This preview shows pages 1–3. Sign up to view the full content.
This preview has intentionally blurred sections. Sign up to view the full version.
View Full Document
Unformatted text preview: CS 536 Notes: Syntactic Substitution; More Proof Rules Lecture 6, Mon Oct 4, 2010 A. Why • To reason about assignments, we need to understand syntactic substitution. • To reason about programs more generally, we need inference rules for the remaining statements (sequencing, conditional, and iterative). B. Outcomes After this lecture, you should • Know what syntactic substitution is and how and why to do it. • Know the two basic assignment axioms. • Know the rules of inference for sequencing, conditional, and iterative statements. C. Last Time • We looked at examples of correctness triples (most of them valid). • Looked at why we need rules to reason about correctness triples. (Basically, because we can’t just sit down and verify arbitrary correctness triples). •Looked at the axiom for skip : { P } skip { P } •Worked our way up to developing a “forward” axiom for assignment . • The key is to use a symbolic constant for the value of the variable before the assignment. (Below, v is the variable and c is the named constant.) • It’s a “logical” constant — it can only appear in the conditions, not the program itself. • Assignment axiom 1 (Forward) : { P ∧ v = c } v := e { P [ c / v ] ∧ v = e [ c / v ]}. • (It’s the “forward” rule because we take the precondition and figure out the postcondition.) • The notations P [ c / v ] and e [ c / v ] stand for the predicate P or expression e where occurrences of v are replaced by c . • Example: ( x > 0 ∧ x ² – (x+1) < y )[ c / x ] is c > 0 ∧ c ² –(c+1) < y . • Special case : { P } v := e { P ∧ v = e } if v is fresh (appears in neither P or e ). • The special case is just the general case where the conjunct v = c in the precondition is dropped because c doesn’t appear in P or e . Illinois Institute of Technology Notes for Lecture 6 CS 536: Science of Programming  1 of 8  © James Sasaki, 2010 D. Backward Assignment Rule •For the “backward” assignment rule , we are given the postcondition and figure out the precondition. We use it in goaldirected situations. • Assignment axiom 2 (Backward) : { P [ e / v ]} v := e { P }. • Example 1 : { x–1 > 0 } x := x–1 { x > 0 } • If you want to know that x is positive after you decrement it, you need to know that x–1 is positive before the decrement. • Example 2 : { SortedUp(b, k+1) } k := k+1 { SortedUp(b, k) } • Here SortedUp(b, k) means that b[0..k–1] is sorted ≤ . • E.g., SortedUp(b, k) ⇔∀ j.0 ≤ j < k–1 → b[j] ≤ b[j+1] . • If you want to know that the first k elements of b are sorted upward after you say k := k + 1 , you need to know that the first k + 1 elements of b are sorted upward beforehand....
View
Full
Document
This note was uploaded on 04/17/2011 for the course CS 536 taught by Professor Cs536 during the Fall '08 term at Illinois Tech.
 Fall '08
 cs536

Click to edit the document details