1 / 19

Checking correctness properties of object-oriented programs

Checking correctness properties of object-oriented programs. K. Rustan M. Leino Microsoft Research, Redmond, WA. Lecture 1 EEF summer school on Specification, Refinement, and Verification 20 Aug 2002, Turku, Finland. Exercise. Implement a union-find class in Java and check it with ESC/Java.

arleen
Download Presentation

Checking correctness properties of object-oriented programs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Checking correctness properties of object-oriented programs K. Rustan M. LeinoMicrosoft Research, Redmond, WA Lecture 1EEF summer school on Specification, Refinement, and Verification20 Aug 2002, Turku, Finland

  2. Exercise • Implement a union-find class in Java and check it with ESC/Java class UnionFind { // creates a union-find data structure with “size” elements, // each in a separate equivalence classpublic UnionFind(int size) { … } // returns the representative for the equivalence class containing “c”publicint find(int c) { … } // merges the equivalence classes containing elements “c” and “d”publicvoid union(int c, int d) { … } }

  3. Commands • A command may: • terminate normally • go wrong (crash the computer) • diverge (fail to terminate, infinite recursion) • block (fail to start, also called “miraculous termination”)

  4. Exercise • Define specification statement where postcondition mentions x,x’ instead of x0,x • Example: x:[true, x<x’ ]

  5. Exercise • Definewhile {invJ } B dow : Sendwhere w is the list of targets in Sin terms of the commands seen so far.

  6. Answer:

  7. References • Edsger W. Dijkstra. A Discipline of Programming. Prentice Hall, 1976. • Greg Nelson. “A Generalization of Dijkstra's Calculus”. TOPLAS 11(4), pp. 517-561, ACM, 1989. • Ralph-Johan Back and Joakim von Wright. Refinement Calculus: A Systematic Introduction. Graduate Texts in Computer Science, Springer-Verlag, 1998. • C.A.R. Hoare. “An axiomatic basis for computer programming”. CACM 12(10), pp. 576-580,583, Oct. 1969. • Carroll Morgan. “The specification statement”. TOPLAS 10(3), pp. 403-419, ACM, Jul. 1988. • John McCarthy and James Painter. “Correctness of a compiler for arithmetic expressions”. In J.-T. Schwartz, ed., Proceedings of Symposia in Applied Mathematics, American Mathematical Society, 1967.

  8. References • O.-J. Dahl, E.W. Dijkstra, and C.A.R. Hoare. Structured Programming. Academic Press, 1972. • C.A.R. Hoare and Niklaus Wirth. “An axiomatic definition of the programming language PASCAL”. In Acta Informatica 2, Springer, 1973. • G. Birkhoff. Lattice Theory. Volume 25 of Colloquium Publications 25. American Mathematical Society, 1967. • David L. Parnas. “A Technique for Software Module Specification with Examples”. CACM 15(5), pp. 330-336, ACM, May 1972. • K. Rustan M. Leino, James B. Saxe, and Raymie Stata. “Checking Java programs via guarded commands”. In Bart Jacobs, et al., eds., Formal Techniques for Java Programs, Technical Report 251, FernUniversität Hagen, May 1999.

More Related