Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
sav08:assume_guarantee_reasoning_with_procedures [2008/04/09 10:43] vkuncak |
sav08:assume_guarantee_reasoning_with_procedures [2008/04/10 13:42] vkuncak |
||
---|---|---|---|
Line 5: | Line 5: | ||
Given | Given | ||
- | var x : int; | + | var x, y; |
proc P() | proc P() | ||
- | requires Pre(x) | + | requires Pre(x,y) |
- | ensures Post(x) | + | ensures Post(x,y) |
{ c } | { c } | ||
Line 24: | Line 24: | ||
proc Q() { | proc Q() { | ||
c1; | c1; | ||
- | assert Pre(x); | + | assert Pre(x,y); |
- | ++|havoc x;++ | + | ++|havoc x,y;++ |
- | assume Post(x); | + | assume Post(x,y); |
c2; | c2; | ||
} | } | ||
Line 52: | Line 52: | ||
===== Procedures with Parameters ===== | ===== Procedures with Parameters ===== | ||
+ | |||
+ | One way to derive rules: use assignments to reduce them to global state. | ||