Lecture 6: Hoare logic

First-order logic; a simple imperative language; Hoare triples. Rules for derivation; validity with respect to an operational semantics; soundness and completeness. Applications in program specification and verification; tools for formal verification; Design by Contract™ and lightweight verification.

Some questions I posed: why is the skip statement useful? Why might an axiomatic semantics not be enough? I also discussed what the soundness and completeness properties mean.

I didn’t show example use of the rules: a fun pen and paper exercise is to try to prove some of the example triples given using the Hoare rules and logic. This may be more intricate than you expect!

References:

C. A. R. Hoare. An axiomatic basis for computer programming. Communications of the ACM 12(10):576–580, 1969. DOI 10.1145/363235.363259
Hoare’s original article setting out the use of triples. Note that this uses the notation P{C}Q with braces around the command rather than the assertions.
Hoare and Jones (editor), Essays in Computing Science. ACM Classic Books Series. Originally published by Prentice Hall, 1989.
A collection of articles by Hoare. Proving programs correct is addressed in most chapters, but particularly 4 and 5. Both the article and the book should be directly available from machines within the University. For access from outside you can use a proxy provided by the University Library:

Eiffel Software. Building bug-free O-O software: An introduction to Design by Contract™. Available from http://archive.eiffel.com.
Design methodologies often attract heated discussion of their effectiveness. For example, would design by contract have averted the Ariane disaster? Look at the following two articles:

Glynn Winskel. The Formal Semantics of Programming Languages: An Introduction. MIT Press, 1993.
Textbook introduction to the subject. Chapter 6 presents axiomatic semantics and Hoare logic. Good if you want to find out about more about language semantics and verification.
Tobias Nipkow. Hoare Logics for Recursive Procedures and Unbounded Nondeterminism. In Computer Science Logic: Proceedings of CSL 2002. Lecture Notes in Computer Science 2471, pages 103–119. Springer, 2002. DOI: 10.1007/3-540-45793-3_8
Technical article describing a machine-checked proof that Hoare logic is sound and complete. Section 3 gives some history of the “consequence” rule. Again, the article is available directly from within the University, or through a library proxy from outside:

Keats, Ode to a Grecian Urn. In The Oxford Book of English Verse, 1250–1900, 625. Quiller-Couch (ed.) Oxford: Clarendon Press, 1919. Available online at Bartleby.com.

Beauty is truth, truth beauty — that is all
Ye know on earth, and all ye need to know

Keats praising the virtue of “Mysteries, doubts without any irritable reaching after fact & reason”. Not a fan of formal semantics, we guess.

Comments are closed.