From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-0.9 required=5.0 tests=BAYES_00,FORGED_GMAIL_RCVD,
	FREEMAIL_FROM autolearn=no autolearn_force=no version=3.4.4
X-Google-Thread: 103376,1d1caf8fb79ff030
X-Google-NewGroupId: yes
X-Google-Attributes: gida07f3367d7,domainid0,public,usenet
X-Google-Language: ENGLISH,ASCII
Received: by 10.68.74.201 with SMTP id w9mr21047752pbv.0.1331029443420;
        Tue, 06 Mar 2012 02:24:03 -0800 (PST)
Path: 
 h9ni45468pbe.0!nntp.google.com!news2.google.com!postnews.google.com!glegroupsg2000goo.googlegroups.com!not-for-mail
From: mark.lorenzen@gmail.com
Newsgroups: comp.lang.ada
Subject: Re: SPARK loop VCs that go "one beyond" the loop?
Date: Tue, 6 Mar 2012 02:17:41 -0800 (PST)
Organization: http://groups.google.com
Message-ID: <13465739.3192.1331029061301.JavaMail.geo-discussion-forums@ynne2>
References: <aYCdndGkyL_dCc7S4p2dnAA@giganews.com>
 <MPG.29bdc816fbebb1ae989692@news.zen.co.uk>
 <vpqdnYMbkompW87S4p2dnAA@giganews.com>
NNTP-Posting-Host: 193.163.1.105
Mime-Version: 1.0
X-Trace: posting.google.com 1331029443 10517 127.0.0.1 (6 Mar 2012 10:24:03
 GMT)
X-Complaints-To: groups-abuse@google.com
NNTP-Posting-Date: Tue, 6 Mar 2012 10:24:03 +0000 (UTC)
In-Reply-To: <vpqdnYMbkompW87S4p2dnAA@giganews.com>
Complaints-To: groups-abuse@google.com
Injection-Info: glegroupsg2000goo.googlegroups.com;
 posting-host=193.163.1.105;
 posting-account=Srm5lQoAAAAEMX9rv2ilEKR6FDPapmSq
User-Agent: G2/1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Date: 2012-03-06T02:17:41-08:00
List-Id: <comp.lang.ada>

Den s=F8ndag den 4. marts 2012 20.44.41 UTC+1 skrev Peter C. Chapin:
>=20
> That worked! However, I'm still trying to understand the general=20
> principle that can guide me in these situations. I feel like I have to=20
> resort to semi-random attempts until I stumble into something that works.

Peter,

I strongly recommend Phil's proof tutorials that can be found here: http://=
www.sparksure.com/7.html

Try and have a look at chapters 7 and 8 in order to understand how the exam=
iner transforms loop constructs into a standard form, from which it generat=
es VCs. This should help you understand where invariants can be placed and =
what they should express.

Regards,

Mark L