programs ◮ (program) expression e ::= x | f ( e 1 , . . . , e n ) where f maps into domain of values ◮ Boolean expression b ::= x | f ( e 1 , . . . , e n ) where f maps into Boolean domain

  9. Programs ◮ (program) expression e ::= x | f ( e 1 , . . . , e n ) where f maps into domain of values ◮ Boolean expression b ::= x | f ( e 1 , . . . , e n ) where f maps into Boolean domain ◮ command C ::= skip | x : = e | C 1 ; C 2 | if b then C 1 else C 2 | while b do C

  10. Semantics of Expression e ◮ state s = function from program variables to value, s : Var → Val

  11. Semantics of Expression e ◮ state s = function from program variables to value, s : Var → Val ◮ program expression e in state s evaluates to value [ | e | ]( s ) ∈ Val

  12. Semantics of Expression e ◮ state s = function from program variables to value, s : Var → Val ◮ program expression e in state s evaluates to value [ | e | ]( s ) ∈ Val ◮ semantics of program expressions e = function from set of states to set of values [ | e | ] : States → Val

  13. Semantics of Expression e ◮ state s = function from program variables to value, s : Var → Val ◮ program expression e in state s evaluates to value [ | e | ]( s ) ∈ Val ◮ semantics of program expressions e = function from set of states to set of values [ | e | ] : States → Val ◮ interpretation of function symbol f in expression f ( e 1 , . . . , e n ) depends on logical first-order model (“+” interpreted over model of unbounded integers or in model for modulo arithmetic?)

  14. Semantics of Boolean Expression b ◮ state s = function from program variables to values, s : Var → Val

  15. Semantics of Boolean Expression b ◮ state s = function from program variables to values, s : Var → Val ◮ Boolean expression b in state s evaluates to Boolean truth value [ | b | ]( s ) ∈ { T , F }

  16. Semantics of Boolean Expression b ◮ state s = function from program variables to values, s : Var → Val ◮ Boolean expression b in state s evaluates to Boolean truth value [ | b | ]( s ) ∈ { T , F } ◮ semantics of Boolean expression b = function from set of states to set of Boolean truth values [ | b | ] : States → { T , F }

  17. Semantics of Boolean Expression b ◮ state s = function from program variables to values, s : Var → Val ◮ Boolean expression b in state s evaluates to Boolean truth value [ | b | ]( s ) ∈ { T , F } ◮ semantics of Boolean expression b = function from set of states to set of Boolean truth values [ | b | ] : States → { T , F } ◮ evaluation of Boolean expression b depends on logical first-order model (“ x ≤ x + 1” true in model of unbounded integers but false in model for modulo arithmetic)

  18. Semantics of Commands C (1) ◮ semantics of command C = functions from set of states to set of states s �→ s ′ [ | C | ] : States → States ,

  19. Semantics of Commands C (1) ◮ semantics of command C = functions from set of states to set of states s �→ s ′ [ | C | ] : States → States , ◮ execution of command C starting in state s ends in state s ′ ( C , s ) � s ′

  20. Semantics of Commands C (1) ◮ semantics of command C = functions from set of states to set of states s �→ s ′ [ | C | ] : States → States , ◮ execution of command C starting in state s ends in state s ′ ( C , s ) � s ′ ◮ execution of update statement = update of function s : Var → Val = e , s ) � s ′ where s ′ ( x ) = [ ( x : | e | ]( s ) and s ′ ( y ) = s ( y ) for x �≡ y

  21. Semantics of Commands C (1) ◮ semantics of command C = functions from set of states to set of states s �→ s ′ [ | C | ] : States → States , ◮ execution of command C starting in state s ends in state s ′ ( C , s ) � s ′ ◮ execution of update statement = update of function s : Var → Val = e , s ) � s ′ where s ′ ( x ) = [ ( x : | e | ]( s ) and s ′ ( y ) = s ( y ) for x �≡ y ◮ execution of update depends on logical first-order model

  22. Semantics of Commands C (2) ◮ execution of sequence of commands C ≡ C 1 ; C 2 = execution of first command C 1 followed by execution of second command C 2 ( C , s ) � s ′′ if ( C 1 , s ) � s ′ and ( C 2 , s ′ ) � s ′′

  23. Semantics of Commands C (2) ◮ execution of sequence of commands C ≡ C 1 ; C 2 = execution of first command C 1 followed by execution of second command C 2 ( C , s ) � s ′′ if ( C 1 , s ) � s ′ and ( C 2 , s ′ ) � s ′′ ◮ execution of command skip does not change state ( skip , s ) � s (“empty sequence of commands”)

  24. Semantics of Commands C (3) ◮ execution of conditional command C ≡ if b then C 1 else C 2 = execution of then-command C 1 if expression b evaluates to true ( C , s ) � s ′ if [ | b | ]( s ) = T and ( C 1 , s ) � s ′

  25. Semantics of Commands C (3) ◮ execution of conditional command C ≡ if b then C 1 else C 2 = execution of then-command C 1 if expression b evaluates to true ( C , s ) � s ′ if [ | b | ]( s ) = T and ( C 1 , s ) � s ′ ◮ execution of conditional command C ≡ if b then C 1 else C 2 = execution of then-command C 2 if expression b evaluates to false ( C , s ) � s ′ if [ ]( s ) = F and ( C 2 , s ) � s ′ | b |

  26. Semantics of Commands C (3) ◮ execution of conditional command C ≡ if b then C 1 else C 2 = execution of then-command C 1 if expression b evaluates to true ( C , s ) � s ′ if [ | b | ]( s ) = T and ( C 1 , s ) � s ′ ◮ execution of conditional command C ≡ if b then C 1 else C 2 = execution of then-command C 2 if expression b evaluates to false ( C , s ) � s ′ if [ ]( s ) = F and ( C 2 , s ) � s ′ | b | ◮ execution of conditional depends on logical first-order model

  27. Semantics of Commands C (4) ◮ execution of while command C ≡ while b do C 0 = execution of body C 0 followed by execution of while command C if expression b evaluates to true ( C , s ) � s ′′ if [ ]( s ) = T and ( C 0 , s ) � s ′ and ( C , s ′ ) � s ′′ | b |

  28. Semantics of Commands C (4) ◮ execution of while command C ≡ while b do C 0 = execution of body C 0 followed by execution of while command C if expression b evaluates to true ( C , s ) � s ′′ if [ ]( s ) = T and ( C 0 , s ) � s ′ and ( C , s ′ ) � s ′′ | b | ◮ execution of while command C ≡ while b do C 0 = execution of skip if expression b evaluates to false ( C , s ) � s if [ | b | ]( s ) = F

  29. Semantics of Commands C (4) ◮ execution of while command C ≡ while b do C 0 = execution of body C 0 followed by execution of while command C if expression b evaluates to true ( C , s ) � s ′′ if [ ]( s ) = T and ( C 0 , s ) � s ′ and ( C , s ′ ) � s ′′ | b | ◮ execution of while command C ≡ while b do C 0 = execution of skip if expression b evaluates to false ( C , s ) � s if [ | b | ]( s ) = F ◮ execution of while loop depends on logical first-order model

  30. Hoare Triple { φ } C { ψ } ◮ { φ } C { ψ } valid in given logical first-order model if

  31. Hoare Triple { φ } C { ψ } ◮ { φ } C { ψ } valid in given logical first-order model if for all states s if [ | φ | ]( s ) = T and

  32. Hoare Triple { φ } C { ψ } ◮ { φ } C { ψ } valid in given logical first-order model if for all states s if [ | φ | ]( s ) = T and if ( C , s ) � s ′ then

  33. Hoare Triple { φ } C { ψ } ◮ { φ } C { ψ } valid in given logical first-order model if for all states s if [ | φ | ]( s ) = T and if ( C , s ) � s ′ then [ | ψ | ]( s ′ ) = T ◮ { φ } C { ψ } valid if valid in every logical first-order model ◮ Γ | = { φ } C { ψ } if { φ } C { ψ } valid in every logical first-order model of set of assertions Γ

  34. Variables in Hoare Triple { φ } C { ψ } ◮ program variables: occur in commands in program C

  35. Variables in Hoare Triple { φ } C { ψ } ◮ program variables: occur in commands in program C may occur ( free ) in φ and ψ ◮ auxiliary variables: occur ( free ) in φ and/or ψ but do not occur in commands in program C

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Hoare logic Lecture 4: A verifier for Hoare logic Jean Pichon-Pharabod University of Cambridge

Hoare logic Lecture 4: A verifier for Hoare logic Jean Pichon-Pharabod University of Cambridge

Hoare logic Lecture 4: A verifier for Hoare logic Jean Pichon-Pharabod University of Cambridge CST Part II 2017/18 Introduction Last time, we saw that that proofs in Hoare logic can involve large amounts of very error-prone bookkeeping

690 views • 48 slides
Hoare Logic and Model Checking Semantics of Hoare Logic Kasper Svendsen University of Cambridge

Hoare Logic and Model Checking Semantics of Hoare Logic Kasper Svendsen University of Cambridge

Hoare Logic and Model Checking Semantics of Hoare Logic Kasper Svendsen University of Cambridge CST Part II 2016/17 Acknowledgement: slides heavily based on previous versions by Mike Gordon and Alan Mycroft Semantics of Hoare Logic

663 views • 10 slides
Hoare logic Lecture 3: Formalising the semantics of Hoare logic In the previous lecture, we

Hoare logic Lecture 3: Formalising the semantics of Hoare logic In the previous lecture, we

Recap Hoare logic Lecture 3: Formalising the semantics of Hoare logic In the previous lecture, we specified and verified some example programs using the syntactic rules of Hoare logic that we introduced in the first lecture. Jean

477 views • 13 slides
Hoare Logic Hoare Logic is used to reason about the correctness of programs. In the end, it

Hoare Logic Hoare Logic is used to reason about the correctness of programs. In the end, it

Hoare Logic Hoare Logic is used to reason about the correctness of programs. In the end, it reduces a program and its specification to a set of verifications conditions. Slides by Wishnu Prasetya URL : www.cs.uu.nl/~wishnu Course URL :

1.4k views • 124 slides
Hoare logic separation logic. We looked at the concepts separation logic is based on, the new

Hoare logic separation logic. We looked at the concepts separation logic is based on, the new

Introduction In the previous lecture, we saw how reasoning about pointers in Hoare logic was problematic, which motivated introducing Hoare logic separation logic. We looked at the concepts separation logic is based on, the new assertions that

396 views • 14 slides
COMP2111 Week 8 Term 1, 2020 Hoare Logic 1 Sir Tony Hoare Pioneer in formal verification

COMP2111 Week 8 Term 1, 2020 Hoare Logic 1 Sir Tony Hoare Pioneer in formal verification

COMP2111 Week 8 Term 1, 2020 Hoare Logic 1 Sir Tony Hoare Pioneer in formal verification Invented: Quicksort, the null reference (called it his billion dollar mistake) CSP (formal specification language), and Hoare Logic 2 Summary L

2k views • 158 slides
COMP2111 Week 8 Term 1, 2020 Hoare Logic 1 Sir Tony Hoare Pioneer in formal verification

COMP2111 Week 8 Term 1, 2020 Hoare Logic 1 Sir Tony Hoare Pioneer in formal verification

COMP2111 Week 8 Term 1, 2020 Hoare Logic 1 Sir Tony Hoare Pioneer in formal verification Invented: Quicksort, the null reference (called it his billion dollar mistake) CSP (formal specification language), and Hoare Logic 2 Summary L

770 views • 59 slides
Probabilistic Relational Hoare Logic Main judgments Hoare Logic c : = : hoare [ c : pre

Probabilistic Relational Hoare Logic Main judgments Hoare Logic c : = : hoare [ c : pre

Probabilistic Relational Hoare Logic Main judgments Hoare Logic c : = : hoare [ c : pre ==> post] Probabilistic Hoare Logic [ c : = ] = (see Lecture 6): bd_hoare [ c : pre ==> post ] = r Probabilistic Relational Hoare

377 views • 23 slides
Hoare Logic Jari Stenman February 10, 2012 Jari Stenman () Hoare Logic February 10, 2012 1 /

Hoare Logic Jari Stenman February 10, 2012 Jari Stenman () Hoare Logic February 10, 2012 1 /

Hoare Logic Jari Stenman February 10, 2012 Jari Stenman () Hoare Logic February 10, 2012 1 / 25 Outline Background 1 Axioms and Rules 2 A note on Weakest Preconditions 3 Jari Stenman () Hoare Logic February 10, 2012 2 / 25 Outline

463 views • 25 slides
Hoare Logic Part II Decorations and Hoare as Logic Thomas Churchman Radboud University Nijmegen

Hoare Logic Part II Decorations and Hoare as Logic Thomas Churchman Radboud University Nijmegen

Recap Decoration Preliminaries Radboud University Nijmegen Decorations Hoare as Logic Hoare Logic Part II Decorations and Hoare as Logic Thomas Churchman Radboud University Nijmegen Type Theory and Coq - 2016 Thomas Churchman Type Theory

289 views • 18 slides
Logic for Computer Science 15 Hoare logic Wouter Swierstra University of Utrecht 1 Last

Logic for Computer Science 15 Hoare logic Wouter Swierstra University of Utrecht 1 Last

Logic for Computer Science 15 Hoare logic Wouter Swierstra University of Utrecht 1 Last time Natural deduction 2 This lecture Semantics of computer programs A logic for reasoning about them 3 Syntax of programming language The BNF

796 views • 78 slides
locales C ONTENT I SAR I S B ASED O N C ONTEXTS Intro & motivation, getting started with

locales C ONTENT I SAR I S B ASED O N C ONTEXTS Intro & motivation, getting started with

L AST T IME Syntax and semantics of IMP Hoare logic rules Soundness of Hoare logic NICTA Advanced Course Verification conditions Slide 1 Theorem Proving Slide 3 Principles, Techniques, Applications Example program proofs

322 views • 8 slides
Lecture 8/9 : Separation Logic Can handle reasoning of imperative programs well. Overview

Lecture 8/9 : Separation Logic Can handle reasoning of imperative programs well. Overview

CS6202: Advanced Topics in Programming Hoare Logic Hoare Logic Languages and Systems Lecture 8/9 : Separation Logic Can handle reasoning of imperative programs well. Overview Notation : {P} code {Q} Assertion Logic {P}

557 views • 19 slides
Hoare Logic for Multiprocessing (Work in progress) Daniel Pellarini joint work with Marina

Hoare Logic for Multiprocessing (Work in progress) Daniel Pellarini joint work with Marina

Varese, September 19-21 2012 Hoare Logic for Multiprocessing (Work in progress) Daniel Pellarini joint work with Marina Lenisa Universit degli studi di Udine, Italy Daniel Pellarini and Marina Lenisa Hoare Logic for Multiprocessing Hoare

507 views • 23 slides
Hoare Logic and Model Checking Model Checking Lecture 10: Computation Tree Logic (CTL) Dominic

Hoare Logic and Model Checking Model Checking Lecture 10: Computation Tree Logic (CTL) Dominic

Hoare Logic and Model Checking Model Checking Lecture 10: Computation Tree Logic (CTL) Dominic Mulligan Based on previous slides by Alan Mycroft and Mike Gordon Programming, Logic, and Semantics Group University of Cambridge Academic year

1.15k views • 48 slides
Hoare Logic: Proving Programs Correct 17-654/17-765 Analysis of Software Artifacts Jonathan

Hoare Logic: Proving Programs Correct 17-654/17-765 Analysis of Software Artifacts Jonathan

Hoare Logic: Proving Programs Correct 17-654/17-765 Analysis of Software Artifacts Jonathan Aldrich Reading: C.A.R. Hoare, An Axiomatic Basis for Computer Programming Some presentation ideas from a lecture by K. Rustan M. Leino Testing and

392 views • 23 slides
Automated Reasoning Petros Papapanagiotou October 4, 2013 1 / 26 Extra Lecture Program

Automated Reasoning Petros Papapanagiotou October 4, 2013 1 / 26 Extra Lecture Program

Automated Reasoning Petros Papapanagiotou October 4, 2013 1 / 26 Extra Lecture Program verification using Hoare Logic 1 Petros Papapanagiotou 1 Partially adapted from Mike Gordons slides on Hoare Logic:

382 views • 27 slides
MiniCPS: A toolkit for security research on CPS Networks D ANIELE A NTONIOLI (SUTD) N ILS O LE T

MiniCPS: A toolkit for security research on CPS Networks D ANIELE A NTONIOLI (SUTD) N ILS O LE T

CPS-SPC 15 @ Denver CO MiniCPS: A toolkit for security research on CPS Networks D ANIELE A NTONIOLI (SUTD) N ILS O LE T IPPENHAUER (SUTD) October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 1 Hi! Personal: D

877 views • 20 slides
Distributed Snapshots 1 Goals of the lecture Consistent State Algo rithm

Distributed Snapshots 1 Goals of the lecture Consistent State Algo rithm

Distributed Snapshots 1 Goals of the lecture Consistent State Algo rithm Co rrectness Stable Prop erties Reference: Chandy and Lamp ort Vija c y K. Ga rg Distributed Systems Sp ring 96

216 views • 17 slides
AoC / Ofsted KIT webinar Richard Beynon, Specialist Advisor, FES, Ofsted David Corke, Policy

AoC / Ofsted KIT webinar Richard Beynon, Specialist Advisor, FES, Ofsted David Corke, Policy

AoC / Ofsted KIT webinar Richard Beynon, Specialist Advisor, FES, Ofsted David Corke, Policy Director, AoC AoC - Ofsted webinar 23 July 2020 Slide 1 AoC Ofsted KIT webinar Todays session will: be the last of a series of KIT

575 views • 9 slides
INF4140 - Models of concurrency Hsten 2015 September 28, 2015 Abstract This is the

INF4140 - Models of concurrency Hsten 2015 September 28, 2015 Abstract This is the

INF4140 - Models of concurrency Hsten 2015 September 28, 2015 Abstract This is the handout version of the slides for the lecture (i.e., its a rendering of the content of the slides in a way that does not waste so much paper when

108 views • 10 slides
Floyd-Hoare Logic for Quantum Programs Mingsheng Ying University of Technology, Sydney and

Floyd-Hoare Logic for Quantum Programs Mingsheng Ying University of Technology, Sydney and

Floyd-Hoare Logic for Quantum Programs Mingsheng Ying University of Technology, Sydney and Tsinghua University Outline Introduction Syntax of Quantum Programs Operational Semantics Denotational Semantics Correctness Formulas Proof System

1.02k views • 79 slides
Floyd-Hoare Logic for Program Verification Julio Mari no Rigorous Software Development E

Floyd-Hoare Logic for Program Verification Julio Mari no Rigorous Software Development E

Floyd-Hoare Logic for Program Verification Julio Mari no Rigorous Software Development E UROPEAN M ASTER IN S OFTWARE E NGINEERING / M ASTER IN S OFTWARE AND S YSTEMS Universidad Polit ecnica de Madrid/IMDEA Software October 2015 Mari

279 views • 17 slides
Program Verification using Hoare logic ThanhVu Nguyen CSCE 467 Adapted from Jonathan Aldrichs

Program Verification using Hoare logic ThanhVu Nguyen CSCE 467 Adapted from Jonathan Aldrichs

Program Verification using Hoare logic ThanhVu Nguyen CSCE 467 Adapted from Jonathan Aldrichs Program Analysis slides November 19, 2019 1 Big-Step Operational Semantics E a n E-Assign E x := a E { x n } E-Skip E

661 views • 26 slides

More recommend