Download
1 / 10
100 likes | 167 Views
Explore the use of Isar and Dafny lemma and ghost methods for streamlined program verification. Learn how to assert proof steps and ghost variables for efficient verification. Check out demonstrations and exercises to enhance your verification skills.
E N D
Using and Building an Automatic Program Verifier K. Rustan M. Leino Research in Software Engineering (RiSE) Microsoft Research, Redmond Lecture 2 Marktoberdorf Summer School 2011 Bayrischzell, BY, Germany 6 August 2011
Isar and Dafny lemma name: P proof hence Q by sledgehammer hence R bysimp thus S by grind end
Isar and Dafny lemma name: P proof assert Q by sledgehammer assert R bysimp assert S by grind end
Isar and Dafny ghost method name() ensures P { assert Q by sledgehammer assert R bysimp assert S by grind }
Isar and Dafny ghost method name() ensures P { assert Q bydafny assert R bydafny assert S bydafny }
Isar and Dafny ghost method name() ensures P; { assert Q; assert R; assert S; }
Ghost variables, ghost code demo FindZero continued
Object structures demo List
Exercises • List • http://rise4fun.com/Dafny/MbH • RockBand • http://rise4fun.com/Dafny/wjD
Links • Dafny • research.microsoft.com/dafny • rise4fun • rise4fun.com • Verification Corner • research.microsoft.com/verificationcorner
