From: "Constantin Porphyrogenete" <excubiteur@hotmail.com>
Subject: Re: loop variant in SPARK ADA
Date: 20 Sep 2005 19:49:10 -0700
Date: 2005-09-20T19:49:10-07:00 [thread overview]
Message-ID: <1127270950.314911.66510@f14g2000cwb.googlegroups.com> (raw)
In-Reply-To: <1127236537.057857.142300@g49g2000cwa.googlegroups.com>
Thanks for the reply.
The reason for my asking was puzzlement over part of a paragraph
in the book on page 72
"Nevertheless, it is all too easy to
forget to think about the problem of termination and
to conclude that a subprogram is correct just because
all the verification conditions are true."
The impression that I got from the book was that the
point of tools like the Examiner and Simplifier was
precisely to prevent this sort of carelessness.
But I guess it is not to difficult to translate a loop variant
into a loop invariant with the help of some extra variables.
Thanks again for the reply.
next prev parent reply other threads:[~2005-09-21 2:49 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-09-19 9:25 loop variant in SPARK ADA Constantin Porphyrogenete
2005-09-19 13:23 ` Jacob Sparre Andersen
2005-09-19 15:40 ` Jeffrey Carter
2005-09-19 16:03 ` Georg Bauhaus
2005-09-19 22:22 ` Jeffrey Carter
2005-09-20 8:17 ` Georg Bauhaus
2005-09-20 17:15 ` Rod Chapman
2005-09-21 2:49 ` Constantin Porphyrogenete [this message]
2005-09-21 17:31 ` Jeffrey Carter
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox