# 04 - CHAPTER 4 eview Exerc Random Fac,~ Correctness Proofs...

This preview shows pages 1–3. Sign up to view the full content.

CHAPTER 4 eview Exerc Random Fac,~--- Correctness Proofs In Advanced Topic 4.3 vve introduced the technique of loop invariants. If you skipped that note, have a glance at it now. That technique can be used to prove rigorously that a function returns exactly the value that it is supposed to compute. Such a proof is far more valuable than any testing. No matter how many test cases you try, you always worry whether another case that you haven't tried yet might show a bug. A proof settles the correctness for all possi- ble inputs. For some time, programmers were very hopeful that proof techniques such as loop invari- ants would greatly reduce the need for testing. You would prove that each simple function and procedure is correct, and then put the proven components together and prove that they work together as they should. Once it is proved that mai n works correctly, no testing is required at all! Some researchers were so excited about these techniques that they tried to omit the programming step altogether. The designer would write down the program require- ments, using the notation of formal logic. An automatic prover would prove that such a pro- gram could be written and generate the program as part of its proof Unfortunately, in practice these methods never worked very well. The logical notation to describe program behavior is complex. Even simple scenarios require many formulas. It is easy enough to express the idea that a function is supposed to compute an, but the logical for- mulas describing all procedures in a program controlling an airplane, for instance, would fill many pages. These formulas are created by humans, and humans make errors when they deal with difficult and tedious tasks. Experiments showed that instead of buggy programs, pro- grammers wrote buggy logic specifications and buggy program proofs. Van der Linden [lJ, p. 287, gives some examples of complicated proofs that are much harder to verifY than the programs they are trying to prove. Program proof techniques are valuable for proving the correctness of individual proce- dures that make computations in nonobvious ways. At this time, though, there is no hope to prove any but the most trivial programs correct in such a way that the specification and the proof can be trusted more than the program. HAPTER MMARY 1. The if statement allows a program to carry out different actions depending on the nature of the data to be processed. 2. The if statement evaluates a condition. Conditions can contain any value that is true or false. 3. Relational operators are used to compare numbers and strings. 4. The lexicographic or dictionary order is used to compare strings. 5. When an input stream senses an input error, it enters the failed state. You can test for failure with the fail function.

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
Review Exercises pped that 1 function evaluable ~r another , all possi- op 1l1van- ~ function : that they testing is ~y tried to m requlre- uch a pro- lotation to ulas. It is ogical for- would fl11 :1 they deal
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

### Page1 / 11

04 - CHAPTER 4 eview Exerc Random Fac,~ Correctness Proofs...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document
Ask a homework question - tutors are online