Changes between Version 28 and Version 29 of Language

Timestamp:

05/20/23 10:11:54 (3 years ago)

Author:

siegel

Comment:

--

Language

@@ -13 +13 @@
 === The integer type
 
-There is one integer type, corresponding to the mathematical integers. Currently, all of the C integer types `int`, `long`, `unsigned int`, `short`, etc., are mapped to the CIVL integer type.   [This is expected to change.]
+There is one integer type, corresponding to the mathematical integers.
+Currently, all of the C integer types `int`, `long`, `unsigned int`, `short`, etc., are mapped to the CIVL integer type.
+[This is expected to change.]
 
 === The real type
@@ -184 +186 @@
 }}}
 
-
 === This scope: the `$here` scope expression
 Expression of type `$scope`, evaluating to the dynamic scope in which the evaluation takes place.
@@ -194 +195 @@
 Constant of type `$scope`, the root dynamic scope.
 
-=== Range literals
+=== Range literals: `lo .. hi`
 
 An expression of the form `lo .. hi` where `lo` and `hi` are integer expressions, represents the range consisting of the integers `lo`, `lo` + 1, ..., `hi` (in that order).
@@ -242 +243 @@
 === This process: `$self`
 
-This expression of `$proc` type returns a reference to the process which is evaluating this expression.  It provides a way for code to obtain the identity of the process executing the code.
+This expression of `$proc` type returns a reference to the process which is evaluating this expression.
+It provides a way for code to obtain the identity of the process executing the code.
 
 === Spawning a new process: `$spawn`
 
-A spawn expression is an expression with side-effects. It spawns a new process and returns a reference to the new process, i.e., an object of type $proc. The syntax is the same as a procedure invocation with the keyword `$spawn` inserted in front:
+A spawn expression is an expression with side-effects.
+It spawns a new process and returns a reference to the new process, i.e., an object of type $proc.
+The syntax is the same as a procedure invocation with the keyword `$spawn` inserted in front:
 {{{
 $spawn f(expr1, ..., exprn)
@@ -276 +280 @@
 The process may not necessarily enter the atomic block as soon as these conditions hold, because some other enabled process may be scheduled first.
 In fact, some other process may obtain the atomic lock.
-But if the enabling conditions hold and this process is scheduled, it will obtain the atomic lock and begin executing the statements of the atomic block without other processes executing.
+But if the enabling conditions hold and this process is scheduled, it will obtain the atomic lock and begin executing the statements
+of the atomic block without other processes executing.
 Upon reaching the end of the atomic block, the process releases the atomic lock and exits the block.
 
 There is an exception to atomicity: if the process inside the atomic block executes a `$yield` statement, it releases the atomic lock.
 This allows other processes to execute, and even obtain the lock.
-At any point at which the atomic lock is free and the first statement following the `$yield` is enabled, the original process may re-obtain the atomic lock and continue executing its block atomically.
+At any point at which the atomic lock is free and the first statement following the `$yield` is enabled, the original process may re-obtain
+the atomic lock and continue executing its block atomically.
 
 If a statement inside an atomic block blocks, so that the process executing the atomic block has no enabled statement, execution deadlocks. 
-The exception to this rule is that the first statement in the atomic block, and the first statement after a `$yield`, as described above, may block, without necessarily causing deadlock.
+The exception to this rule is that the first statement in the atomic block, and the first statement after a `$yield`, as described above,
+may block, without necessarily causing deadlock.
 
 Atomic blocks may be nested.
@@ -291 +298 @@
 Each time it leaves an atomic block, the multiplicity is decremented.
 When the multiplicity hits 0, the atomic lock is released.
-Execution of a `$yield` does not change the multiplicity; the process releases the lock but maintains the multiplicity, so that when the lock is re-obtained, the original multiplicity is still in place.
+Execution of a `$yield` does not change the multiplicity; the process releases the lock but maintains the multiplicity,
+so that when the lock is re-obtained, the original multiplicity is still in place.
 
 === Nondeterministic selection statement `$choose`
@@ -312 +320 @@
 The implicit guard of the `$choose` statement with a default clause is ''true''.
 
-Example: this shows how to encode a “low-level” guarded transition system:
+==== Example
+This shows how to encode a “low-level” guarded transition system:
 {{{
 l1:
@@ -362 +371 @@
 
 The semantics are as follows: when control reaches the loop, one process is spawned for each element of the domain.
-That process has local variables corresponding to the iteration variables, and those local variables are initialized with the components of the tuple for the element of the domain that process is assigned.
+That process has local variables corresponding to the iteration variables, and those local variables are initialized with the components
+of the tuple for the element of the domain that process is assigned.
 Each process executes the statement ''S'' in this context.
 Finally, each of these processes is waited on at the end.
@@ -373 +383 @@
 $when (expr) stmt;
 }}}
-All statements have a guard, either implicit or explicit. For most statements, the guard is ''true''. The `$when` statement allows one to attach an explicit guard to a statement.
+All statements have a guard, either implicit or explicit. For most statements, the guard is ''true''.
+The `$when` statement allows one to attach an explicit guard to a statement.
 
 When `expr` is ''true'', the statement is enabled, otherwise it is disabled.
@@ -522 +533 @@
 In the symbolic semantics, this function assigns a fresh symbolic constant of the appropriate type to the object pointed to by `ptr`.
 
-===  Hiding pointers from the reachability analyzer: `$hide`, `$reveal`, and `$hidden`
+===  Hiding pointers: `$hide`, `$reveal`, and `$hidden`
 
 The partial order reduction algorithm used by the CIVL Model Checker computes the set of memory locations that a process ''p'' can reach.
@@ -530 +541 @@
 graph are the reachable objects of ''p''.
 
-There are times when one wants to modify this directed graph by ignoring some edge.   The purpose of these functions is to provide a way to do this from CIVL-C code.
+There are times when one wants to modify this directed graph by ignoring some edge.
+The purpose of these functions is to provide a way to do this from CIVL-C code.
 The signatures are:
 {{{
@@ -537 +549 @@
 $system _Bool $hidden(const void* ptr);
 }}}
-Function `$hide` wraps a pointer object in another object which is opaque to the reachability analyzer, i.e., the analyzer will not look inside this object and therefore will not find the hidden pointer.   Nothing can be done with this hidden pointer until it is "revealed", i.e., extracted from the opaque object.   The function `$hidden` tells whether its argument is a value returned by `$hide`.
-
-=== Checking whether a pointer dereference is safe: `$is_derefable`
+Function `$hide` wraps a pointer object in another object which is opaque to the reachability analyzer, i.e., the analyzer will not look inside
+this object and therefore will not find the hidden pointer.
+Nothing can be done with this hidden pointer until it is "revealed", i.e., extracted from the opaque object.
+The function `$hidden` tells whether its argument is a value returned by `$hide`.
+
+=== Checking pointer safety: `$is_derefable`
 
 This function has signature
@@ -548 +563 @@
 This means `ptr` points to a memory location that is capable of and is currently holding a value of type T, where T is the type of `*ptr`.
 
-=== `$is_terminated`
+=== Checking process termination: `$is_terminated`
 
 Signature: