queens on a chessboard
play

Queens on a Chessboard an exercise in program verification - PowerPoint PPT Presentation

Dec 29, 2023 •205 likes •569 views

Queens on a Chessboard an exercise in program verification Jean-Christophe Filli atre Krakatoa/Caduceus working group December 15th, 2006 Jean-Christophe Filli atre Queens on a Chessboard Krakatoa/Caduceus WG Introduction challenge for

  1. Queens on a Chessboard an exercise in program verification Jean-Christophe Filliˆ atre Krakatoa/Caduceus working group December 15th, 2006 Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  2. Introduction challenge for the verified program of the month : t(a,b,c){int d=0,e=a&~b&~c,f=1;if(a)for(f=0;d=(e-=d)&-e;f+=t(a-d,(b+d)*2,( c+d)/2));return f;}main(q){scanf("%d",&q);printf("%d\n",t(~(~0<<q),0,0));} appears on a web page collecting C signature programs due to Marcel van Kervinck, author of MSCP (Marcel’s Simple Chess Program) Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  3. Introduction challenge for the verified program of the month : t(a,b,c){int d=0,e=a&~b&~c,f=1;if(a)for(f=0;d=(e-=d)&-e;f+=t(a-d,(b+d)*2,( c+d)/2));return f;}main(q){scanf("%d",&q);printf("%d\n",t(~(~0<<q),0,0));} appears on a web page collecting C signature programs due to Marcel van Kervinck, author of MSCP (Marcel’s Simple Chess Program) Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  4. Unobfuscating... int t(int a, int b, int c) { int d=0, e=a&~b&~c, f=1; if (a) for (f=0; d=(e-=d)&-e;) f+=t(a-d,(b+d)*2,(c+d)/2); return f; } int main(int q) { scanf("%d",&q); printf("%d \ n",t(~(~0 << q),0,0)); } Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  5. Unobfuscating... int t(int a, int b, int c) { int d=0, e=a&~b&~c, f=1; if (a) for (f=0; d=(e-=d)&-e;) f+=t(a-d,(b+d)*2,(c+d)/2); return f; } int f(int n) { return t(~(~0 << n), 0, 0); } we end up with a mysterious function f : N → N Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  6. Queens on a chessboard given a number n smaller than 32, f ( n ) is the number of ways to put n queens on n × n chessboard so that they cannot beat each other let us prove that this program is correct , that is: it does not crash it terminates it computes the right number Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  7. Queens on a chessboard given a number n smaller than 32, f ( n ) is the number of ways to put n queens on n × n chessboard so that they cannot beat each other let us prove that this program is correct , that is: it does not crash it terminates it computes the right number Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  8. Why is it challenging? in two lines of code we have C idiomatic bitwise operations loops & recursion, involved in a backtracking algorithm highly efficient code Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  9. How does it work? backtracking algorithm (no better way to solve the N queens) integers used as sets (bit vectors) integers sets ∅ 0 a ∩ b a&b a+b a ∪ b , when a ∩ b = ∅ a \ b , when b ⊆ a a-b ∁ a ~a min elt ( a ), when a � = ∅ a&-a { 0 , 1 , . . . , n − 1 } ~(~0<<n) { i + 1 | i ∈ a } , written S ( a ) a*2 { i − 1 | i ∈ a ∧ i � = 0 } , written P ( a ) a/2 Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  10. How does it work? backtracking algorithm (no better way to solve the N queens) integers used as sets (bit vectors) integers sets ∅ 0 a ∩ b a&b a+b a ∪ b , when a ∩ b = ∅ a \ b , when b ⊆ a a-b ∁ a ~a min elt ( a ), when a � = ∅ a&-a { 0 , 1 , . . . , n − 1 } ~(~0<<n) { i + 1 | i ∈ a } , written S ( a ) a*2 { i − 1 | i ∈ a ∧ i � = 0 } , written P ( a ) a/2 Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  11. Code rephrased on sets int t( a , b , c ) if a � = ∅ e ← ( a \ b ) \ c f ← 0 while e � = ∅ d ← min elt ( e ) f ← f + t( a \{ d } , S ( b ∪ { d } ) , P ( c ∪ { d } ) ) e ← e \{ d } return f else return 1 int f( n ) return t( { 0 , 1 , . . . , n − 1 } , ∅ , ∅ ) Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  12. What a , b and c mean q q q ? ? ? ? ? ? ? ? Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  13. What a , b and c mean q ◗ q q ◗ ◗ q q q ◗ ◗ q ◗ q a = columns to be filled = 11100101 2 Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  14. What a , b and c mean q ◗ q ◗ q ◗ q q q b = positions to avoid because of left diagonals = 01101000 2 Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  15. What a , b and c mean q ◗ q q ◗ ◗ q q c = positions to avoid because of right diagonals = 00001001 2 Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  16. What a , b and c mean q ◗ ◗ ◗ q ◗ q ◗ ◗ ◗ ◗ q ◗ ◗ ◗ ◗ q ◗ ◗ a &˜ b &˜ c = positions to try = 10000100 2 Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  17. Now it is clear int t(int a, int b, int c) { int d=0, e=a&~b&~c, f=1; if (a) for (f=0; d=(e-=d)&-e;) f += t(a-d,(b+d)*2,(c+d)/2); return f; } int f(int n) { return t(~(~0 << n), 0, 0); } Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  18. Abstract finite sets //@ type iset //@ predicate in (int x, iset s) /*@ predicate included(iset a, iset b) @ { \ forall int i; in (i,a) ⇒ in (i,b) } */ //@ logic iset empty() //@ axiom empty def : \ forall int i; !in (i,empty()) ... total: 66 lines of functions, predicates and axioms Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  19. C ints as abstract sets //@ logic iset iset(int x) /*@ axiom iset c zero : \ forall int x; @ iset(x)==empty() ⇔ x==0 */ /*@ axiom iset c min elt : \ forall int x; x != 0 ⇒ @ @ iset(x&-x) == singleton(min elt(iset(x))) */ /*@ axiom iset c diff : \ forall int a, int b; @ iset(a&~b) == diff(iset(a), iset(b)) */ ... total: 27 lines / should be proved independently Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  20. Warmup: termination of the for loop int t(int a, int b, int c) { int d=0, e=a&~b&~c, f=1; if (a) //@ variant card(iset(e-d)) for (f=0; d=(e-=d)&-e; ) { f += t(a-d,(b+d)*2,(c+d)/2); } return f; } 3 verification conditions, all proved automatically Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  21. Warmup: termination of the recursive function int t(int a, int b, int c) { int d=0, e=a&~b&~c, f=1; //@ label L if (a) /*@ invariant @ included(iset(e-d), iset(e)) && included(iset(e), \ at(iset(e),L)) @ @*/ for (f=0; d=(e-=d)&-e; ) { /*@ assert \ exists int x; @ iset(d) == singleton(x) && in (x,iset(e)) */ //@ assert card(iset(a-d)) < card(iset(a)) f += t(a-d,(b+d)*2,(c+d)/2); } return f; } 7 verification conditions, all proved automatically Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  22. Soundness how to express that we compute the right number, since the program is not storing anything, not even the current solution? answer: by introducing ghost code to perform the missing operations Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  23. Soundness how to express that we compute the right number, since the program is not storing anything, not even the current solution? answer: by introducing ghost code to perform the missing operations Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  24. Ghost code ghost code can be regarded as regular code, as soon as ghost code does not modify program data program code does not access ghost data ghost data is purely logical ⇒ ne need to check the validity of pointers ghost code is currently restricted in Caduceus, but should not be Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  25. Program instrumented with ghost code //@ int** sol; //@ int s; //@ int* col; //@ int k; int t(int a, int b, int c) { int d=0, e=a&~b&~c, f=1; if (a) for (f=0; d=(e-=d)&-e; ) { //@ col[k] = min elt(d); //@ k++; f += t3(a-d, (b+d)*2, (c+d)/2); //@ k--; } //@ else //@ store solution(); return f; } Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  26. Annotations (1/4) /*@ requires solution(col) @ assigns s, sol[s][0..N()-1] s== \ old(s)+1 && eq sol(sol[ \ old(s)], col) @ ensures @*/ void store solution(); /*@ requires @ n == N() && s == 0 && k == 0 @ ensures \ result == s && @ @ \ forall int* t; solution(t) ⇔ ( \ exists int i; 0 ≤ i < \ result && eq sol(t,sol[i])) @ @*/ int queens(int n) { return t(~(~0 << n),0,0); } Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

  27. Annotations (2/4) //@ logic int N() /*@ predicate partial solution(int k, int* s) { \ forall int i; 0 ≤ i < k ⇒ @ 0 ≤ s[i] < N() && @ ( \ forall int j; 0 ≤ j < i ⇒ s[i] != s[j] && @ @ s[i]-s[j] != i-j && @ s[i]-s[j] != j-i) @ } @*/ //@ predicate solution(int* s) { partial solution(N(), s) } Jean-Christophe Filliˆ atre Queens on a Chessboard Krakatoa/Caduceus WG

Recommend

Local Search 1/30/17 Consider the following problems N-Queens: place n queens on an K-Coloring:

Local Search 1/30/17 Consider the following problems N-Queens: place n queens on an K-Coloring:

Local Search 1/30/17 Consider the following problems N-Queens: place n queens on an K-Coloring: find an assignment n x n chessboard so that none of k colors to graph nodes (map share a row, column, or regions) so that no adjacent diagonal.

348 views • 19 slides
A q -Queens Problem Christopher R. H. Hanusa Queens College, CUNY Joint work with Thomas

A q -Queens Problem Christopher R. H. Hanusa Queens College, CUNY Joint work with Thomas

A q -Queens Problem Christopher R. H. Hanusa Queens College, CUNY Joint work with Thomas Zaslavsky, Binghamton University (SUNY) and Seth Chaiken, University at Albany (SUNY) qc.edu/chanusa &gt; Research &gt; Talks n -Queens q -Queens Formulas

1.03k views • 90 slides
January 10, 2018 Staff: Kim Painter, Laura London Queens Court Apartments 2 Queens Court

January 10, 2018 Staff: Kim Painter, Laura London Queens Court Apartments 2 Queens Court

Queens Court Relocation Plan Tenant Landlord Commission January 10, 2018 Staff: Kim Painter, Laura London Queens Court Apartments 2 Queens Court Apartments Built 1941 Acquired by APAH in 1995 3 garden apt. buildings 39 units

142 views • 12 slides
The eight queens problem Let us now use Prolog to solve a more difficult kind of problem. One of

The eight queens problem Let us now use Prolog to solve a more difficult kind of problem. One of

The eight queens problem Let us now use Prolog to solve a more difficult kind of problem. One of these famous problems is the eight queens problem . It consists in placing on a (European) chess board eight queens such that they do not attack each

215 views • 8 slides
In SVN: explain the concept of backtracking solve the n-queens problem using backtracking Qu

In SVN: explain the concept of backtracking solve the n-queens problem using backtracking Qu

Exhaustive search, backtracking, object-oriented Queens After today, you should be able to In SVN: explain the concept of backtracking solve the n-queens problem using backtracking Qu Queens ens A taste of artificial intelligence

637 views • 19 slides
disk galaxies Joe Joel C. . Roed oedig iger (Queens) Stphane Courteau (Queens)

disk galaxies Joe Joel C. . Roed oedig iger (Queens) Stphane Courteau (Queens)

Roediger et al. 2012, ApJ (in print) arXiv:1201.6361 Stellar migrations and more in cluster disk galaxies Joe Joel C. . Roed oedig iger (Queens) Stphane Courteau (Queens) Patricia Snchez-Blzquez (UNAM) Michael McDonald (MIT)

125 views • 11 slides
Ch Check out f from S SVN VN: Queens eens Exhaustive search, backtracking, and

Ch Check out f from S SVN VN: Queens eens Exhaustive search, backtracking, and

Exhaustive search, backtracking, object-oriented Queens Ch Check out f from S SVN VN: Queens eens Exhaustive search, backtracking, and object-oriented queens A taste of artificial intelligence Check out Queens from SVN Given: a

942 views • 26 slides
N -Queens Problem Latin Squares Duncan Prince, Tamara Gomez February 19 2015 Author: Duncan

N -Queens Problem Latin Squares Duncan Prince, Tamara Gomez February 19 2015 Author: Duncan

N -Queens Problem Latin Squares Duncan Prince, Tamara Gomez February 19 2015 Author: Duncan Prince The N -Queens Problem The N -Queens problem originates from a question relating to chess, The 8-Queens problem. Chess is played on an 8 8 grid,

364 views • 9 slides
Marshall presented with Queens Award for Enterprise 2016 Marshall recognised in 2016

Marshall presented with Queens Award for Enterprise 2016 Marshall recognised in 2016

Media Release Date: 13 th September 2016 Marshall presented with Queens Award for Enterprise 2016 Marshall recognised in 2016 Queens Award for International Trade Second Award in three years - in 2013 Marshall won Queens Award for

759 views • 8 slides
Rearing Queens using the Miller Method Mark Sweatman Overview of the queen rearing process

Rearing Queens using the Miller Method Mark Sweatman Overview of the queen rearing process

Rearing Queens using the Miller Method Mark Sweatman Overview of the queen rearing process Steps using the Miller Method to rear queens Please Hold all Questions What is Required? Desire to rear queens and practice! Planning

568 views • 45 slides
Finding the Balance! Queens Gerry Morris BSc,

Finding the Balance! Queens Gerry Morris BSc,

15-03-31 Introduc/on to GI and my first experiment! Finding the Balance! Queens Gerry Morris BSc, PhD 1980-87 Queens

456 views • 10 slides
Queens Policy Engagement Brexit Clinic 17 October 2018 Queens Policy Engagement Brexit

Queens Policy Engagement Brexit Clinic 17 October 2018 Queens Policy Engagement Brexit

Queens Policy Engagement Brexit Clinic 17 October 2018 Queens Policy Engagement Brexit Clinic Prof. David Phinnemore (HAPP, @DPhinnemore) Brexit a timeline Withdrawal Withdrawal New and (Article 50) UK-EU Transition

429 views • 21 slides
Measurement, Mathematics and Information Technology M. Ram Murty, FRSC Queens Research Chair,

Measurement, Mathematics and Information Technology M. Ram Murty, FRSC Queens Research Chair,

Measurement, Mathematics and Information Technology M. Ram Murty, FRSC Queens Research Chair, Queens University, Kingston, Ontario, Canada Can we measure everything? Not everything that can be counted counts, and not everything

941 views • 75 slides
Mathematical Art Christopher Hanusa Queens College, City University of New York qc.edu/~chanusa

Mathematical Art Christopher Hanusa Queens College, City University of New York qc.edu/~chanusa

Guiding and Grading Mathematical Art Christopher Hanusa Queens College, City University of New York qc.edu/~chanusa @mathzorro @hanusadesign Course Details Queens College Urban Commuter Campus Diverse Student Population Christopher

620 views • 33 slides
Lattice Points and Kindly Chess Queens Thomas Zaslavsky Binghamton University of SUNY Jointly

Lattice Points and Kindly Chess Queens Thomas Zaslavsky Binghamton University of SUNY Jointly

CombinaTexas 10: 26 April 2009 Lattice Points and Kindly Chess Queens Thomas Zaslavsky Binghamton University of SUNY Jointly with Matthias Beck, Seth Chaiken, and Christopher R.H. Hanusa Q Q Q Q Q Q Q Q Board size: n = 10. Queens: q =

324 views • 10 slides
A sandwich theorem and a capacity bound for non-commutative graphs Gareth Boreland (Queens

A sandwich theorem and a capacity bound for non-commutative graphs Gareth Boreland (Queens

A sandwich theorem and a capacity bound for non-commutative graphs Gareth Boreland (Queens University Belfast) Joint work with Ivan Todorov (Queens University Belfast) and Andreas Winter (Universitat Autonoma de Barcelona). (arXiv:

304 views • 29 slides
Transcendence of special values of L-series M. Ram Murty, FRSC Queens Research Chair,

Transcendence of special values of L-series M. Ram Murty, FRSC Queens Research Chair,

Transcendence of special values of L-series M. Ram Murty, FRSC Queens Research Chair, Queens University, Kingston, Ontario, Canada The general problem Given a zeta function L(s), what are the special values L(k), when k is an

484 views • 29 slides
Chapter 7 Stochastic Local Search Michaja Pressmar 13.11.2014 Motivation n -queens with

Chapter 7 Stochastic Local Search Michaja Pressmar 13.11.2014 Motivation n -queens with

Chapter 7 Stochastic Local Search Michaja Pressmar 13.11.2014 Motivation n -queens with Backtracking: guarantees to find all solutions reaches limit for big problems: Best backtracking methods solve up to 100 -queens Stochastic

329 views • 29 slides
CACUSS 2017 Student Oriented Mental Health Literacy at Queens University Jennifer Dods About

CACUSS 2017 Student Oriented Mental Health Literacy at Queens University Jennifer Dods About

CACUSS 2017 Student Oriented Mental Health Literacy at Queens University Jennifer Dods About Queens Residential campus in downtown Kingston 18,000 undergrads and 4000 graduate students 6000 faculty and staff + 2500 student

297 views • 15 slides
Permit for 1445 Queens Avenue Erika Syvokas November 18, 2019 1445 Queens Avenue Context

Permit for 1445 Queens Avenue Erika Syvokas November 18, 2019 1445 Queens Avenue Context

Proposed Development Variance Permit for 1445 Queens Avenue Erika Syvokas November 18, 2019 1445 Queens Avenue Context PROPOSED DEVELOPMENT VARIANCE PERMIT FOR 1445 QUEENS AVENUE Proposed Subdivision Proposed Bylaw Variance New Lots

334 views • 6 slides
1 CSP Example: N-Queens CSP Example: N-Queens Formulation 2: Formulation 1:

1 CSP Example: N-Queens CSP Example: N-Queens Formulation 2: Formulation 1:

Previously CSE 473: Artificial Intelligence Formulating problems as search Blind search algorithms Autumn 2018 Depth first Breadth first (uniform cost) Iterative deepening Constraint Satisfaction Problems - Part 1 of 2

315 views • 6 slides
Fast and Wild: Bootstrap Inference in Stata Using boottest David Roodman James G. MacKinnon Open

Fast and Wild: Bootstrap Inference in Stata Using boottest David Roodman James G. MacKinnon Open

Q ED Queens Economics Department Working Paper No. 1406 Fast and Wild: Bootstrap Inference in Stata using boottest David Roodman, Open Philanthropy Project James G. MacKinnon, Queens University Morten rregaard Nielsen, Queens

843 views • 48 slides
Bi-free Infinite Divisibility James Mingo (Queens University at Kingston) joint work with

Bi-free Infinite Divisibility James Mingo (Queens University at Kingston) joint work with

Bi-free Infinite Divisibility James Mingo (Queens University at Kingston) joint work with Jerry Gu (Queens) and Hao-Wei Huang (Kaohsiung) (on the arXiv) Free Probability and the Large N Limit, V Berkeley, March 22, 2016 1 / 15 Kaohsiung

291 views • 15 slides
Queens Hall Refurbishment Presentation to PA23 BID 23 September 2015 John Gordon

Queens Hall Refurbishment Presentation to PA23 BID 23 September 2015 John Gordon

Queens Hall Refurbishment Presentation to PA23 BID 23 September 2015 John Gordon Regeneration Project Manager Queens Hall Refurbishment Over 8million investment Creating a centre for skills and learning The project will

302 views • 13 slides

More recommend