C. A. R. Hoare. Procedures and parameters: An axiomatic approach. In Symposium on the Semantics of Algorithmic Languages, pages 102--116, 1971.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....22 This section reviews some detailed issues which remain to be nally resolved; the next major step in the history is related in Section 3. Program Veri cation ideas at least in the narrow sense of this section have made the transition from research papers, via post graduate textbooks 20 [Hoa71a, CH72, ACH76, dR74, dR76a, Apt81] 21 It has often been argued that this goal was over ambitious. In Hoare s presentation at the April 1969 meeting of IFIP Working Group W.G. 2.2 in Vienna, he responded to the challenge that it had taken millennia of arithmetic before Peano s axioms were ....

C. A. R. Hoare. Procedures and parameters: An axiomatic approach. In E. Engeler, editor, [Eng71], pages 102-116. 1971.

....these in a particular fashion. However, this generality seems to cause a problem with the semantic soundness of the Contract rule. 5.2.2. Program logic The fixpoint rule in its term form (see Rule Fix in Figure 6) is well known as a reasoning principle for proving partial correctness [Hoa70] and, in suitably adapted form, total correctness [Sok77, Nie85] of recursive procedures. In a denotational setting the fixpoint rule corresponds to the principle of Scott induction and is valid for so called inclusive (also called admissible) relations, which can be thought of as the semantic ....

C.A.R. Hoare. Procedures and parameters: An axiomatic approach. In Erwin Engeler, editor, Symposium on Semantics of Algorithmic Languages, volume 188 of Lecture Notes in Mathematics (LNM), pages 102--116. Springer-Verlag, October 1970.

....holds: If f pre g S f post g and (pre 0 ; post 0 ) pre; post) then the proof of f pre g S f post g can be completed to a proof of f pre 0 g S f post 0 g . This is in contrast with standard completeness, which simply says there exists a proof of f pre 0 g S f post 0 g . Hoare [10] formulated a rule of adaptation that includes an attractive idea. Rather than simply asking for a condition that ensures (pre 0 ; post 0 ) pre; post) in (2) the rule should suggest a choice of pre 0 for which (pre 0 ; post 0 ) pre; post) holds, given a desired postcondition ....

....for completeness and for example developments. There is not much point in comparing our results with past proposals that are unsound or not sharp. We mention only that Th1 appears, again as a rule for procedures with parameters, in [8] and it di ers only a little from Hoare s original proposal [10]. But there is one other recent proposal of interest: 4] changes the inner quanti er in Th2 to obtain the following. 5 Apparently K was devised independently from [5] indeed [11] has no citations on adaptation rules after 1990. 14 B : 9 a a pre x) 8 y ( 9 a a pre x a post y) ....

C. A. R. Hoare. Procedures and parameters: An axiomatic approach. In E. Engeler, editor, Symposium on Semantics of Algorithmic Languages. Springer-Verlag, 1971.

....Adaptation Rules David A. Naumann Stevens Institute of Technology, Hoboken, NJ 07030 USA 0 Introduction For reasoning about total correctness of while programs, the rules proposed by Hoare [10] have stood the test of time. But for procedure calls, a number of di erent rules have appeared (e. g, [11,9,2,1,5,12]) There appears to be no consensus on the right rule, and some proposals even turn out to be unsound. The results reported in this note were found in an attempt to derive an adaptation rule rather than pulling it from a magician s hat using tools from re nement calculus. This sheds new light ....

....nor instantiation license that conclusion; however, using two instantiations f 1 r 0 g S f x = 1 x = 0 g and f 0 r 1 g S f x = 0 x = 1 g, a rule of conjunction [2] does yield f r = 0 g S f x = 0 g. But such proofs are unattractive for program construction. Hoare s rule of adaptation [11] is in harmony with the constructive approach based on weakest preconditions pioneered by Dijkstra. The rule gives a precondition valid with respect to a desired postcondition and the given speci cation. To reconcile the apparent need for extra rules with the completeness result mentioned above, ....

C. A. R. Hoare. Procedures and parameters: An axiomatic approach. In E. Engeler, editor, Symposium on Semantics of Algorithmic Languages. Springer-Verlag, 1971.

....proofs can be carried out without additional privacy information. In those cases where this is not possible, we use an adaptation rule to make the specification sufficiently strong. The need for adaptation rules is well known from all kinds of proof calculi for computer programs (see for instance [Hoa71, LGH 78, GL80, St91, SDW96] By using adaptation rules in this sense we are able to keep the specifications simple and at the same time obtain full proof power when this is required. This paper does not consider reasoning in the form of refinement or program verification. However, reasoning ....

C. A. R Hoare. Procedures and parameters: An axiomatic approach. In Proc. Symposium on Semantics on Algorithmic Languages, LNCS 188, pages 102--116, 1971.

....cause a problem with the semantic soundness of the Contract rule. M.Brandt and F.Henglein Coinductive Axiomatization of Recursive Type 25 5.2.2. Program logic The fixpoint rule in its term form (see Rule Fix in Figure 6) is well known as a reasoning principle for proving partial correctness [Hoa70] and, in suitably adapted form, total correctness [Sok77, Nie85] of recursive procedures. In a denotational setting the fixpoint rule corresponds to the principle of Scott induction and is valid for so called inclusive (also called admissible) relations, which can be thought of as the semantic ....

C.A.R. Hoare. Procedures and parameters: An axiomatic approach. In Erwin Engeler, editor, Symposium on Semantics of Algorithmic Languages, volume 188 of Lecture Notes in Mathematics (LNM), pages 102--116. Springer-Verlag, October 1970.

....1 ; q , and particular proposals for the adapted precondition p. Ideally, the rule should be left maximal [7] i.e. the precondition p should be the weakest possible satisfying j= Hoare fpg S fqg in the light of j= Hoare fp 1 g s fq 1 g. Catering for auxiliary variables at the meta level, Hoare [13] has proposed p , oe: Sigma Delta 9z 1 Delta p 1 (oe) 8 : Sigma Delta q 1 ( q( 25) where z 1 is a list of all (auxiliary) variables free in p 1 , q 1 , but not in q . However, while adding Hoare s rule of adaptation leads to a complete veri cation calculus, Morris [17] and ....

C.A.R. Hoare. Procedures and parameters: An axiomatic approach. In E. Engeler, editor, Symposium on Semantics of Algorithmic Languages, volume 188 of Lecture Notes in Mathematics, pages 102116. Springer, 1971. Also in [14].

....the inductive hypothesis is used for a smaller instance than the one being proved. The proof method itself takes care of the condition. Such implicit application of induction may also be found in a variety of program verification methods such as Hoare logic (especially, the treatment of recursion [Hoa71]) and fixed point induction [Man74, Sco76] We make these ideas precise by the following inference procedure. We formulate it in terms of judgments of the form H C where C is a set of inductive theorems and H is the set of inductive hypotheses which may be assumed in the proof of C. Axiom H ....

C. A. R. Hoare. Procedures and parameters: An axiomatic approach. In E. Engeler, editor, Symp. Semantics of Algorithmic Languages, volume 188 of (Lect. Notes in Math.), pages 102--116. Springer-Verlag, 1971. (Lect. Notes in Math. Vo. 188).

.... a vast amount of literature on the subject of formally verifying the correctness of programs, mainly based on so called Hoare logic suggested by Hoare in 1969 [14] This approach has been extended in several ways to cover special programming language constructs, e.g. pointers [2] procedure calls [15,17,3], recursive procedures [13] and gotos [5] One of the newer and quite successful approaches to formal software verification is the Ada subset called SPARK [4] SPARK is a subset of Ada 83 that is extended by annotations. The restrictions to the Ada language are partly introduced to ensure ....

C. A. R. Hoare. Procedures and parameters: An axiomatic approach. In E. Engeler, editor, Sumposium on Semantics of Algorithmic Languages, Lecture Notes in Computer Science, pages 102--116. Springer-Verlag, 1971.

....Such descriptions specify precise set theoretic interpretations of parameter passing but do not provide an intuitive and simple set of equations nor other axiomatic theories. Finally, a number of researchers have studied parameter passing in the context of Hoare like axiomatic semantics [14, 12, 6]. These systems are generally for first order subsets of Pascal and have a number of restrictions on procedure calls, such as aliasing. Cartwright and Oppen [2] overcome the aliasing restriction, but still do not allow procedures as arguments. Olderog [19] eliminates the restrictions on ....

Hoare, C.A.R. Procedures and parameters: An axiomatic approach. In Symposium on Semantics of Algorithmic Languages, E. Engeler (Ed.). Lecture Notes in Mathematics 188. Springer-Verlag, Berlin, 1971, 102--116.

.... detrimental impact on ease of reading and reasoning about programs (e.g. Hoare, 1974b; Reynolds, 1978) The well known dishevelment caused by variable aliasing when different identifiers name the same storage variable in Hoare style proof systems for reasoning about assignment and procedures (Hoare, 1971) is a kind of theoretical symptom of the problems brought on by interference. There are related, and perhaps even more vivid, problems in the presence of concurrency, where uncontrolled interference can be a serious obstacle to program predictability. As a result, a number of authors (e.g. Hoare ....

....in the close relationship between categorical structure and syntactic constraints) Controlling interference is an old problem in programming languages. It dates as far back as Fortran and Concurrent Pascal, with their anti aliasing restrictions (Brinch Hansen, 1973; ANSI, 1978; see also Hoare, 1971), and plays an important role in such languages as Euclid, Turing and occam (Cordy, 1984; Popek et al. 1977; Holt et al. 1987; INMOS, 1988) We will not attempt to survey here the growing body of recent work on interference control and related topics. The reader is referred to the papers by ....

Hoare, C. A. R. (1971) Procedures and parameters: an axiomatic approach. In Symposium on Semantics of Algorithmic Languages, E. Engeler ed., Lecture Notes in Mathematics 188, Springer Verlag, 102--116.

....saying how they are to be achieved. In a sequential program, the states between a procedure call and its return cannot be observed in the calling environment. Thus we can specify a procedure by giving a predicate relating just the state when the procedure is called and the state when it returns [Hoare 71] Similarly, an atomic action in a concurrent program has no visible internal structure; its observable effects can also be specified by a predicate on just two states. Our method is based on the observation that any behavior of a concurrent system can be described as the execution of a sequence ....

C. A. R. Hoare, "Procedures and Parameters: An Axiomatic Approach," Symposium on Semantics of Algorithmic Languages, Springer-Verlag, 102--116.

....specification and a trace based specification. Specification adaptation does not only arise when stepping from sequential to concurrent programming. It also arises within a top down development of some (sequential or concurrent) system S when one would like to reuse some available component C [H71] Then C s specification may not immediately fit the required 1 The collaboration of the authors has been partially supported by the European Community ESPRIT Basic Research Action Project 6021 (REACT) 2 Twente University, P.O. Box 217, 7500 AE Enschede, The Netherlands, zwiers cs.utwente.nl ....

Hoare, C.A.R., Procedures and parameters: An axiomatic approach, LNM,1971.

....procedure body i.e. Hoare fpg S 0 fqg Hoare fpg call fqg : 17 This rule would however lead to infinite derivations when S 0 calls itself. Induction comes to the rescue. Let us first omit the issue of termination. We may simply assume Hoare fpg call fqg to conclude Hoare fpg S 0 fqg [Hoa71] i.e. fpg call fqg Hoare fpg S 0 fqg Hoare fpg call fqg : This rule introduces a fundamental change in deriving correctness formulae. Derivations are now to be considered with respect to a context. Instead of a Hilbert style calculus, Hoare Logic now amounts to a Gentzen style sequent ....

....of the MGF. Machine checked proofs are documented in the author s thesis [Kle98a] 6. 5 Rules of Adaptation Among the additional rules to add in order to retain completeness for imperative programs dealing with recursive procedures, a rule of adaptation has been considered by various authors [Hoa71, Mor, LGH 78, GL80] In general, rules of adaptation are of the form G Hoare fp 1 g S fq 1 g G Hoare fpg S fqg for arbitrary assertions p 1 ; q 1 ; q, and particular proposals for the adapted precondition p. Ideally, the rule should be left maximal [Dah92] i.e. provided the ....

C. A. R. Hoare. Procedures and parameters: An axiomatic approach. In E. Engeler, editor, Symposium on Semantics of Algorithmic Languages, volume 188 of Lecture Notes in Mathematics, pages 102--116. Springer-Verlag, 1971. Also in [HJ89].

No context found.

C. A. R. Hoare. Procedures and parameters: An axiomatic approach. In Symposium on the Semantics of Algorithmic Languages, pages 102--116, 1971.

No context found.

C. A. R. Hoare. Procedures and parameters: An axiomatic approach. In Erwin Lecture Notes in Mathematics, pages 102-116. Springer-Verlag, Berlin, 1971.

No context found.

C. A. R. Hoare. Procedures and parameters: An axiomatic approach. In Erwin Lecture Notes in Mathematics, pages 102-116. Springer-Verlag, Berlin, 1971.

No context found.

C. A. R. Hoare. Procedures and parameters: An axiomatic approach. In E. Engler, editor, Symposium on the Semantics of Algebraic Languages, pages 102--116. Springer, 1971. Lecture Notes in Math. 188.

No context found.

Hoare, C. A. R. (1971). Procedures and parameters: An axiomatic approach. In E. Engeler (Ed.), Symposium on Semantics of Algorithmic Languages, Volume 188 of Lecture Notes in Mathematics, pp. 102--116. Berlin: Springer-Verlag.

No context found.

C. A. R. Hoare, "Procedures and Parameters, An Axiomatic Approach, " Symposium on the Semantics of Algorithmic Languages, Springer-Verlag, New York, 1971, pp. 102-116.

No context found.

Hoare, C.: Procedures and parameters:an axiomatic approach. In Engeler, E., ed.: Symp. on Semantics of Algorithmic Languages. Volume 188 of Lecture Notes in Mathematics. (1971) 102--116

No context found.

C. A. R. Hoare. Procedures and parameters: An axiomatic approach. In E. Engeler, editor, [Eng71], pages 102--116. 1971.

No context found.

C. A. R. Hoare. Procedures and parameters: an axiomatic approach. In E. Engeler, editor, , volume 188 of , Berlin, 1971. Springer-Verlag.

No context found.

C. A. R. Hoare. Procedures and parameters: An axiomatic approach. In E. Engeler, editor, Symposium on Semantics of Algorithmic Languages, volume 188 of Lecture Notes in Mathematics, pages 102--116. Springer-Verlag, 1971.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC