Skip to content
Snippets Groups Projects
Commit 569423fa authored by Allan Blanchard's avatar Allan Blanchard
Browse files

[wp] Update Why3 command

parent effa0a53
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
opam/opam
+ 1
1
View file @ 569423fa
...@@ -142,5 +142,5 @@ messages: [ ...@@ -142,5 +142,5 @@ messages: [
] ]
post-messages: [ post-messages: [
"Why3 provers setup: rm -f ~/.why3.conf ; why3 config --detect" "Why3 provers setup: rm -f ~/.why3.conf ; why3 config detect"
] ]
src/plugins/wp/doc/manual/wp_intro.tex
+ 13
5
View file @ 569423fa
...@@ -59,6 +59,14 @@ order to fulfill proof obligations. An easy choice is to install the ...@@ -59,6 +59,14 @@ order to fulfill proof obligations. An easy choice is to install the
\textsc{inria} and now by \textsc{OcamlPro}\footnote{\textsf{Alt-Ergo}: \textsc{inria} and now by \textsc{OcamlPro}\footnote{\textsf{Alt-Ergo}:
\url{https://alt-ergo.ocamlpro.com/}}. When using the \textsf{Opam} package \url{https://alt-ergo.ocamlpro.com/}}. When using the \textsf{Opam} package
manager, these tools are automatically installed with \textsf{Frama-C}. manager, these tools are automatically installed with \textsf{Frama-C}.
When updating or installing \textsf{Why-3}, the following command should be
run to detect available provers:
\begin{lstlisting}[basicstyle=\ttfamily]
rm -f ~/.why3.conf ; why3 config detect
\end{lstlisting}
See the documentation of \textsf{Why-3} to install other provers. See the documentation of \textsf{Why-3} to install other provers.
...@@ -170,10 +178,10 @@ weakest precondition $W$; we can then conclude that $P$ precondition ...@@ -170,10 +178,10 @@ weakest precondition $W$; we can then conclude that $P$ precondition
of $f$ always entails its postcondition $Q$. This proof can be summarized by of $f$ always entails its postcondition $Q$. This proof can be summarized by
the following diagram: the following diagram:
$$ $$
\frac% \frac%
{\quad(P \Longrightarrow W) \quad\quad \{W\}\,f\,\{Q\} \quad}% {\quad(P \Longrightarrow W) \quad\quad \{W\}\,f\,\{Q\} \quad}%
{\{P\}\,f\,\{Q\}} {\{P\}\,f\,\{Q\}}
$$ $$
This is the main idea of how to prove a property by weakest This is the main idea of how to prove a property by weakest
...@@ -247,7 +255,7 @@ plug-in, which makes \textsf{WP} complementary to \textsf{Jessie}. ...@@ -247,7 +255,7 @@ plug-in, which makes \textsf{WP} complementary to \textsf{Jessie}.
\item[\texttt{Hoare} model.] A very efficient model that generates \item[\texttt{Hoare} model.] A very efficient model that generates
concise proof obligations. It simply maps each \textsf{C} variable to one concise proof obligations. It simply maps each \textsf{C} variable to one
pure logical variable.\par pure logical variable.\par
However, the heap cannot be represented in this model, and However, the heap cannot be represented in this model, and
expressions such as \texttt{*p} cannot be translated at all. You expressions such as \texttt{*p} cannot be translated at all. You
can still represent pointer values, but you cannot read or write can still represent pointer values, but you cannot read or write
...@@ -262,7 +270,7 @@ plug-in, which makes \textsf{WP} complementary to \textsf{Jessie}. ...@@ -262,7 +270,7 @@ plug-in, which makes \textsf{WP} complementary to \textsf{Jessie}.
In order to generate reasonable proof obligations, the values stored In order to generate reasonable proof obligations, the values stored
in the global array are not the machine ones, but the logical in the global array are not the machine ones, but the logical
ones. Hence, all \textsf{C} integer types are represented by ones. Hence, all \textsf{C} integer types are represented by
mathematical integers and each pointer type to a given type is represented mathematical integers and each pointer type to a given type is represented
by a specific logical abstract datatype.\par by a specific logical abstract datatype.\par
A consequence of having separated arrays is that heterogeneous casts A consequence of having separated arrays is that heterogeneous casts
...@@ -271,7 +279,7 @@ plug-in, which makes \textsf{WP} complementary to \textsf{Jessie}. ...@@ -271,7 +279,7 @@ plug-in, which makes \textsf{WP} complementary to \textsf{Jessie}.
pointer to \texttt{char}, and then access the internal pointer to \texttt{char}, and then access the internal
representation of the original \texttt{int} value into memory. representation of the original \texttt{int} value into memory.
However, variants of the \texttt{Typed} model enable limited forms of casts. However, variants of the \texttt{Typed} model enable limited forms of casts.
See chapter~\ref{wp-models} for details. See chapter~\ref{wp-models} for details.
\item[\texttt{Bytes} model. (Not Implemented Yet).] This is a \item[\texttt{Bytes} model. (Not Implemented Yet).] This is a
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment