An Introduction to XYZVERIII Wenhui Zhang State Key

An Introduction to XYZ/VERI-II Wenhui Zhang State Key Laboratory of Computer Science Institute of Software, Chinese Academy of Sciences http: //lcs. ios. ac. cn/~zwh 1

Example {x=c} Pre-Condition y 1: =0; y 2: =1; y 3: =1; while (y 3<=x) { y 1: =(y 1+1); y 2 : = (y 2+2); y 3: =(y 2+y 3); { x=c y 1*y 1<=x y 3=(y 1+1)*(y 1+1) y 2=2*y 1+1} Invariant } { y 1*y 1<=c c<=(y 1+1)*(y 1+1) } Post-Condition

Program in XYZ/SE {x=c} %PROC wl(%INP/x: INT; %IOP/y 1: INT)== %LOC [y 2, y 3: INT] %STM [ LB=START => $Oy 1=0 / $Oy 2=1 / $Oy 3=1 / $OLB=l 2; *[ LB=l 2 / (le(y 3, x)) => ($OLB=l 3 | $OLB=END); LB=l 3 => $Oy 1=+(y 1, 1) / $Oy 2 = +(y 2, 2) / $OLB=l 4; LB=l 4 => $Oy 3=+(y 2, y 3) / $OLB=l 2; { x=c / le(*(y 1, y 1), x) / y 3=*(+(y 1, 1), +(y 1, 1)) / y 2=+(*(2, y 1), 1) } ]] { le(*(y 1, y 1), c) / lt(c, *(+(y 1, 1), +(y 1, 1))) }

XYZ/VERI-II: User-Interface and Functionalities • The next page is the initial interface created by typing the command “veri 2”. • The rest is a demonstration of the interaction of the user and the program.

Verification Conditions y 3 <=x x=c y 1*y 1<=x y 3=(y 1+1)*(y 1+1) y 2=2*y 1+1 x=c (y 1+1)*(y 1+1)<=x (y 2+2)+y 3=((y 1+1)+1)*((y 1+1)+1) y 2+2=2*(y 1+1)+1 y 3<=x x=c y 1*y 1<=x y 3=(y 1+1)*(y 1+1) y 2=2*y 1+1 y 1*y 1<=c c<(y 1+1)*(y 1+1) x=c 0*0<=x 1=(0+1)*(0+1) 1=2*0+1

Simplified Verification Conditions (y 1+1)*(y 1+1)<=c, y 1*y 1<=c 2+(1+y 1*2) = 1+2*(y 1+1) y 1*y 1<= c c < (y 1+1)*(y 1+1), (y 1+1)*(y 1+1)<= c T 1=1+2*0 (y 1+1)*(y 1+1) <= c, y 1*y 1<= c (2+(1+y 1*2))+(y 1+1)*(y 1+1)=(1+(y 1+1))*(1+(y 1+1)) T 0*0<=c T 1=(1+0)*(1+0)

Simplified Verification Conditions (y 1+1)*(y 1+1)<=c, y 1*y 1<=c 2+(1+y 1*2) = 1+2*(y 1+1) y 1*y 1<= c c < (y 1+1)*(y 1+1), (y 1+1)*(y 1+1)<= c T 1=1+2*0 (y 1+1)*(y 1+1) <= c, y 1*y 1<= c (2+(1+y 1*2))+(y 1+1)*(y 1+1)=(1+(y 1+1))*(1+(y 1+1)) T 1=(1+0)*(1+0)

References Wenhui Zhang. Verification of XYZ/SE programs. Chinese Journal of Advanced Software Research 2(4): 364 -373, 1995.

Questions?