GitLab

In particular, inline and simplify uses of add_with_carry/sub_with_borrow with a zero argument.

Toom multiplication can now be extracted

This is necessary so that rsymbols can be printed
consistently in Expr.

Also, Pretty.print_vs uses Ident.print_decoded now,
since variables can have operator names.

It is possible to append an arbitary number of quote symbols
at the end of an prefix/infix/mixfix operator:

            applied form      standalone form

              -' 42               (-'_)
              x +' y              (+')
              a[0]' <- 1          ([]'<-)

Pretty-printing will use the quote symbols for disambiguation.

The derived symbols can be produced by Why3 by appending
a suffix of the form "_toto" or "'toto". These symbols can
be parsed/printed as "(+)_toto" or "(+)'toto", respectively.

This commit removes all hard-coded "infix ..", "prefix ..",
and "mixfix .." from the rest of the code, and handles the
symbolic notation entirely inside Ident. It does not change
the notation itself.

      and fix one added recently

On a missing "diverges", Vc emits a warning and adds
a "false" sub-goal at the location of the non-terminating
loop or function call. The explanation on this sub-goal is
"termination", but should probably be "termination (failure)".

The "diverges" clase propagates downwards: if it is put on
the top-level function, there is no need to repeat it on local
functions or abstract blocks.

Clone "with axiom ." or "with goal ." to change the default
("with lemma ." is also accepted, just in case).

These names are only visible under "ensures" but not under "returns".
If the result is named, the special variable "result" is not used.
In a tuple, either each component should be named, or none at all.
Underscores are allowed. Parentheses around the return type are required.
Each name must be given its own type: "f () : (x y: int)" is rejected.
Identifiers without cast are treated as types, not as names.
To name the result without giving its type, use "returns".

fixes issue #57

a new theory relations.WellFounded is introduced for this purpose
(and must be imported whenever one wants to make use of a custom
relation for a variant)

it defines, inductively, a notion of accessibility for a given
predicate R (x is accessible whenever all elements smaller than x for R
are alreay accessible)

whenever one has to prove that a variant decreases, a new VC is also
generated, to show that the old value of the variant is accessible
for the order relation

note: accessibility being defined inductively, proving well-foundedness
is out of reach of SMT solvers; but at least this is sound now

Also, move some model-related labelling from Parser to Vc.

a branch is typed *after* unifying the type of the pattern with the
type of the matched value

fixes issue #124 (return type and coercions)

done in both logic and programs

This closes issue #122

OCaml 4.07 introduces a new standard module named Stdlib, which clashes
with the one from Why3 (during the compilation of Why3).

There are some incompatibilities between SML and CakeML syntax (e.g. application of Constructors)