CSC195, Class 30: Semantics of Assignment Overview: * Background: Weakest Precondition, Substitution * Defining simple assignment. * Some variations. * Defining multiple assignment Notes: * 100 Grand, Baby Ruth, Nestles Crunch, Fast Break, 3 Musketeers, Milky Way, Snickers * Where is BurtonE? * Extra credit for attending Zuk talks. * The muddy-children problem. Extra credit for Lindsey and Peter * Questions on exam 1? Goal for today: Formal definition of various kinds of assignment Reminder: What is wp? The most general form of *something* A shorthand for "weakest precondition" It takes a statement and a postcondition and gives you a set of states That is, it's a FUNCTION from statement x predicate to predicate From statment and postcondition to precondition Whenever the precondition holds before the statement, the postcondition holds afterwards How do we use wp? (1) Generate preconditions (2) Define meaning of statements Substitution notation x E e Replaces "all" instances of x in E with e. substitute e for x in E substitute 1 for x in x => 1 x x => 1 1 substitute 3+y for x in x*x => (3+y)*(3+y) x x*x 3+y Question: What about parenthesization? It's there implicitly. substitute e for x in x => e subsittute e for x in y => y, y is a variable and is not x substitute e for x in f*g => (substitute e for x in f) * (substitute e for x in g) similar for Mathematical: +,-,/ function application, substitute e for x in f(exp) => f(substitute ...) Logical: and, or, not, cand, cor, equals, implies set operations: element-of, subset, superset, intersection, ... Numeric comparators: < <= > >= = Quantifiers: For all, There exists, Count Potential problems: * Does this work for cand and cor? * Quantifiers "for all x, x > 5" Substitute 2 for x in "for all x, x > 5" Naive textual subsitution: for all 2, 2 > 5 Substitution warning 1: Don't substitute for *bound* variables. (Alternate: Only substitute for unbound variables.) substitute e for x in "for all y, exp" => for all y, (substitute e for x in exp) "exists y, y > x" Substitute y for x in "exists y, y > x" exists y, (substitute y for x in "y > x") exists y, (sub y for x in "y") > (sub y for x in "x") exists y, y > y Substitution warning 2: Don't include variables with the same name as bound variables in your substitution ---------------------------------------- Define simple assignment wp("x := e"; P) = domain(e) cand substitute e for x in P Why cand? To handle some stuff being potentially undefined. Why "backwards" (why does the assignment of e to x seem to modify the precondition and not the postcondition)? Normal way of thinking about things You begin with some understanding of the world You do an assignment You therefore come up with a new understanding of the world How does the new understanding relate? It's based on some substitution in the prior understanding Consider P, the postcondition Any characteristic we expect of x afterwards must have held for e beforehand Hence, we can reflect that need by doing substitution wp("x := 5"; x > 2) => sub 5 for x in x > 2 => 5 >2 => true wp("x := 1"; x > 2) => sub 1 for x in x > 2 => 1 > 2 => false wp("x := y"; x > 2) => sub y for x in x > 2 => y > 2 wp("x := x*x"; x > 4) => sub x*x for x in x > 4 => x*x > 4 => (x > 2 or x < -2) The "x" here is the *old* x (the one before the assignment) wp("x := a[i]", x > 2) => i is a valid index and a[i] > 2 wp("x := a[x]", x = a[x]) => ??? Suppose a[0] is 3; a[1] is 4; a[2] is 1; and a[3] is 1 x := 0 x := a[x]