1 / 17

Specification of Iterators

This document outlines a full behavioral specification for iterators, supporting modular verification of client code. It emphasizes easy-to-understand design and implementation efficiency, utilizing existing model-based techniques. The client code provided illustrates the iteration process for a set of polygons.

sdonahue
Download Presentation

Specification of Iterators

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Specification of Iterators Bruce W. Weide Reusable Software Research Group The Ohio State University http://www.cse.ohio-state.edu/rsrg

  2. Important Assumptions • Ultimate objective is full behavioral specification, with support for modular verification of client code • Language has value semantics

  3. Claims • Full behavioral specification achieved • Only previously existing, and ordinary, model-based specification techniques needed • Design and specs easy to understand • Implementation can be as efficient as for any other iterator design • Modular verification of client code possible

  4. Client Code for Iteration Start_Iterator (i, s, p) loop /* loop invariant; see paper */ while Length_Of_Future (i) > 0 do Get_Next_Item (i, p) /* process p, with no net change */ end loop Finish_Iterator (i, s, p) an Iterator for a Set of Polygons a Set of Polygons a Polygon

  5. past: future: original: s i p past: future: original: Start_Iterator (i, s, p)

  6. past: future: original: s i p past: future: original: Get_Next_Item (i, p)

  7. past: future: original: s i p past: future: original: Get_Next_Item (i, p)

  8. past: future: original: s i p past: future: original: Get_Next_Item (i, p)

  9. past: future: original: s i p past: future: original: Get_Next_Item (i, p)

  10. past: future: original: s i p past: future: original: Finish_Iterator (i, s, p)

  11. Specification of Iterators Bruce W. Weide Reusable Software Research Group The Ohio State University http://www.cse.ohio-state.edu/rsrg

  12. Client Code: Differences Start_Iterator (i, s, x) loop /* loop invariant; see paper */ while Length_Of_Future (i) > 0 do Get_Next_Item (i, x) /* process x, with no net change; modify s if you like! */ end loop Finish_Iterator (i, s, x)

  13. Specification Details type family Set_Iterator is modeled by ( past: string of Item, future: string of Item, original: finite set of Item ) exemplar i initialization ensures i = (< >, <>, { })

  14. Specification Details operation Start_Iterator (i: Set_Iterator, s: Set, x: Item) ensures there exists f: string of Item (elements (f) = #s and |f| = |#s| and i = (<x>, f, #s)) and s = { } and x = #x

  15. Specification Details operation Finish_Iterator ( i: Set_Iterator, s: Set, x: Item) requires <x> is suffix of i.past ensures is_initial (i) and s = #i.original and <x> is prefix of #i.past

  16. Specification Details operation Get_Next_Item (i: Set_Iterator, x: Item) requires i.future /= < > and <x> is suffix of i.past ensures there exists f: string of Item (#i.future = <x> * f and i = (#i.past * <x>, f, #i.original))

  17. Specification Details operation Length_Of_Future ( i: Set_Iterator): Integer ensures Length_Of_Future = |i.future|

More Related