-
Welcome to PowerPoint “Normal” View with “Notes”. (Sorry, I had
to give up
on providing audio annotations due to editing limitations with
the version of
PowerPoint available to me. Hopefully, this will work OK – let
me know if you
have suggestions for improving my notes…)
First, I hope you remember me. I’m Steve Thebaut and I’m
teaching Soft. Test.
& Verif. this semester. I also hope that you are all coping
OK with the current
calamity, and are well. If you are having trouble, let me know
and I will try to
help. It looks like all of you will have the option to change to
an S/U grading
scheme or just drop the course (presumably without penalty)
through the end of
classes, but check with your academic advisor about this to be
sure. More on
grades later…
Some loose ends that need to be taken care of: This is LN 21,
the first of 3
dealing with the last (and arguably the most interesting) major
topic of the
course: Functional Verification. The next (and last) Assignment
Worksheet (#9)
will be posted on the course website this week (probably by
4/8/20) and will be
due on Saturday, April 18 at NOON. (Late submissions will be
allowed, as
usual, until 3PM.)
1
-
Exam 1 grading is still underway(!), due in part to some
logistical complications and
resource limitations imposed by the College. I hope to have an
update for you (and
hopefully raw scores + a histogram) sometime later this coming
week. Check the
announcements.
Exam 2, which will NOT cover the material covered in Exam 1,
will take place (I think)
during the early part of the last week of classes. I don’t know
yet what the logistics will
be. It will most likely either make use of Honorlock (on-line
proctoring) or be some sort
of take-home (individual work) exam. Honorlock requires that you
have a webcam, so
you might want to think about how you would obtain one (if
necessary) if I’m advised to
go this route. I will provide more info about this in a week or
so.
In addition to LN’s 21-23, I will also be posting some notes
before Exam 2 to help you
review/prepare for the exam. These will include a primer on ROI
Analysis, solutions to
the Functional verification exercises given in LN’s 21-23, notes
on the King, et al.
reading (#7) and the Cleanroom SE reading (#9). (Reading #8 is
highly technical and is
for reference purposes only – you are not required to study this
for Exam 2, although
some may find it useful.)
About the PowerPoint Notes (such as the one you are reading
now): I will provide
Notes at the bottom of SOME PowerPoint slides, when I think it
may be useful. If you
would like to see additional notes to help you understand
something, let me know.
-
2
-
The IRL is “Very Cool!” because it involves learning how to
reason about the
functional correctness of loops by considering equivalent
if-then statements
defined used recursion.
3
-
The Invariant Status Theorem is “EXTREMELY Cool!” because it
describes a
very useful (and sometimes very useful) relationship between
loop invariants
and loop functions!
4
-
Only the third item above is required reading. The first two are
potentially
useful references, but are NOT required for completing the
Assignment 9
Worksheet or studying for Exam 2.
8
-
The “equivalence” vs. “subset” relationship concerns the
distinction between
“complete” and “sufficient” program correctness and is explained
next…
13
-
So the idea here is that Sufficient correctness only requires
that P computes f
wherever f is defined, but P may also terminate and thereby
compute results
where f is NOT defined.
Complete correctness means that P computes f exactly, even for
inputs where f
is not defined. This means P would also not be defined (i.e.,
would NOT
terminate) for inputs outside the domain of f.
These above interpretations are the gist of i!
27
-
Understanding the heuristics illustrated in the next several
slides is important. It
involves reasoning about (“figuring out”) what function is
computed by the loop
on termination based on the possible INITIAL values of the
variable(s) as
reflected by the initial value of the loop predicate “b”.
28
-
29
-
In this case, when the initial value of y is > 0, we can see
that the loop will
execute exactly y times with the final value of x being the sum
of the initial
values of x and y, and the final value of y being 0. This is
consistent with the
definition of f for initial values of y>0.
36
-
This is an aside: it suggests how defensive programming could be
used to avoid
writing a program that computes f (sufficiently) without going
into an infinite
loop
61
-
The solution for this exercise (and all others in LN’s 21-23)
will be posted later.
In the mean time, try to complete the “correctness table” on
your own.
62
-
This reflects the standard, informal interpretation of “P
computes f”, as
illustrated, for example, in the Dunlap/Basili reference
paper.
63
-
The Axiom of Replacement simply allows one to replace a
sub-program with the
function it has been shown to compute in the process of proving
a COMPOUND
program is correct.
68
-
A “working correctness question” is just an informal way to ASK
whether or not
a formally stated correctness condition is satisfied. Using such
questions is
suggested as a way to may proof presentation more
“conversational”.
Note that SEQUENCING of instructions in a program is equivalent
to
COMPOSING the functions computed by the instructions when
describing the
function of the program.
71
-
Try to show this based on the example given. The solution will
be posted
separately later.
119