Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | Next revision Both sides next revision | ||
|
sav07_lecture_3 [2007/03/22 16:20] yuanjianwz |
sav07_lecture_3 [2007/03/22 16:21] yuanjianwz |
||
|---|---|---|---|
| Line 137: | Line 137: | ||
| Note: when proving our verification condition, instead of proving that semantics of relation implies error=false, it's same as proving that the formula for set sp(U,r) implies error=false, where U is the universal relation, or, in terms of formulas, computing the strongest postcondition of formula 'true'. | Note: when proving our verification condition, instead of proving that semantics of relation implies error=false, it's same as proving that the formula for set sp(U,r) implies error=false, where U is the universal relation, or, in terms of formulas, computing the strongest postcondition of formula 'true'. | ||
| + | |||
| Line 160: | Line 161: | ||
| wp(Q, c1 ; c2) = wp(wp(Q,c2),c1) | wp(Q, c1 ; c2) = wp(wp(Q,c2),c1) | ||
| wp(Q, havoc(x)) = ∀x.Q (or introduce a fresh variable) | wp(Q, havoc(x)) = ∀x.Q (or introduce a fresh variable) | ||
| - | How to prove: wp(Q,c1 [] c2) = wp(Q,c1) ∧ wp(Q,c2)? | + | The idea to get : wp(Q,c1 [] c2) = wp(Q,c1) ∧ wp(Q,c2) |
| CR(c1 [] c2) = CR(c1) ∨ CR(c2) | CR(c1 [] c2) = CR(c1) ∨ CR(c2) | ||
| CR(c1 [] c2) -> error = false (it's valid) | CR(c1 [] c2) -> error = false (it's valid) | ||