Structured Typesetting (STS) generation

[tirix]

I've tried to make as few changes as possible. The changes are in the following source files:

• metamath.c for the changes to the SHOW STATEMENT command and the new VERIFY STS command, as well as the output post-processing,
• mmcmdl.c for the new HELP command options, and the new commands,
• mmcmds.c for the changes to the SHOW STATEMENT command at top level (distinct and dummy variables, syntax hints),
• mmdata.c for some utility functions,
• mmhlpa.c and mmhlpb.c for the new built-in HELP options,
• mmhtbl.c, a new file with a hash table implementation,
• mmwsts.c, a new file with the main STS implementation,
• mmwtex.c, for the main hook into the STS formula output and for in-line comment formulas.

This also adds a .gitignore file to ignore object files.

[wlammen]

Why did you add the makefile? The readme instructions note several ways to compile metamath, including gcc m*.c -o metamath, and using automake.

[wlammen]

metamath.c line 3032 duplicated code from line 2393

[wlammen]

style, readability command line option STS: Norm used always verbose forms, consider expanding it to something like STRUCTURED_TYPESETTING or so

[wlammen]

built-in help does not cover new option

[tirix]

Thank you Wolf for your review!

built-in help does not cover new option

It actually does, see changes in mmhlpa.c and mmhlpb.c.

style, readability command line option STS: Norm used always verbose forms, consider expanding it to something like STRUCTURED_TYPESETTING or so

That's very verbose, though. Maybe just "STRUCTURED" ?

Why did you add the makefile? The readme instructions note several ways to compile metamath, including gcc m*.c -o metamath, and using automake.

Sure, I can remove the makefile.

[benjub]

How do you render this "structured typesetting"? Is this MathML, MathJax or something like this ?

For texts, and in particular help texts, Norm used the double-space convention between sentences, and I admit I like that.

[tirix]

How do you render this "structured typesetting"? Is this MathML, MathJax or something like this ?

Yes, the set-mathml.mmts file contains instructions about how to display set.mm formulas as MathML. Then, the MathML result is sent to MathJax for rendering.
The actual MathJax command used is included in that file in the $c ... $. instruction towards the end of the file. That instruction is read and executed by the metamath-exe program, with the input file generated send it its standard input.

For texts, and in particular help texts, Norm used the double-space convention between sentences, and I admit I like that.

Your wish has come true with the last commit!

[benjub]

Double space here ! And I would write "non-definitional" with a hyphen, or even "nondefinitional", since "non" is not a word.

[benjub]

Thanks. So maybe you can use the option "/ MATHML" ? I'm fine with "/ STRUCTURED" too. I cannot approve this PR since I am not fluent in C :-(

[wlammen]

The option STS or /STRUCTURED is the second alternative to /HTML and /ALT_HTML. Are you able to roughly tell in what way these options differ by just looking at the name? If not, people will have to guess at what the result of invocations are. Do you expect this option to be typed by users of metamath directly? Or will it be likely be part of a script rarely changing? If you type the option frequently, a short name is handy, otherwise even a very long option name will hardly annoy anyone, but is easily understandable to casual readers of the script.
If I understand your code right, embedded snippets are translated via a sort of grammar file into true HTML. This process is then best expressed in your option tag.

I am still busy with Xmas, have just skimmed your PR. I currently cannot look into this further.

[tirix]

Thanks. So maybe you can use the option "/ MATHML" ? I'm fine with "/ STRUCTURED" too.

I wanted to keep it generic because one could generate anything with it, not just MathML.
The set-mathml.mmts just happens to contain rules to generate MathML, the Metamath.exe functionality is completely unaware of what it is (actually, I had written another file to generate LaTeX with the same method).

[tirix]

The option STS or /STRUCTURED is the second alternative to /HTML and /ALT_HTML.

Yes, and it is itself followed by the name of the production to use. A command would typically be:
SHOW STATEMENT syl / STS mathml
which instructs the program to read and execute the mathml instruction file (set-mathml.mmts).

If you had, say, a graphviz-dot instruction file, the command:
SHOW STATEMENT syl / STS graphviz-dot
would search a set-graphviz-dot.mmts file, and presumably output some graphs instead of formulas (that might be an interesting experiment!).

If I understand your code right, embedded snippets are translated via a sort of grammar file into true HTML. This process is then best expressed in your option tag.

Yes, that's roughly the process. So if I follow you, we could use e.g. /STS_HTML as an option tag?

[wlammen]

What about EXPAND_HTML? Or HTML_EXPAND?
Note that structured is an adjective (usually used to describe a state/property) while expand is a verb (describing a process/activity). If you prefer an adjective here, consider (EMBEDDED_)ENCODING.
I wonder whether the proposed technique is limited to typesetting. If not, the suggestions here are generic enough to even cover exotic applications.

[benjub]

When running metamath, it is enough to type any non-ambiguous prefix, so here, MM> show statement syl /S mathml would suffice. In other words, there is no big inconvenience in having a verbose option. As for option names, I always thought the other two (HTML, ALT_HTML) were not optimal. I think more explicit choices would be /UNICODE and /GIF.

[wlammen]

.gitignore: OK, see here (https://stackoverflow.com/questions/6626136/best-practice-for-adding-gitignore-to-repo)
Maybe one should put this info into the README?

[wlammen]

metamath.c line 60 suggest a version number and add a changelog entry.

[wlammen]

naming consistency mmwtex.h line 33: stsFlag (and possibly following) should be prefixed with g_ (g_stsFlag, matching g_altHtmlFlag for example), see changelog 0.187 metamath.c, line 88

[wlammen]

optimization metamath.c line 2381: The function switchPos("/ STS") is called three times more or less in succession. Consider evaluating the result once and use a local variable to recall the result within the if conditions.

[wlammen]

parsetSTSRules type: why parset...? Looks like a typo

[wlammen]

meamath.c line 2977: Suspicious value of i. The other options / TIME or / NO_VERSIONING add 2 to the number of options, seemingly counting the slash and the tag as different entries. Why is this not done for / STS? If the count is correct, IMO a comment should clarify the underlying logic.

to be continued...

[tirix]

@wlammen I'm going to copy your remarks directly into a code review, it creates a sub-thread per remark and I think it's much easier to follow like that.

[tirix]

metamath.c line 60 suggest a version number and add a changelog entry

Ok, I've updated the history and proposed a version 0.199.
This kind of history entry can only really be finalized at the merge time (imagine another PR comes before) and typically will create merge conflicts, though.

[tirix]

@wlammen writes:

OK, see here (https://stackoverflow.com/questions/6626136/best-practice-for-adding-gitignore-to-repo)
Maybe one should put this info into the README?

I'm not sure which info you would like to add to the README.
There is a standard .gitignore file for C projects here, we could give it a try.
Maybe better in a separate PR?

[wlammen]

The reason why I added this comment is, because the metamath sources are distributed via a tar archive as well. Obviously you wont need the gitignore in this case. I think, some kind of distribution how-to is finally called for. That are my thoughts. I was curious why you added the file. Separate PR is fine with me.

[tirix]

@wlammen wrote:

stsFlag (and possibly following) should be prefixed with g_ (g_stsFlag, matching g_altHtmlFlag for example), see changelog 0.187 metamath.c, line 88

Yes, this global variable naming convention has been introduced after I programmed the STS module. As an improvement, I could retrofit this to follow it too.

[wlammen]

These are the current rules.

[tirix]

@wlammen wrote:

optimization: The function switchPos("/ STS") is called three times more or less in succession. Consider evaluating the result once and use a local variable to recall the result within the if conditions.

I don't think this is called 3 times. There are 3 else..if branches, and it is called one time in each, to ensure only one HTML output formatting option is chosen.

[wlammen]

You're right. It still looks awkward since the call and the parameter is coded several times.

[tirix]

@wlammen wrote:

parsetSTSRules type: why parset...? Looks like a typo

Yes, it's a typo. I'll fix that!

[tirix]

@wlammen wrote:

Suspicious value of i. The other options / TIME or / NO_VERSIONING add 2 to the number of options, seemingly counting the slash and the tag as different entries. Why is this not done for / STS? If the count is correct, IMO a comment should clarify the underlying logic.

Interesting. So, a typical SHOW STATEMENT command looks like this:
SHOW STATEMENT syl / HTML
That would be g_rawArgs = 5, which already includes 2 arguments for the / HTML.
As you correctly guessed, for / NO_VERSIONING and / TIME, there are two more arguments, therefore the +2.
In the case of STS, the / STS would already be accounted for in the 5 (taking the place of the / HTML), so that's not why the +1 is for. Rather, in the case of STS, there is one more argument, namely the name of the output processing, e.g. mathml. That is what the +1 is for.

I'll add a comment to make that clearer.

[wlammen]

I am subject to a learning curve as well while reviewing, wrt both to your source code and the review style.

[wlammen]

Incorrect indentation

[wlammen]

Duplicated code from line 586 (with i == 2)

[wlammen]

Duplicated code from line 357

[wlammen]

Duplicated code from line 377

[wlammen]

Suspicious i in first loop: -1, which is at least out of bounds for salt, likely for s, too.

[tirix]

I'll answer this one now as it is interesting, useful for the rest of the review... and definitely deserves more information in the comments!

Actually, indices -1, -2 and -3 are valid and used in nmbrString:

• Index -1 is the length of the number string. See nmbrLen (mmdata.c line 1023)
• Index -2 is the allocated length, i.e. how many numbers are available totally (could be more than the actual current length of the string). See nmbrAllocLen (mmdata.c line 1032)
• Index -3 is the location in memUsedPool (for memory management)

In this specific case, I wanted to include the length of the string in the hash, which I think makes sense but shall have been explained.

In any case, you clearly spotted a mistake here because in the salt, index -1 is clearly invalid!

[digama0]

Any use of negative indices should be wrapped behind a macro to provide more safety and clarity. (That is, there should be a macro like #define nmbrLen(p) p[-1] where p has type nmbrString which is a typedef for int* or what have you.

[wlammen]

Declaration is Initialization rule (section 4.5 in https://docs.oracle.com/cd/E17984_01/doc.898/e14699/variables_data_structs.htm) Initialize with value from line 1113

[wlammen]

Only 13 (?) values actually needed. Remove/comment out unneeded ones.

Where is the hash algorithm explained? Add a comment/link.

to be continued...

[wlammen]

Suspicious index in first loop: -1, if sstart == 0. (1) Out of bounds access to s and t, or (2) Parameters sstart and tstart must be > 0.

Either provide parameter checks (cf. line 1211), or (minimum) state limitations in comment line 1122

[wlammen]

This means: If garbage is provided in parameter start_position, then I sanitize it to something more useful, hoping for the best. This kind of fault tolerance supports a sloppy programming on the caller's side. Better throw an exception, or call bug()

[wlammen]

Explain parameters (semantics and limitations) in a comment. For example, what does occ mean? n would match the functions name.

[wlammen]

Pull constant evaluations out of the loop.

[wlammen]

declare i and j in for commands

[wlammen]

incorrect indentation

[wlammen]

This condition is usually part of the for-command.

[wlammen]

declaration should be initialization

[wlammen]

The return value is pushed on an internal variable stack with an implicit memory management. This important detail is not mentioned in the comment.

[wlammen]

Should explain parameters and specify their limitations.

[wlammen]

This is private to htinit() so declare it there as a static variable

[wlammen]

It is safer to initialize this to NULL and 0

[wlammen]

The problem here is that you copy a pointer, not its value, from a parameter to the result. The caller handles the parameter's contents with a series of let() instructions, finally freeing it. All these operations are done without ht.name in mind. This opens up all kinds of memory allocation/access failures. Even if you know, this won't happen in the foreseeable future, you need a guarantee, or a contract, here to decouple caller and callee.

[wlammen]

DRY duplicated code from line 76

to be continued...

[tirix]

@wlammen thank you very much for your careful review!
I think you are not quite done yet: please give me a heads up when you are, and I will try to address all remarks at once.

[wlammen]

New Year's Eve is closing in. I need some time for it.

[wlammen]

"schemed" typo

[wlammen]

g_ prefix missing from global variables (here and elsewhere in this file)

[wlammen]

English: where endStatement...

[wlammen]

is there a reason to avoid specific C types in parameter declarations? And so dodge C type checking?
key: char const *
data: mathToken_struct const *

[wlammen]

Optimization: The first loop seems to check element data again, and the outcome is known to be 0. So I suggest to initialize with long* ptr = (long*) data + 1;

[wlammen]

The comment should explain the result, that is limited to -1, 0 and +1, and what is delivered when.
It seems possible that the token list contains the same key multiple times in succession. Since this is part of a binary search, data may point somewhere in the middle of such a series. Is it guaranteed to hold just one global element (there is a suspicious active flag in the structure, that may allow a disabled and enabled element in the same series)? Is it guaranteed there is always a global element present? If either assumption is missed, the binary search may fail.

Clarify the so-called pre-/postconditions in a comment.

[wlammen]

incorrect use of prefix g_

[wlammen]

definition is initialization long textLen = (long) strlen(text); same for wrklen etc.

[wlammen]

and whiteSpaceLen

[wlammen]

This should be the while condition

[wlammen]

tip: wrkNmbrPtr[mathStringLen++] = ... saves the following line and can reduce code size
same for fbPtr += tokenLen_ + 1;

[wlammen]

Document Pre/Postconditions

[wlammen]

suspicious cast to eqFunc in line 235: The signature of this function does not match that of eqFunc: int (eqFunc)(void *, void *)

[wlammen]

suspicious cast: signature of stsDumpCache does not match eqFunc.

[wlammen]

Coding style: This function is way too long. It covers more than 300 lines. This exceeds the recommended max length of 20 lines by far, and its code is easily broken down into steps that can be moved into helper functions. https://stackoverflow.com/questions/475675/when-is-a-function-too-long

document pre/postconditions: example: stsFormat is both an input and an output variable, but that is not easily seen.

[wlammen]

move the early out code to the beginning of the function where parameter checks usually take place

[wlammen]

This type of comment is not ANSI C compatible (see section 3.1.9). Use /* ... */ instead

[digama0]

I thought we were agreed on C99 now? I don't mind seeing // creep in, even if we don't do any bulk conversions.

[wlammen]

Have we? Can you point me to where the decision took place?

[digama0]

I'm thinking of #8 (comment) . In short: we already compile only on C99, even before taking into account the recent refactors. (I'm not opposed to pushing the minimum beyond C99 (i.e. C11), but I don't think we should consider ANSI C (C89) any more.)

[wlammen]

In C99 this issue is not relevant and can be ignored.

[wlammen]

Optimization: Use a dedicated loop variable in for loops. A compiler will allocate a CPU register for that.
for (long o = occ + 1; --o > 0;) {... (replace occ with o in loop)...}
is how I would write it.

Info: There is a tiny semantic change in my example: If the memory model of the computer supports signed magnitude instead of two's complement AND occ is MAX_LONG then (occ + 1)-1 == occ may not hold. We can safely ignore this nowadays.

[digama0]

long is a signed type, and signed overflow is UB, so I think that this change is legal by the spec.

[wlammen]

@digama0 Exactly. Because occ+1 is UB when occ==MAX_LONG, --o may contain anything, and the loop starts with a random value. This cannot happen with the original code. We can safely ignore this semantic difference here.

[wlammen]

why is occ defined as long? Do you really expect more than two billion occurrences (or even 32000 should int be only 16 bit wide) of a substring in a string?

[wlammen]

check indentation

[wlammen]

make this a static variable within htinit(). It is completely private implementation detail in this function.

[wlammen]

change this to
#if 0
test code
#endif
to comply with ANSI C

[wlammen]

I think there are already lots of ideas and issues for refactoring the source. In particular extracting code from long functions into auxiliary sub-function and documenting pre/postconditions can help with further review, since the source becomes a lot more readable then.

In addition merge conflicts have to be resolved.

[tirix]

Thank you very much @wlammen for your efforts reviewing my code!

Indeed now, before this can be merged, I'll have to solve the conflicts with all the refactoring that's going on.

[digama0]

I took care of merging this with master. @tirix , you should double check the last commit, which fixes a few warnings I was getting with the original version.

[tirix]

Thank you Mario!
This looks good to me!