I. Developing Programs by Stepwise Refinement A. general idea: divide and conquer ------------------------------------------ HOW TO SOLVE COMPLEX PROGRAMMING PROBLEMS? A general strategy: divide and conquer Picture: ------------------------------------------ What is meant by using a divide and conquer strategy? B. background 1. problems and specifications ------------------------------------------ PROBLEMS AND SPECIFICATIONS def: a problem is a desired relationship between So a problem is essentially a Can be expressed as: precondition: frame condition: postcondition: ------------------------------------------ 2. correctness ------------------------------------------ CORRECTNESS def: An implementation, C, is *correct with respect to a specification*, S, iff Example: // requires: true // modifies: x // ensures: x > y extern void make_greater(int x, int y); Which is a correct implementation? // (a) void make_greater(int x, int y) { y = x-1; } // (b) void make_greater(int x, int y) { x = y+1; } // (c) void make_greater(int x, int y) { x = 3223; } ------------------------------------------ ------------------------------------------ MEANING OF A SPECIFICATION def: the *meaning of a specification*, S, is What is the meaning of: // (easy) // requires: false; // modifies: everything; // ensures: true extern void easy(); // (impos) // requires: true; // modifies: everything; // ensures: false extern void impos(); // (chaos) // requires: true; // modifies: everything; // ensures: true extern void chaos(); ------------------------------------------ How big is that set? 3. refinement ------------------------------------------ REFINEMENT def: a specification Conc *refines* Abs iff ------------------------------------------ Can program code be used as a specification? If we consider code to also be a specification, then what does code C refines specification A mean? Suppose C refines A. Which is harder to implement, C or A? II. stepwise refinement for program design ------------------------------------------ STEPWISE REFINEMENT (WIRTH 1971) Want to be able to justify a design top-down: Abstract Program | Refined Program / | \ SubP 1 SubP 2 SubP 3 ------------------------------------------ How can it be helpful to have a harder problem to solve? A. Example: 8 queens ------------------------------------------ EXAMPLE: THE 8 QUEENS PROBLEM Place 8 queens on a (8x8) chessboard so that none of them attacks any other. [--|--|--|--|--|--|--|--] | | | | | | | | | |--+--+--+--+--+--+--+--| | | | | | | | | | |--+--+--+--+--+--+--+--| | | | | | | | | | |--+--+--+--+--+--+--+--| | | | | | | | | | |--+--+--+--+--+--+--+--| | | | | | | | | | |--+--+--+--+--+--+--+--| | | | | | | | | | |--+--+--+--+--+--+--+--| | | | | | | | | | |--+--+--+--+--+--+--+--| | | | | | | | | | [--|--|--|--|--|--|--|--] ------------------------------------------ How do queens attack in chess? So what does a solution look like? 1. example development ------------------------------------------ START OF THE DEVELOPMENT Start with Example: Let A be the set of all possible placements of 8 queens on the chessboard Let p(b) be true when x is a solution Generate ------------------------------------------ How would you generate all possible placements? Why is that correct? What could be wrong with that? 2. refinements ------------------------------------------ HOW CAN WE DO BETTER? Pre-selection strategy: eliminate Abstractly: Criteria for pre-selection: 1. 2. 3. ------------------------------------------ ------------------------------------------ SECOND STEP, USING PRE-SELECTION generate b in B_r until q(b) or B_r is empty if q(b), then return b Why is this better? ------------------------------------------ ------------------------------------------ APPLYING PRE-SELECTION TO 8 QUEENS What could r be? Then what would q be? ------------------------------------------ So what does the program look like now? How could we continue this? B. Sudoku ------------------------------------------ FOR YOU TO DO Design a program to generate Sudoku puzzles. A Sudoku puzzle is a 9 x 9 grid, consisting of 9 3x3 subgrids. A solution to a puzzle must place in each subgrid, the digits 1-9, and each digit may only appear once per subgrid and once in each column, and once in each row. The puzzle should have some empty grid squares and some numbers filled in. The solver fills in the empty squares. The puzzle should be generated to have exactly one solution (i.e., one way to fill in the values for the empty squares). ------------------------------------------