You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In refinement calculus 1, Floyd–Hoare "function-boundary" pre/postconditions are equivalent to intermittent assert/assume invariants. One generalization of this view is "assigning blame", or "who loses the game", if invariant is broken.
As one illustration, let's say Kasparov calls Karpov with argument x, and somewhere in Karpov's definitional code there is an intermittent assumption:
Karpov(x):
...
assume(x>0)
...
Then if Kasparov calls Karpov(-1), Kasparov loses the game.
In the current codebase, only the assert side is implemented (and only in the "core OCaml" toy-language). This Issue calls to extend the implementation to the assume side.
The text was updated successfully, but these errors were encountered:
In refinement calculus 1, Floyd–Hoare "function-boundary" pre/postconditions are equivalent to intermittent assert/assume invariants. One generalization of this view is "assigning blame", or "who loses the game", if invariant is broken.
As one illustration, let's say Kasparov calls Karpov with argument x, and somewhere in Karpov's definitional code there is an intermittent assumption:
Then if Kasparov calls
Karpov(-1), Kasparov loses the game.In the current codebase, only the
assertside is implemented (and only in the "core OCaml" toy-language). This Issue calls to extend the implementation to theassumeside.The text was updated successfully, but these errors were encountered: