Writing Correct Programs; Finding Invariants CS 536, Mon Nov 8, 2010 Study Guide for Quiz 2 Quiz 2 will cover Lectures 6 – 9 except that loop termination and Activity 9.2 will not be included. (Activity 9.1 is included.) You’ll be given a list of the proof rules (forward and backward assignment, skip , sequence, conditional, while loop). Basic topics include: Textual substitution e [ e / v ] and P [ e / v ] (Activity 6.1, HW 4). Substitution into expressions and non-quanti fi ed predicates. E.g., (x/y)[z+1/y] is x/(z+1) , and (x>y>z)[z+1/y] is x>z+1>z . Substitution into quanti fi ed predicates. Body shielded by bound variable (substitution does nothing). E.g. (x=y*z x.x<y)[z+1/x] is z+1=y*z x.x<y . Body not shielded, but no capture will occur. E.g. (x=y*z x.x<y)[z+1/y] is x=(z+1)*z x.x<z+1 . Body not shielded, capture would occur (so rename bound variable). E.g. (x=y*z x.x<y)[x-1/y] is x=(x-1)*z v.v<x-1 . Iterated substitution: Work from left to right. E.g., (x/y)[x+1/y][c/x] is (x/(x+1))[c/x] is c/(c+1) . Proof rules for correctness triples (Activity 6.2, HW 4). For the rules for assignment, skip , sequence, conditional, loop, consequence / precondition strengthening / postcondition weakening: Verify that a proof rule has been applied correctly. E.g., does { x>0 } skip { x 0 } match the skip rule? (No.) E.g., does the below match the postcondition weakening rule? (Yes) { x>0 } skip { x>0 } x>0 x 0

