> 10M LoC i := n while i 1 do k := f (k, n - i) i := i - 1 if n - - PowerPoint PPT Presentation

> 10M LoC

i := n while i ≥ 1 do k := f(k, n - i) i := i - 1 if n ≤ 0 then i := 0 else i := n

f(k, i)

𝑆𝑙 𝑘 = 𝑐 𝑏𝑘 − 𝑏𝑘 + 𝑘 − 1 + 𝑏 − 1 𝑏𝑘 𝑏 − 1 𝑙0 + 𝑑 − 𝑑 𝑏 − 1 2 𝑆𝑗 𝑘 = 𝑘

assume i = i ∧ k = k ∧ n = n i := 0 while i < n do k := a·k + b·i + c i := i + 1 (…) assert i = i ∧ k = k ∧ n = n

Ri(j) = Ri(j-1) + 1 Ri(0) = 0 Rk(j) = a × Rk(j-1) + b × Ri(j-1) + c Rk(0) = k0

𝑈 𝑓 = ෍

𝑗=1 𝑜

෍

𝑘=0 𝑒

fij × T ei

j ,

if 𝑓 = f 𝑓1, … , 𝑓𝑜

if i < n then k := f(x) else k := f(y) if f(z) < 0 ∧ k < 0 then …

u(f) = 2

f(a) f(b) f(c) f(d)

• 4
• 2

2 4 6 8 10 12

• 2
• 1

1 2 3 4 5 6 7 8

while b do c if b then assume σn-1(b) ∧ σn(¬b) vi := σn(vi) else assume n = 0

→

while I < N do if B then S1 else S2 I := I + 1 if B then while I < N do S1 I := I + 1 else while I < N do S2 I := I + 1

→

S1, S2 are template statements B is a template Boolean expression

while I < N do if B then S1 else S2 I := I + 1

→

… while I < N do if N > 5 then A := A + N else A := A + 1 I := I + 1 … if N > 5 then while I < N do A := A + N I := I + 1 else while I < N do A := A + 1 I := I + 1 Instantiation: 𝐶 ⟼ 𝑂 > 5 𝑇1 ⟼ 𝐵 ≔ 𝐵 + 𝑂 𝑇2 ⟼ 𝐵 ≔ 𝐵 + 1

while I < N do if B then S1 else S2 I := I + 1 if B then while I < N do S1 I := I + 1 else while I < N do S2 I := I + 1

→

Precondition: 𝐽 ∉ 𝑆 𝐶 ∧ 𝑋 𝑇1 ∩ 𝑆 𝐶 = ∅ ∧ 𝑋 𝑇2 ∩ 𝑆 𝐶 = ∅

S x,y := Sx(y, z), Sy(y, z)

Precondition: R(S) = {y, z} W(S) = {x, y}

→

28

x * 2c / d x / (d / 2c) = x / d * 2c = x * 2c / d

ERROR: Domain of definedness of Target is smaller than Source's for i4 %b Example: %X i4 = 0x0 (0) c i4 = 0x3 (3) d i4 = 0x7 (7) %a i4 = 0x0 (0) (1 << c) i4 = 0x8 (8, -8) %t i4 = 0x0 (0) Source value: 0x0 (0) Target value: undef