pre and post condition rules n.
Download
Skip this Video
Download Presentation
Pre and Post Condition Rules

Loading in 2 Seconds...

play fullscreen
1 / 5

Pre and Post Condition Rules - PowerPoint PPT Presentation


  • 66 Views
  • Uploaded on

Pre and Post Condition Rules. Definition : If R and S are two assertions, then R is said to be stronger than S if R -> S (R implies S). Example : the assertion i < 0 is stronger than the assertion i < 3 because i < 0 implies that i < 3 ( i < 0 is true implies that i < 3 is true)

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Pre and Post Condition Rules' - tannar


Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
pre and post condition rules
Pre and Post Condition Rules
  • Definition : If R and S are two assertions, then R is said to be stronger than S if R -> S (R implies S).
    • Example :
      • the assertion i < 0 is stronger than the assertion i < 3 because i < 0 implies that i < 3 ( i < 0 is true implies that i < 3 is true)
      • draw the set and subset diagram to get a better “feel,” if needed
    • Note that if R is stronger than S, then all states that satisfy R will satisfy S. But there is at least one state that satisfies S which will not satisfy R. So the number of states that satisfies S is larger than that of R. Thus one may view the notion of “stronger” as “more selective” because less states will satisfy the stronger condition.
    • Of course, if R is strongerthan S, then S is weaker than R
precondition strengthening
Precondition Strengthening
  • Rule 1: If P’ is stronger than P and if {P}C{Q} triple is correct, then with the strengthened precondition assertion, {P’}C{Q} triple is also correct
    • Example :
      • if {P}C{Q} is correct, for P which is (x>0), then for P’, which asserts (x>2), the triple {P’}C{Q} will also be correct.
  • Rule 1 - More formally :
      • P’ -> P (strengthening p to p’)
      • {P}C{Q}
      • {P’}C{Q}
    • Example : if {x <5} x:= x+1 {x < 6} is correct, then strengthening {P} to {x < 3} should give us {x<3} x:=x+1 {x<6} as also correct because :
      • {x<3} -> {x<5}
      • {x<5} x := x+1 {x<6}
      • {x<3} x := x+1 {x<6}
post condition weakening
Post Condition Weakening
  • Rule 2: If Q -> Q’ and {P}C{Q} triple is correct then {P}C{Q’} triple is correct
    • Rule 2 : Formally we have:
      • {P}C{Q}
      • Q -> Q’
      • {P}C{Q’}
    • Example :
      • if { } max := b {max=b} then show { } max:=b {max >= b}

{ } max := b {max =b}

{max = b} -> {max >= b}

{ } max:=b {max >=b }

conjunction and and disjunction or rules
Conjunction (AND) and Disjunction (OR) Rules
  • Rule 3: If C is a piece of code, {P}C{Q} AND {P’}C{Q’} are correct (note that both of the conditions have to be True simultaneously), then {P AND P’} C {Q AND Q’} is also correct
    • Formally :
      • {P} C {Q}
      • {P’} C {Q’}
      • {P AND P’} C {Q AND Q’}
  • Rule 4:If C is a piece of code, {P}C{Q} AND {P’}C{Q’}, then {P OR P’} C {Q OR Q’} is also correct
    • Formally :
      • {P} C {Q}
      • {P’} C {Q’}
      • {P OR P’} C {Q OR Q’}
example using conjunction rule more
Example using Conjunction Rule & more
  • Problem : given the following Hoare Triples:
    • { } x:= x+1 { x = x+1 } AND [note that x:= x + 1 has multiple meanings here !]
    • {x>0} x:= x +1 {x > 0}
    • show that {x>0} x:=x+1 {x > -1}
  • Proof : (a little more detailed than needed)
    • a) using conjunction rule, we get {x>0} x:= x+ 1{x=x+1 AND x>0}
    • b) using the weakening the post-condition rule, we have {x=x+1 and x>0} -> {x>0}; thus the conjunction triple {x>0} x:=x+1 {x=x+1 AND x>0} also imply {x>0} x:=x+1 {x>0} is correct by weakening the post condition
      • Furthermore {x > 0 } -> { x > - 1} (or x > 0 is stronger than x > -1)
    • Therefore we have {x>0} x := x+1 {x>-1} (by weakening the post condition)
    • Alternatively : note that the weakening of post condition can be achieved through dropping x=x+1 and also directly weakening x > 0 to x > -1.
ad