| Age | Commit message (Collapse) | Author |
|---|
|
Mostly in the Coq backend, plus a few testcases that use bitvector
builtins on poly-vectors (which works on some backends, but not Coq).
Also handle some additional list inclusion proofs in Coq.
|
|
|
|
Fixes #53
|
|
Loops measures are now abstracted over the variables so that they can be
used in proofs. Add total Hoare logic rules for until.
|
|
This reverts commit 3fb4cf236c0d4b15831576faa45c763853632568.
|
|
|
|
|
|
|
|
Unlike the prompt-monad change I don't see a way to do this easily
purely on the model side
Make sure a64_barrier_type and domain aren't visible for RISC-V
isabelle build
|
|
|
|
Fix SMT mem_builtin test case
|
|
|
|
|
|
|
|
|
|
Previous change would stop all things defined externally from being
folded, which was overly strict. We do want to allow folding for
shared primitives, and can use the set of safe_primops in the
interpreter for this.
|
|
sail definitions
Definitions can be made external on a per-backend basis, so we need to
make sure constant folding doesn't inline external functions that have
sail definitions for backends other than the ones we are currently
targetting
|
|
|
|
Do this by making sure that generic pattern literal re-writing gets
applied to top-level function clauses. This requires re-ordering the
rewrites for most backends otherwise they break, which hopefully wo
anything.
After doing this re-ordering I had to turn off casting when rewriting
bitvector patterns, otherwise insane things can happen.
|
|
used in risc-v spec.
|
|
types in riscv
|
|
|
|
|
|
|
|
are identical
|
|
|
|
These don't appear much, but are now showing up in the sail-arm model
due to an innocent change elsewhere.
|
|
If they're merged with a type variable then we still need to name the
argument so that it can be used in other types.
|
|
|
|
|
|
|
|
|
|
In particular, bitvector subrange updates work with this version.
|
|
for 'exception.sail' test that deliberately exits with uncaught exception.
|
|
exception. This is ensures test failures are detected.
|
|
recursive.
|
|
- allow disjoint_pat to be used on patterns that have just been introduced
by the rewrite without rechecking
- don't rebuild the matched expression in the generated fallthrough case
(or any wildcard fall-through) - it may be dead code and generate badly
typed Lem
- update the type environment passed to rewrites whenever type checking
is performed; stale information broke some rewrites
|
|
- additional rewrites (signed extend of subrange@zeros, subrange assignment,
variants with casts)
- drop # from new top-level type variables (e.g., n_times_8) so that the
rewriter knows that they're safe to include in casts
- add casts in else-branches when only one possible value for a size is left
- add casts when assertions force a size to be a particular value
- don't use types to detect set constraints in analysis because we won't
know which part of the assertion should be replaced
- also use non-top-level type variables when simplifying sizes in analysis
(useful when it can from pattern matching on an ast)
- cope with repeated int('n) in a pattern match (!)
|
|
|
|
|
|
slight performance improvement and keeps compatibility with smt backend that already had a builtin for this because it can't handle the loop in the sail version. Will need implementations for prover backends.
|
|
A missing type annotation in rewrite_guarded_clauses caused a crash in
some cases. Also fix an effect propagation bug in
rewrite_letbind_effects.
|
|
In particular, this is useful for replacing basic bitvector functions
with monomorphisation-friendly ones.
|
|
Mostly to make constraints sent to the SMT solver and Coq nicer, but
also makes it easy to remove uninformative constraints in the Coq
back-end.
|
|
Add a fallthrough case that fails to potentially partial pattern
matches. This also helps to preserve any guard in the final match case,
which might be needed for flow typing (see the discussion on issue #51).
TODO: Merge with the MakeExhaustive rewrite, which currently does not
support guarded patterns.
|
|
|
|
Also get rid of the notation warnings for single element records.
|
|
Fixes #47.
Also adjust the nexp substitution so that the error message points to a
useful location, and replace the empty environment with the initial
environment in a few functions that do type checking to ensure that the
prover is set up (which may be needed for the wf check).
|
|
See <https://github.com/ocaml/ocaml/issues/8699#issuecomment-499108873>,
tested on 4.07.1 and 4.08+rc2.
|
|
|
