Skip to content
Snippets Groups Projects
Commit af0eec33 authored by Allan Blanchard's avatar Allan Blanchard
Browse files

[wp/doc] Remove overfull hbox

parent a8587e3c
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
src/plugins/wp/doc/manual/wp.tex
+ 1
3
View file @ af0eec33
...@@ -42,9 +42,7 @@ The content of this document corresponds to the version \FCVERSION, on \today, o ...@@ -42,9 +42,7 @@ The content of this document corresponds to the version \FCVERSION, on \today, o
\medskip \medskip
\acknowledgeANR{ \acknowledgeANR{the French ANR project U3CAT~(08-SEGI-021-01)}
the French ANR project U3CAT~(08-SEGI-021-01)
}
\input{wp_intro.tex} \input{wp_intro.tex}
\input{wp_plugin.tex} \input{wp_plugin.tex}
......
src/plugins/wp/doc/manual/wp_plugin.tex
+ 40
28
View file @ af0eec33
...@@ -129,8 +129,8 @@ The general structure of the panel is illustrated figure~\ref{wp-tip-run}. The c ...@@ -129,8 +129,8 @@ The general structure of the panel is illustrated figure~\ref{wp-tip-run}. The c
\verb+Have:+& formula from an assertion or an instruction in the code;\\ \verb+Have:+& formula from an assertion or an instruction in the code;\\
\verb+When:+& condition from a simplification performed by \textsf{Qed};\\ \verb+When:+& condition from a simplification performed by \textsf{Qed};\\
\verb+If:+& structured hypothesis from a conditional statement;\\ \verb+If:+& structured hypothesis from a conditional statement;\\
\verb+Either:+& structured disjunction from a switch statement.\\ \verb+Either:+& structured disjunction from a switch statement;\\
\verb+Stmt:+& labels and C-like instructions representing the memory updates during code execution;\\ \verb+Stmt:+& labels and C-like instructions representing memory updates in executions.\\
\end{tabular} \end{tabular}
\end{quote} \end{quote}
...@@ -718,7 +718,8 @@ access to the API. A custom strategy must be an instance of class-type \lstinlin ...@@ -718,7 +718,8 @@ access to the API. A custom strategy must be an instance of class-type \lstinlin
The actual heuristic code takes place in method \lstinline$#search$ which has the following type (consult the html API for details): The actual heuristic code takes place in method \lstinline$#search$ which has the following type (consult the html API for details):
\begin{lstlisting}[language=ocaml] \begin{lstlisting}[language=ocaml]
method search : (Strategy.strategy -> unit) -> Conditions.sequent -> unit method search :
(Strategy.strategy -> unit) -> Conditions.sequent -> unit
\end{lstlisting} \end{lstlisting}
This method takes two parameters: a strategy registration callback and the sequent to prove. Each heuristic This method takes two parameters: a strategy registration callback and the sequent to prove. Each heuristic
...@@ -732,8 +733,9 @@ we decide to register a split tactic, thanks to the helper function \lstinline$A ...@@ -732,8 +733,9 @@ we decide to register a split tactic, thanks to the helper function \lstinline$A
\paragraph{Using Selections.} Tactics always need a \lstinline$selection$ target. Moreover, some tactics require additional parameters, also to be provided as \lstinline$selection$ values. Typically, consider the \lstinline$Auto.range$ tactic: \paragraph{Using Selections.} Tactics always need a \lstinline$selection$ target. Moreover, some tactics require additional parameters, also to be provided as \lstinline$selection$ values. Typically, consider the \lstinline$Auto.range$ tactic:
\begin{lstlisting}{language=ocaml} \begin{lstlisting}[language=ocaml]
val Auto.range : ?priority:float -> selection -> vmin:int -> vmax:int -> strategy val Auto.range :
?priority:float -> selection -> vmin:int -> vmax:int -> strategy
\end{lstlisting} \end{lstlisting}
Here the selection argument shall targets the expression to be enumerated in range \lstinline$vmin..vmax$. Here the selection argument shall targets the expression to be enumerated in range \lstinline$vmin..vmax$.
...@@ -744,10 +746,14 @@ how to rebuild this term from the sequent. Hence, if the \textsf{C}-code or the ...@@ -744,10 +746,14 @@ how to rebuild this term from the sequent. Hence, if the \textsf{C}-code or the
Selections are easy to build. There are five basic forms, as described below: Selections are easy to build. There are five basic forms, as described below:
\begin{lstlisting}[language=ocaml] \begin{lstlisting}[language=ocaml]
type Tactical.selection = type Tactical.selection =
| Empty (** no selection *) | Empty
| Clause of clause (** selects a full hypothesis or the full goal *) (** no selection *)
| Inside of clause * Lang.F.term (** selects a sub-term of a hypothesis or goal *) | Clause of clause
| Compose of compose (** a calculus from several sub-selections *) (** selects a full hypothesis or the full goal *)
| Inside of clause * Lang.F.term
(** selects a sub-term of a hypothesis or goal *)
| Compose of compose
(** a calculus from several sub-selections *)
and Tactical.clause = and Tactical.clause =
| Goal of Lang.F.pred | Goal of Lang.F.pred
| Step of Conditions.step | Step of Conditions.step
...@@ -755,16 +761,22 @@ Selections are easy to build. There are five basic forms, as described below: ...@@ -755,16 +761,22 @@ Selections are easy to build. There are five basic forms, as described below:
It is also possible to build selections from sequent by explicit lookup: It is also possible to build selections from sequent by explicit lookup:
\begin{lstlisting}[language=ocaml] \begin{lstlisting}[language=ocaml]
val Strategy.select_e : Conditions.sequent -> Lang.F.term -> Tactical.selection val Strategy.select_e :
val Strategy.select_p : Conditions.sequent -> Lang.F.pred -> Tactical.selection Conditions.sequent -> Lang.F.term -> Tactical.selection
val Strategy.select_p :
Conditions.sequent -> Lang.F.pred -> Tactical.selection
\end{lstlisting} \end{lstlisting}
Composition allows you to build new terms from existing ones, like when using the term composer from the graphical user interface. You access composers by their name, like in the term composer. The API for building new terms is as follows: Composition allows you to build new terms from existing ones, like when using the term composer from the graphical user interface. You access composers by their name, like in the term composer. The API for building new terms is as follows:
\begin{lstlisting}[language=ocaml] \begin{lstlisting}[language=ocaml]
val Tactical.int : int -> Tactical.selection val Tactical.int :
val Tactical.cint : Integer.t -> Tactical.selection int -> Tactical.selection
val Tactical.range : int -> int -> Tactical.selection val Tactical.cint :
val Tactical.compose : string -> Tactical.selection list -> Tactical.selection Integer.t -> Tactical.selection
val Tactical.range :
int -> int -> Tactical.selection
val Tactical.compose :
string -> Tactical.selection list -> Tactical.selection
\end{lstlisting} \end{lstlisting}
For instance, provided you have two selected terms \lstinline$a$ and \lstinline$b$, you can build their sum using For instance, provided you have two selected terms \lstinline$a$ and \lstinline$b$, you can build their sum using
...@@ -780,13 +792,13 @@ sequence of hypothesis, and a goal to prove. Each hypothesis is represented by a ...@@ -780,13 +792,13 @@ sequence of hypothesis, and a goal to prove. Each hypothesis is represented by a
and sequence = .... step list ... (* private type *) and sequence = .... step list ... (* private type *)
and step = { condition : condition ; ... } and step = { condition : condition ; ... }
and condition = and condition =
| Have of Lang.F.pred (** hypothesis *) | Have of Lang.F.pred (** Hypothesis *)
| Init of Lang.F.pred (** C-initializer initialization clause *) | Init of Lang.F.pred (** C-initializer initialization clause *)
| Type of Lang.F.pred (** C/ACSL type constraints *) | Type of Lang.F.pred (** C/ACSL type constraints *)
| Core of Lang.F.pred (** Common hypothesis factorization from WP *) | Core of Lang.F.pred (** Common hypothesis factorization from WP *)
| When of Lang.F.pred (** hypothesis from tactical or simplification *) | When of Lang.F.pred (** Hypothesis (tactical or simplification) *)
| Branch of Lang.F.pred * sequence * sequence (** If-Then-Else *) | Branch of Lang.F.pred * sequence * sequence (** If-Then-Else *)
| Either of sequence list (** Disjunction of Cases *) | Either of sequence list (** Disjunction of Cases *)
val iter : (step -> unit) -> sequence -> unit val iter : (step -> unit) -> sequence -> unit
\end{lstlisting} \end{lstlisting}
...@@ -1051,7 +1063,7 @@ each provided function. ...@@ -1051,7 +1063,7 @@ each provided function.
For example: For example:
\begin{lstlisting}[language=c, alsolanguage=acsl] \begin{lstlisting}[style=c]
/*@ ensures \result == x ; */ /*@ ensures \result == x ; */
int f1(int x); int f1(int x);
/*@ ensures \result == x+1 ; */ /*@ ensures \result == x+1 ; */
...@@ -1075,7 +1087,7 @@ site: one must prove that \verb+fp+ is either \verb+f1+ or \verb+f2+. ...@@ -1075,7 +1087,7 @@ site: one must prove that \verb+fp+ is either \verb+f1+ or \verb+f2+.
In ACSL, a function can be specified to terminate when some condition \verb+P+ holds In ACSL, a function can be specified to terminate when some condition \verb+P+ holds
in pre-condition. in pre-condition.
\begin{lstlisting}[language=c, alsolanguage=acsl] \begin{lstlisting}[style=c]
/*@ terminates P ; */ /*@ terminates P ; */
void function(void){ void function(void){
... ...
...@@ -1090,7 +1102,7 @@ is generated for termination. However, if \verb+-wp-variant-with-terminates+ is ...@@ -1090,7 +1102,7 @@ is generated for termination. However, if \verb+-wp-variant-with-terminates+ is
active, the variant is verified only when \verb+P+ holds in pre-condition. active, the variant is verified only when \verb+P+ holds in pre-condition.
Intuitively, this option means that variant has to decrease only if the function has to terminate. For example: Intuitively, this option means that variant has to decrease only if the function has to terminate. For example:
\begin{lstlisting}[language=c, alsolanguage=acsl] \begin{lstlisting}[style=c]
//@ terminates i >= 0 ; //@ terminates i >= 0 ;
void positive(int i){ void positive(int i){
/*@ loop invariant \at(i, Pre) >= 0 ==> 0 <= i <= \at(i, Pre) ; /*@ loop invariant \at(i, Pre) >= 0 ==> 0 <= i <= \at(i, Pre) ;
...@@ -1108,7 +1120,7 @@ When a loop does not have a variant, WP checks that the loop is unreachable ...@@ -1108,7 +1120,7 @@ When a loop does not have a variant, WP checks that the loop is unreachable
when \verb+P+ holds in precondition, which means that a loop is allowed to not when \verb+P+ holds in precondition, which means that a loop is allowed to not
terminate when the function does not have to terminate. For example: terminate when the function does not have to terminate. For example:
\begin{lstlisting}[language=c, alsolanguage=acsl] \begin{lstlisting}[style=c]
//@ terminates i >= 0 ; //@ terminates i >= 0 ;
void function(int i){ void function(int i){
if(i < 0){ if(i < 0){
...@@ -1125,7 +1137,7 @@ prove that \verb+P@pre ==> Q@call-point+. Indeed, for \verb+f+ to terminates whi ...@@ -1125,7 +1137,7 @@ prove that \verb+P@pre ==> Q@call-point+. Indeed, for \verb+f+ to terminates whi
means that if the function under verification shall terminate, any call to a means that if the function under verification shall terminate, any call to a
non-terminating function shall be unreachable. For example: non-terminating function shall be unreachable. For example:
\begin{lstlisting}[language=c, alsolanguage=acsl] \begin{lstlisting}[style=c]
//@ terminates i <= 0 ; //@ terminates i <= 0 ;
void f(int i) ; void f(int i) ;
...@@ -1352,7 +1364,7 @@ See \texttt{-wp-interactive <mode>} option for details. ...@@ -1352,7 +1364,7 @@ See \texttt{-wp-interactive <mode>} option for details.
session directory. session directory.
\item[\tt -wp-finalize-scripts] remove untracked scripts according to the \item[\tt -wp-finalize-scripts] remove untracked scripts according to the
tracking directory if it does exist (does not remove anything otherwise). tracking directory if it does exist (does not remove anything otherwise).
\item[]\tt -wp-dry-finalize-scripts] scripts that might be removed by \item[\tt -wp-dry-finalize-scripts] scripts that might be removed by
\verb+-wp-finalize-scripts+ are kept, a message is printed instead for each \verb+-wp-finalize-scripts+ are kept, a message is printed instead for each
file. The marks directory is kept. file. The marks directory is kept.
\end{description} \end{description}
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment