Weak Arithmetic Completeness of Object-Oriented First-Order Assertion Networks 1 28-01-2013 Stijn de...
-
Upload
jocelin-rodgers -
Category
Documents
-
view
213 -
download
1
Transcript of Weak Arithmetic Completeness of Object-Oriented First-Order Assertion Networks 1 28-01-2013 Stijn de...
Weak Arithmetic Completeness of Object-Oriented
First-Order Assertion Networks
1
28-01-2013
Stijn de Gouw, Frank S. de Boer, Richard Bubel, Wolfgang Ahrendt
Completeness: Hoare Logic
Example Hoare triple: {x=0} x := x+3 {x>0}
Completeness
if S |= {p} Stmt {q}
then {p} Stmt {q} is provable
1.Proof system (rules + axioms) for statements
2.Proof system (rules + axioms) for assertions
3.Expressiveness: strongest postcondition (in the example: x=3)
2
Existing Results
Harel: completeness for arithmetical structures (incl. finite ADTs)
Assertion language: first-order, addition and multiplication
Tucker & Zucker: completeness for arbitrary structures
Assertion language: (weak) second-order
Apt: decidable assertions suffice, but only with auxiliary variables
2
Our result
3
z.val := 2
Arrays as Objects
4
Semantics: many-sorted structure
S = (N, D1, …, Dn, I) where I(op) is a function/relation and op is a function/relation symbol
Proof sketch of our result
• Uniform instrumentation with auxiliary variables• For each computation step, record if and how the state changes
Example: field assignment e.x := e’. Add array variables• pc[i] = j if line j was executed in i-th computation step• x’’[i]=true if in the i-th step, the field x of some object was changed• x’[i]= <o,v> if in the i-th step, the value v was assigned to field x of object o
j: pc[|pc|] := j; x’[|pc] := <e, e’>; e.x := e’; x’’[|pc|] := true; |pc| := |pc| + 1
Instrumentation allows ‘recovering’ computation in an assertion,
and consequently can define ‘reachable states’
5
Conclusion
• Express heap properties with auxiliary variables, only Presburger needed (decidable)
• Uniform instrumentation, but ‘heavy’:can do better in special cases (example)
• KeY Java theorem prover available, reasoning of object creation at abstraction level of prog language: http://keyaoc.hats-project.eu
6