Distributed Computing

Assertions

Prabhaker Mateti

This page is about assertions, without concurrency related issues. slides

Propositions

  1. True and False are propositions.
  2. For other propositions, we often use letters. These are assigned a True or False value in an interpretation.
  3. A formula involves these things and the and (^) or (v) not (~) symbols also.
  4. A well-formed-formula (wff) is defined synatctically.

Predicates

  1. Ex: x > 1 is a predicate.
  2. It has one free variable, x.
  3. In the programming context, think of free variables as globally scoped variables.
  4. Predicates can involve for-all and there-exists quantifiers.

P ==> Q ie P is Stronger than Q

  1. Meaning of P implies Q: Consider a particular assignment A of values for each of the free variables x, y, z of P and Q that make P come out True. A should also make Q True. If this happens for all A then we say P implies Q.
    • Simple example: x > 7 implies x > 1.
    • We say that P is stronger than Q. Alt: Q is weaker than P.
    • In the context of programming, we can refer to this A as a "state".
  2. Let C(Q) be the collection of such assignment of values that make Q come out as True.
    • C(P) is a subset of C(Q)
    • If C(P) = C(Q), P is equivalent to Q.

Floyd-Hoare Triples

{P} S {Q}

is defined as

For all states s that satisfy P, executing S on s, the resulting state s' is such that s' satisfies Q, if and when S terminates.

Note that the above is about partial correctness: It omits termination.

Programming with Assertions

Practical Advice on Writing Assertions by Prabhaker Mateti

Programming With Assertions in Java "Experience has shown that writing assertions while programming is one of the quickest and most effective ways to detect and correct bugs. As an added benefit, assertions serve to document the inner workings of your program, enhancing maintainability. This document shows you how to program with assertions."

GNU Nana "Improved support for assertions and logging in C and C++." Open source.

Programming with Assertions-2

splint.org Splint is a tool for compile-time checking C of programs beyond what typical compilers do on the same source code. If additional assertions are added, Splint can perform even stronger checking. Open source.

frama-c.com Frama-C is a suite of tools using assertions to mathematically analyse C code. Open source.

Exercises

  1. Study the Mine Sweepers game. Write down in English prose the numerical relations ships of the displayed numbers of bombs in neighbors, etc. Now, redo using PL boolean expressions.
  2. Develop assertions for classic sorting algorithms, e.g., bubble sort.
  3. See the Exercises in Andrews.
  4. Does the precondition and statement {x  ≥ 4 } < x := x - 4 > interfere with the triple
    {x is odd} < x := x + 5 > {x is even}.
  5. Using the technique of weakened assertions, prove that {x = 1} S {x = 7} is a theorem, where S is  co < x := x+1> || < x := x+2> || < x := x+3> oc

References

  1. Gregory R. Andrews, Concurrent Programming: Principles and Practice, Benjamin/Cummings, 1991. Chapters 1 and 2: Required Reading.
  2. Mark Batty, Scott Owens, Susmit Sarkar, Peter Sewell, and Tjark Weber, Mathematizing C++ Concurrency, POPL 2011. Recommended Reading.
Copyright © 2020 pmateti@wright.edu