1. 15 Nov, 2015 1 commit
    • Andrei Paskevich's avatar
      Mlw: admit fields with mutable types in private records · f522e56e
      Andrei Paskevich authored
      this should not be problematic as long as these fields do not occur
      in the invariants (actual or refined). In other words, a value of
      a private type exists no matter what is stored in the field.
      
      Also, admit non-private mutable types without actual mutable fields.
      It is actually impossible to create a write effect for such types,
      and the only consequence of being mutable is that they are assigned
      a region, and so every value of such type can be tracked individually.
      One use case for this is a non-private record with an invariant,
      which either has fields with mutable types or has type parameters
      that we wish to instantiate with mutable types. If we modify these
      mutable components, this may break the record's invariant. Now, if
      the record itself is immutable (and thus has no associated region),
      then we must reestablish the invariant immediately, otherwise we
      lose track of the value. Even if this extra flexibility does not
      prove useful in the end, it seems to be harmless.
      
      Also, admit type definitions of the form
        type t 'a = (private|abstract)? mutable? {} invariant*
      which define private empty records (even if not declared private).
      
      Also, "type t 'a" is now equivalent to "type t 'a = private {}".
      f522e56e
  2. 13 Nov, 2015 1 commit
  3. 10 Nov, 2015 3 commits
  4. 08 Nov, 2015 2 commits
  5. 25 Sep, 2015 1 commit
  6. 19 Sep, 2015 1 commit
  7. 18 Sep, 2015 4 commits
  8. 13 Sep, 2015 2 commits
  9. 24 Aug, 2015 2 commits
  10. 22 Aug, 2015 10 commits
  11. 21 Aug, 2015 5 commits
  12. 20 Aug, 2015 5 commits
    • Andrei Paskevich's avatar
      HighOrd is new Map · 402fa65b
      Andrei Paskevich authored
      0. define Map.map 'a 'b as an alias 'a -> 'b
      1. define Set.set as an alias for 'a -> bool
      2. rename HighOrd.func to (->)
      3. remove HighOrd.pred
      4. update drivers
      402fa65b
    • Jean-Christophe Filliatre's avatar
      96c82e82
    • Andrei Paskevich's avatar
      adapt the standard library · cb9aa0a2
      Andrei Paskevich authored
      except for modules/impset.mlw (because of Fset) and modules/mach/*
      (because of program cloning), the standard library now typechecks.
      
      This is still very much the work in progress. Many functions and
      predicates have still to be converted to "let function" and
      "let predicate". Here are some TODOs:
      - do not require the return type for "val predicate", "val lemma", etc.
      - do not require explicit variant for "let rec" if the code passes
        the termination check in Decl (see list.why)
      - what should become "val ghost function" and what should stay just
        "function" (see array.mlw, matrix.mlw, string.mlw, etc)?
      - some defined functions in algebra.why and relations.why had to be
        removed, so that they can be implemented with "let function" in
        int.mlw (since they are defined, they cannot be instantiated with
        let-functions). This seems too restrictive. One way out would be
        to authorise instantiation of defined functions (with a VC).
      - should we keep the keyword "model"? reuse of "abstract" in types
        breaks syntax coloring ("abstract" requires closing "end" in
        programs but not in types; maybe we can drop that "end" again?).
      cb9aa0a2
    • Andrei Paskevich's avatar
      Typing: remove excessive traversal · 1d3d25c8
      Andrei Paskevich authored
      1d3d25c8
    • Andrei Paskevich's avatar
      Pmodule: fix unit_module · 32b7287f
      Andrei Paskevich authored
      32b7287f
  13. 19 Aug, 2015 3 commits