180 likes | 250 Views
CSC 4504 : Langages formels et applications (La méthode Event-B) J Paul Gibson, A207 paul.gibson@it-sudparis.eu http://www-public. it-sudparis.eu /~gibson/Teaching/Event-B/. PurseCode http://www-public.it-sudparis.eu/~gibson/Teaching/Event-B/PurseCode.pdf.
E N D
CSC 4504 : Langages formels et applications (La méthode Event-B) J Paul Gibson, A207 paul.gibson@it-sudparis.eu http://www-public.it-sudparis.eu/~gibson/Teaching/Event-B/ PurseCode http://www-public.it-sudparis.eu/~gibson/Teaching/Event-B/PurseCode.pdf T&MSP-CSC 4504 : Langages formels et applications
Java implementation of Purse requirements public class Purse { int numberCoinTypes; int [] CoinTypes; int [] Coins; …. } Why do we say that the Java code is less formal than the Event-B model? Do you think the code is correct? (Available on web – Purse.java) T&MSP-CSC 4504 : Langages formels et applications
Java implementation of Purse requirements Purse (int nct, int largest, int maxnumber){ System.out.print("Constructing Random Purse with "+nct+" coin types, largest possible coin value "+largest); System.out.println(", and \n(initially) no more than "+maxnumber+ " coins of same type in the purse" ); numberCoinTypes = nct; CoinTypes = new int [nct]; Coins = new int [nct]; for (int i=0; i<numberCoinTypes; i++) Coins[i] =(int) (Math.random()*maxnumber+1); for (int i=0; i<numberCoinTypes; i++) { int temp = 0; do { temp = (int) (Math.random()*largest+1); } while ((isCoin(temp))); CoinTypes [i] = temp; } } //Purse constructor T&MSP-CSC 4504 : Langages formels et applications
Java implementation of Purse requirements public int howManyCoins(int c){ for (int i=0; i<numberCoinTypes; i++) if (c == CoinTypes [i]) return Coins[i]; return 0; } public void addCoin (int c){ for (int i=0; i<numberCoinTypes; i++) if (CoinTypes[i] == c) Coins[i]++; } public void removeCoin (int c){ for (int i=0; i<numberCoinTypes; i++) if (CoinTypes[i] == c && Coins[i]>0) Coins[i]--; } T&MSP-CSC 4504 : Langages formels et applications
Java implementation of Purse requirements // add a random coin public void addCoin (){ Coins[ (int) (Math.random()* numberCoinTypes)]++; } // randomly remove a coin public void removeCoin (){ if (total()==0) return; int temp = (int) (Math.random()* numberCoinTypes); if (Coins[temp] >0) Coins[temp]--; else removeCoin(); } T&MSP-CSC 4504 : Langages formels et applications
Java implementation of Purse requirements // add a random coin public void addCoin (){ Coins[ (int) (Math.random()* numberCoinTypes)]++; } // randomly remove a coin public void removeCoin (){ if (total()==0) return; int temp = (int) (Math.random()* numberCoinTypes); if (Coins[temp] >0) Coins[temp]--; else removeCoin(); } T&MSP-CSC 4504 : Langages formels et applications
Java implementation of Purse requirements // NOT USED IN PORGRAM BUT TIES INTO SPECIFICATION public boolean hasSubPurse(Purse p2){ for (int i=0; i<numberCoinTypes; i++){ if (Coins[i]< p2.howManyCoins(Coins[i]) ) return false; } return true; } T&MSP-CSC 4504 : Langages formels et applications
Java implementation of Purse requirements public boolean paySum(int sum, Purse p){ if (sum>total()) return false; if (isCoin(sum) && howManyCoins(sum) >0 ){ p.removeCoin(sum); System.out.print(" "+ sum ); return true;} else { for (int i = 0; i<numberCoinTypes; i++){ if (howManyCoins(CoinTypes[i]) >0){ p.removeCoin(CoinTypes[i]); if ( sum-CoinTypes[i]>0 && p.paySum(sum-CoinTypes[i], p)){ System.out.print(" "+ CoinTypes[i]); return true;} else p.addCoin(CoinTypes[i]); } } return false; } } T&MSP-CSC 4504 : Langages formels et applications
Java implementation of Purse requirements public int total(){ int t =0; for (int i=0; i<numberCoinTypes; i++) t = t+ CoinTypes[i]* Coins[i]; return t; } public boolean isCoin(int c){ for (int i=0; i<numberCoinTypes; i++) if (CoinTypes[i] == c) return true; return false; } T&MSP-CSC 4504 : Langages formels et applications
Java implementation of Purse requirements public String toString (){ String result =""; for (int i=0; i<numberCoinTypes; i++) result = result + CoinTypes[i]+"->"+ Coins[i]+ " "; result =result+":: Total = "+ total(); return result; } T&MSP-CSC 4504 : Langages formels et applications
Java implementation of Purse requirements public static void main(String[] args) { System.out.println("Test Purse Class"); Purse p = new Purse (4, 20, 3); System.out.println(p); int s = (int) (Math.random()*50)+1; System.out.println("\nTrying to pay "+ s); if (p.paySum(s, p)) System.out.println("\nPaid sum required\n"); else System.out.println("\nCan't pay sum required\n"); System.out.println(p); } T&MSP-CSC 4504 : Langages formels et applications
Java implementation of Purse requirements Execution 1: Test Purse Class Constructing Random Purse with 4 coin types, largest possible coin value 20, and (initially) no more than 3 coins of same type in the purse 20->1 7->3 8->2 9->2 :: Total = 75 Trying to pay 4 Can't pay sum required 20->1 7->3 8->2 9->2 :: Total = 75 T&MSP-CSC 4504 : Langages formels et applications
Java implementation of Purse requirements Execution 2: Test Purse Class Constructing Random Purse with 4 coin types, largest possible coin value 20, and (initially) no more than 3 coins of same type in the purse 18->1 15->3 6->2 13->2 :: Total = 101 Trying to pay 50 13 13 6 18 Paid sum required 18->0 15->3 6->1 13->0 :: Total = 51 T&MSP-CSC 4504 : Langages formels et applications
Java implementation of Purse requirements Execution 3: Test Purse Class Constructing Random Purse with 4 coin types, largest possible coin value 20, and (initially) no more than 3 coins of same type in the purse 19->1 5->3 18->2 11->3 :: Total = 103 Trying to pay 10 5 5 Paid sum required 19->1 5->1 18->2 11->3 :: Total = 93 T&MSP-CSC 4504 : Langages formels et applications
How easy is it to verify the Java Code? Question: does Java code help you better understand the requirements? Question: can it help you to write the requirements in Event-B? Challenge: try to hide a bug in code (in a 2nd version). Also make changes to code (in a 3rd version) that dont add a bug. Ask a colleague to say which version is bugged. HINT: To make it harde make sure that both new versions pass my simple test code. T&MSP-CSC 4504 : Langages formels et applications
Purse specification in Event-B Purse_ctx0 : all proof obligations discharged TO DO: Add theorems to validate add and remove functions T&MSP-CSC 4504 : Langages formels et applications
Purse specification in Event-B Purse_ctx1 : not all proof obligations discharged TO DO: Try to prove the unproved theorems (2,3 and 4) T&MSP-CSC 4504 : Langages formels et applications
Purse specification in Event-B Purse_mch0 : all proof obligations discharged TO DO: Think about how one could specify the pay_sum event by stating what is required rather than how to do it T&MSP-CSC 4504 : Langages formels et applications