d60b796 | Gustavo Delerue | 28 April 2024, 20:45:40 UTC | Refactoring and added more translations | 28 April 2024, 20:45:40 UTC |
47c3d41 | Lionel Blatter | 25 April 2024, 15:00:11 UTC | More refactoring | 25 April 2024, 15:00:11 UTC |
e9594f2 | Lionel Blatter | 25 April 2024, 14:21:33 UTC | Some refactoring and fixes | 25 April 2024, 14:21:33 UTC |
177d403 | Gustavo Delerue | 22 April 2024, 16:36:29 UTC | Added SSA conversion (testing) | 22 April 2024, 16:36:29 UTC |
ec5fdfe | Gustavo Delerue | 22 April 2024, 12:02:47 UTC | WIP - Refactoring PolyEnc | 22 April 2024, 12:02:47 UTC |
fb42428 | Lionel Blatter | 16 April 2024, 20:57:36 UTC | Add forall | 16 April 2024, 20:57:36 UTC |
c7316c4 | Gustavo Delerue | 15 April 2024, 21:52:05 UTC | WIP - Barrett red example translation (needs testing and check) | 15 April 2024, 21:52:05 UTC |
e8741ac | Gustavo Delerue | 15 April 2024, 13:27:16 UTC | wip : Added env prop | 15 April 2024, 13:27:16 UTC |
9773515 | Gustavo Delerue | 08 April 2024, 12:35:35 UTC | Small working example | 08 April 2024, 12:35:35 UTC |
67a0a94 | Gustavo Delerue | 05 April 2024, 21:09:14 UTC | wip | 05 April 2024, 21:09:14 UTC |
ac3cc65 | Lionel Blatter | 05 April 2024, 13:22:05 UTC | Add zify tactic | 05 April 2024, 13:22:05 UTC |
57e6137 | Lionel Blatter | 04 April 2024, 13:58:33 UTC | WIP | 04 April 2024, 13:58:33 UTC |
6370840 | Gustavo Delerue | 14 March 2024, 16:47:29 UTC | First compiling version | 14 March 2024, 16:47:29 UTC |
e4e866c | Gustavo Delerue | 14 March 2024, 16:19:43 UTC | PolyEnc non func | 14 March 2024, 16:19:43 UTC |
c5f30c8 | Alley Stoughton | 08 March 2024, 23:54:43 UTC | Added example usage of well-founded recursion and induction (#518) to examples directory. Cleaned up various things in WF.ec, including standardizing some terminology. | 08 March 2024, 23:54:43 UTC |
a8274fe | Pierre-Yves Strub | 07 February 2024, 09:08:55 UTC | Optimize pretty-printing of notations The printer now does a eager filtering of notations (only notations that share the same head symbol as the printed formula are considered) The does not change the behavior of the pretty-printer, but greatly improves performance. | 07 February 2024, 16:39:46 UTC |
f7992e1 | Cameron Low | 30 January 2024, 16:41:48 UTC | Remove module overriding when cloning a theory. (#458) | 30 January 2024, 16:41:48 UTC |
ed61f01 | Pierre-Yves Strub | 11 December 2023, 11:05:03 UTC | New tactic: "case <-" This tactic "inlines" tuple assignments, i.e. it transforms ``` (lv1,...,lvn) <- (e1,...,en); ``` in ``` lv1 <- e1; ... lvn <- en; ``` | 30 January 2024, 15:30:11 UTC |
5903e1f | Pierre-Yves Strub | 11 December 2023, 10:54:25 UTC | Internal: minor additions to EcLowPhlGoal & EcMatching modules - EcMatching.Zipper.map - EcLowPhlGoal.{is_program_logic,hl_set_stmt} | 30 January 2024, 13:29:18 UTC |
ff7b195 | Cameron Low | 19 January 2024, 12:29:44 UTC | New tactic: `rewrite equiv` The main idea is to provide a way to rewrite a procedure call, somewhere in a program, into a different procedure call, using an equiv. There is a variant provided to handle cases where the function to be rewritten to has different arguments and/or left-value than the instance provided. Syntax and variants: - Same arguments: `rewrite equiv[{m} p d lem]` - Different arguments: `rewrite equiv[{m} p d lem (a1, a2, ... :@ lv?)]` with - `m`: 1 or 2 - `p`: code position - `d`: direction, either `-` or nothing - `lem`: equiv for the rewrite - `ai`: an expression representing a function argument - `lv`: a left-value For example usage see: `tests/rwequiv.ec` or instances in the stdlib. | 29 January 2024, 14:29:12 UTC |
4401490 | Benjamin Grégoire | 29 January 2024, 13:23:41 UTC | Refactoring & simplfication of the low-level substitution. The low-level substitution is now in `EcCoreSubst` Co-authored-by: Pierre-Yves Strub <pierre-yves@strub.nu> | 29 January 2024, 13:31:44 UTC |
2b3bbad | Pierre-Yves Strub | 15 December 2023, 19:16:51 UTC | docker: fix opam init CL | 15 December 2023, 19:16:51 UTC |
12af606 | Cameron Low | 15 December 2023, 10:45:02 UTC | New tactic: `outline` (#473) The main idea is to provide an inverse to inline when proving an equiv. Currently, it supports basic procedure unification that requires manual selection of the program slice to unify with, as well as, requiring near exact matches on program structure. An optional return value can be supplied for situations where the return expression is just a program variable and needs to be renamed/deconstructed. There is also support for statement outlining although, this is more of a transitivity * with program slicing so may require change. Syntax and variants: - Procedure outlining: outline {m} [s - e] lv? <@ M.foo - Statement outlining: outline {m} [s - e] { s1; s2; ... } with - m: 1 or 2 - s,e: code position - M.foo: path to procedure - lv: a left-value when `s = e`, one can use `[s]` instead of `[s-s]` For example usage see: tests/outline.ec | 15 December 2023, 10:45:02 UTC |
1733c19 | Pierre-Yves Strub | 12 December 2023, 11:36:40 UTC | Docker: bump OCaml to 5.1.0 | 12 December 2023, 14:58:32 UTC |
943fc84 | François Dupressoir | 12 December 2023, 10:46:03 UTC | Bump provers to latest that succeeds, drop CVC4 Only Alt-Ergo needs kept back. | 12 December 2023, 13:46:57 UTC |
98139b7 | Pierre-Yves Strub | 12 December 2023, 10:54:24 UTC | nix-shell: remove why3 pin | 12 December 2023, 12:58:20 UTC |
736e322 | Francois Dupressoir | 12 December 2023, 12:18:17 UTC | remove a global axiom warning from the UC example (#502) | 12 December 2023, 12:18:17 UTC |
4c564f5 | Pierre-Yves Strub | 06 December 2023, 10:56:36 UTC | Internal API: process_Xhl_* This family of functions type-check a formula w.r.t. a memory that is infered from the program logic goal. The commit changes two things: - for prhl, its uses the same memory name as the one used in the program logic goal. (Previously, it was using `mhr`) - its returns the memory that has been used for the type-checking | 11 December 2023, 12:52:51 UTC |
4f02829 | Pierre-Yves Strub | 11 December 2023, 07:03:04 UTC | New command prefix: `fail` This prefix indicates that the following command should fail and that the error has to be ignored. It is an actual error if the command does not fail. In interactive mode, the error is printed (at [info] level). The main purpose of `fail` is to allow to write more precise unit tests where one can indicate which command shoud actually fail. | 11 December 2023, 10:07:50 UTC |
530a354 | Pierre-Yves Strub | 11 December 2023, 09:40:46 UTC | CI: do not skip successful duplicates If so, we can end with PR to protected branches that are blocked. | 11 December 2023, 09:50:22 UTC |
bbe5e6d | Pierre-Yves Strub | 11 December 2023, 06:12:54 UTC | CI: unit tests In the automated tests, add a section `unit`for unit tests. The unit tests are checked by the CI. They can be run using `make unit`. | 11 December 2023, 09:11:50 UTC |
9c1ec6b | Pierre-Yves Strub | 07 December 2023, 13:30:49 UTC | CI: skip duplicated jobs | 07 December 2023, 15:57:05 UTC |
1d3dcaa | Benjamin Gregoire | 07 December 2023, 15:38:16 UTC | extend weakmem to hoare/choare/ehoare/equiv | 07 December 2023, 15:56:27 UTC |
6576223 | Benjamin Gregoire | 06 December 2023, 15:12:04 UTC | Fix reduction w.r.t. memory types. This commit fixes two bugs: - the memory types (in all hoare logic constructor) were not taken into account in conversion. - the bounded memories where not substituted for alpha conversion. | 07 December 2023, 10:35:52 UTC |
9e85ab1 | Benjamin Gregoire | 06 December 2023, 17:00:18 UTC | Add tactic `weakmem` This tactic allows to weaken the memory of a phoare hypothesis by adding new variables to it. This tactic is needed in the while rule for phoare, when one wants to apply the induction hypothesis & the memories are not compatible. Currently, the convertibility check does not enforce that memories are equal, but a to-come PR is going to fix that point. | 07 December 2023, 10:21:48 UTC |
d248e73 | Pierre-Yves Strub | 06 December 2023, 05:52:29 UTC | rndsem: new version that only computes the distribution for used variables This version was already available internally. This commits only add the needed syntax for accessing it. The syntax is: `rndsem* <options>`. closes #415 | 06 December 2023, 15:25:53 UTC |
7c0adea | Pierre-Yves Strub | 05 December 2023, 16:20:13 UTC | In substitutions, lazyly refresh the codomain of the univar map This map is allowed to do name capture and is hence sensitive to bound variables renaming. | 05 December 2023, 16:33:38 UTC |
dd02a37 | Pierre-Yves Strub | 05 December 2023, 10:08:59 UTC | In view application, close cut formula after substitution If not, we are creating a capture. The bug is hidden because we are not using a refreshing substitution in this case. | 05 December 2023, 14:03:35 UTC |
0de7f16 | Pierre-Yves Strub | 04 December 2023, 14:17:14 UTC | Compile in `dev` mode by default. Until now, `make` was building EasyCrypt in release mode. The set of warning flags in release mode is weaker then in development mode. Switching to dev mode caused the apparition of some warnings. This commit fixes them. | 04 December 2023, 15:39:51 UTC |
068fdd9 | Pierre-Yves Strub | 01 December 2023, 21:49:53 UTC | nix: do not pin provers versions nix-flake should be used to pin provers to a given version. | 02 December 2023, 11:10:24 UTC |
c0376b7 | Pierre-Yves Strub | 02 December 2023, 08:00:15 UTC | Bump the minimal version of Why to 1.7 This allows us to use more recent versions of the provers. The docker images have been updated accordingly. Docker now comes with the following provers: - Z3 4.12.2 - CVC4 1.8 - CVC5 1.0.6 - Alt-Ergo 2.5.2 | 02 December 2023, 08:24:16 UTC |
14a397c | Pierre-Yves Strub | 01 December 2023, 17:16:43 UTC | runtest: new option: why3 (why3 configuration file location) | 01 December 2023, 21:44:34 UTC |
23e603e | Pierre-Yves Strub | 01 December 2023, 20:13:32 UTC | runtest: allows to specify provers from the CLI | 01 December 2023, 21:27:04 UTC |
42a7841 | Pierre-Yves Strub | 01 December 2023, 16:42:37 UTC | runtest: do not try to load pyyaml when reporting is disabled | 01 December 2023, 16:53:46 UTC |
15f0751 | Pierre-Yves Strub | 01 December 2023, 15:12:27 UTC | Allows selecting a prover by its version number. Syntax is name@version. The selected prover is the prover with name `name` and with the lowest version that is greater (or equal) than `version`. For example, if Z3 4.8.0, Z3 4.8.2 & Z3 4.12.2 are installed, Z3@4.8 selects Z3 4.8.2. | 01 December 2023, 16:15:50 UTC |
27edb8a | Pierre-Yves Strub | 30 November 2023, 07:12:31 UTC | opam: allow Why3 1.7.x | 30 November 2023, 08:37:08 UTC |
d9d7bcf | Alley Stoughton | 28 November 2023, 18:44:30 UTC | Removed two unused type declarations. | 28 November 2023, 20:14:47 UTC |
d43887b | Benjamin Gregoire | 25 November 2023, 09:48:25 UTC | Share the definition of the datatypes in EcAst.ml | 25 November 2023, 10:05:04 UTC |
b79290f | Pierre-Yves Strub | 24 November 2023, 14:35:35 UTC | SMT timeout can now be configured in INI files The configuration key is "timeout" | 24 November 2023, 17:30:52 UTC |
3be7cb9 | Pierre-Yves Strub | 24 November 2023, 14:20:34 UTC | Support project-local ini files EasyCrypt now reads project-local files for getting its configuration settings. This configuration file takes precedence over the system-level configuration file. The project-local configuration file is named 'easycrypt.project'. It is identical to the system-level configuration file. When compiling a file, the configuration file is searched upward from the target file directory. When ran in interactive mode, the configuration file is searched upward from the current working directory. Note that when ProofGeneral starts EasyCrypt, the working directory is set to the directory of the focused file. | 24 November 2023, 17:25:58 UTC |
9fd429a | Pierre-Yves Strub | 06 November 2023, 14:12:01 UTC | When rewriting in the local env, do not fail on identity rewriting fix #463 | 08 November 2023, 17:06:32 UTC |
ff7b698 | AVANZINI Martin | 26 October 2023, 17:56:30 UTC | added adversary and qselect examples | 08 November 2023, 11:03:26 UTC |
99ec9f4 | Benjamin Gregoire | 11 October 2023, 11:29:39 UTC | ehoare Co-authored-by: Benjamin Grégoire <benjamin.gregoire@inria.fr> Co-authored-by: Martin Avanzini <martin.avanzini@inria.fr> | 08 November 2023, 11:03:26 UTC |
9275a29 | Pierre-Yves Strub | 19 October 2023, 13:35:01 UTC | Nits: choiceb induction principle | 19 October 2023, 14:57:04 UTC |
a214a56 | Pierre-Yves Strub | 11 September 2023, 14:24:03 UTC | opsem: generate spec lemmas | 26 September 2023, 11:14:56 UTC |
5e383f5 | Pierre-Yves Strub | 26 September 2023, 07:14:15 UTC | Internal: do not consider an applied abstract module as a non-functor abstract module fix #455 | 26 September 2023, 07:28:36 UTC |
13296e5 | Pierre-Yves Strub | 25 September 2023, 15:06:03 UTC | In subst, when crossing a binding, remove the bound variable. If not, the substitution can lead to name captures. | 25 September 2023, 18:44:32 UTC |
8fa2f94 | Pierre-Yves Strub | 22 September 2023, 15:07:33 UTC | op: fix creation of refined operators Do the operator substitution and then close the formula. | 22 September 2023, 19:27:28 UTC |
50bcef7 | Cameron Low | 18 September 2023, 12:05:16 UTC | Remove references | 22 September 2023, 11:49:02 UTC |
ef42e9d | Cameron Low | 04 September 2023, 10:49:01 UTC | Fixed glob unsoundess through eager normalization of globs when type checking and substituting modules. | 22 September 2023, 11:49:02 UTC |
755fe93 | Benjamin Gregoire | 22 September 2023, 06:00:25 UTC | stdlib: new lemma on summable | 22 September 2023, 08:09:07 UTC |
d5a04f5 | Vincent Laporte | 21 September 2023, 10:04:15 UTC | Read library paths from the EC_IDIRS/EC_RDIRS env. vars. Library paths can be specified using the environment variables EC_IDIRS and EC_RDIRS. They contain each a list of specifications separated by semicolumns (;). Each said specification is a path, optionally qualified (when present, the qualifier is followed by a colon (:)). Specifications given in the EC_IDIRS variable behave the same as the ones given in the idirs configuration entry or on the command line following a -I argument. Specifications given in the EC_RDIRS variable behave the same as the ones given in the rdirs configuration entry or on the command line following a -R argument. | 21 September 2023, 11:27:48 UTC |
a9ae1ae | Benjamin Gregoire | 21 September 2023, 09:15:54 UTC | add more lemmas on converto | 21 September 2023, 09:32:44 UTC |
c410d3c | Benjamin Gregoire | 21 September 2023, 09:04:50 UTC | remove hyp in normrV | 21 September 2023, 09:32:15 UTC |
c60092d | Pierre-Yves Strub | 21 September 2023, 08:47:31 UTC | stdlib: limit of the inverse of a sequence | 21 September 2023, 09:08:56 UTC |
eb00ea4 | Pierre-Yves Strub | 15 September 2023, 11:50:03 UTC | Fix the printing of operator bodies fix #442 | 15 September 2023, 12:25:39 UTC |
8746da3 | Pierre-Yves Strub | 14 September 2023, 09:18:37 UTC | cloning: fix regression bug in operators convertibilty check The check should use the full conversion. fix #437 | 14 September 2023, 10:51:55 UTC |
287106a | François Dupressoir | 30 August 2023, 15:12:52 UTC | [nix] vendor prover derivations | 13 September 2023, 20:57:12 UTC |
480c0ea | Pierre-Yves Strub | 28 August 2023, 15:37:04 UTC | Operator unfolding when applied to enough arguments When declaring an operator, it is now possible to specify which arguments are mandatory before an operator application is automtically unfolded during simplification. Syntax is: ``` op name (x1 : t1) (xp : tp) / (x_p+1 : t_p+1) ... = ... ``` where the optional `/` indicated that the operator `name` will be automatically unfolded when applied to at least `p` arguments. | 06 September 2023, 13:42:47 UTC |
8243791 | Pierre-Yves Strub | 05 September 2023, 15:52:17 UTC | [runtest]: new CLI argument --bin This argument tells `runtest` which binary to use for EasyCrypt. It takes precedence over what is found in the INI file (in default/bin). Moreover, `easycrypt runtest` automatically set --bin to itself. This allows to select the correct version of EasyCrypt without having to tweak the INI file accordingly. | 06 September 2023, 11:44:57 UTC |
7d59877 | Pierre-Yves Strub | 05 September 2023, 09:00:37 UTC | hint simplify now extracts rewriting rules from <=> | 05 September 2023, 12:52:06 UTC |
bcdb9cb | Cameron Low | 04 September 2023, 13:10:46 UTC | Fixed the type given to a constructor when matching directly. | 04 September 2023, 16:43:08 UTC |
46d6948 | Pierre-Yves Strub | 28 August 2023, 14:00:06 UTC | Operators body can now be formulas When cloning a theory, inlined operator definitions must be expressions s.t. their substitution can be done in procedures bodies. | 04 September 2023, 08:59:09 UTC |
35e3849 | Oskar Goldhahn | 23 August 2023, 18:24:43 UTC | get rid of axiom in `Birthday` | 30 August 2023, 11:43:29 UTC |
faedf01 | mm | 11 July 2023, 14:20:07 UTC | Additional List lemmas. Additional lemmas in StdBigop and RealSeries. | 29 August 2023, 12:08:44 UTC |
c13b549 | Cameron Low | 19 July 2022, 13:48:12 UTC | [internal] EcSubst does not rely anymore on the low-level substitutions Co-authored-by: Pierre-Yves Strub <pierre-yves@strub.nu> Co-authored-by: Benjamin Grégoire <Benjamin.Gregoire@inria.fr> | 28 August 2023, 10:36:37 UTC |
6a203df | François Dupressoir | 07 August 2023, 17:23:25 UTC | fix smt that regressed with z3 bump to 4.12.2 all else being equal, works with 4.12.1, fails with 4.12.2 fails with all other solvers | 12 August 2023, 08:57:48 UTC |
ae29508 | François Dupressoir | 07 August 2023, 16:24:22 UTC | pin alt-ergo, z3 | 12 August 2023, 08:57:48 UTC |
705bafe | François Dupressoir | 07 August 2023, 16:20:33 UTC | refactor nix to avoid repetition | 12 August 2023, 08:57:48 UTC |
95cabb9 | François Dupressoir | 04 August 2023, 10:31:26 UTC | add support for test config 'report' option there is currently no way of asking for a report with 'easycrypt runtest' | 07 August 2023, 17:56:12 UTC |
da3be5c | François Dupressoir | 04 August 2023, 10:30:36 UTC | [chore] whitespace | 07 August 2023, 17:56:12 UTC |
a72dada | Yi Lee | 01 August 2023, 03:48:35 UTC | Propagate subtype changes to Word | 02 August 2023, 00:47:04 UTC |
917bba2 | Pierre Boutry | 20 July 2023, 13:30:54 UTC | Ring/field tactics available as soon as an instance is found. | 20 July 2023, 13:49:02 UTC |
e75a7cf | Oskar Goldhahn | 12 July 2023, 22:38:59 UTC | get rid of unbounded smt calls outside examples | 20 July 2023, 13:22:13 UTC |
1bb2e2d | mm | 19 July 2023, 07:20:20 UTC | Additonal lemmas on fset equality establishing an equivalence, and additional lemma on perm_eq and undup (making the oflist_perm_eq lemma redundant). | 19 July 2023, 08:46:42 UTC |
6e066e6 | Pierre-Yves Strub | 13 July 2023, 11:06:46 UTC | Fix wording of error messages "function" -> "procedure" fix #417 | 13 July 2023, 11:07:33 UTC |
add9232 | Christian Doczkal | 30 June 2023, 09:48:34 UTC | [chore] fix more raw smt calls | 11 July 2023, 20:01:13 UTC |
0c60516 | Christian Doczkal | 29 June 2023, 12:13:30 UTC | [chore] fix raw smt calls (theories/distributions) | 11 July 2023, 20:01:13 UTC |
757ec09 | François Dupressoir | 26 June 2023, 13:52:42 UTC | [chore] remove more raw smt calls | 29 June 2023, 13:20:43 UTC |
85d03a2 | Christian Doczkal | 29 June 2023, 11:18:26 UTC | [chore] fix some warnings and flaky smt calls (#408) | 29 June 2023, 11:18:26 UTC |
cddd7d9 | Christian Doczkal | 28 June 2023, 14:58:53 UTC | [theories] define product using allpairs (#411) | 28 June 2023, 14:58:53 UTC |
60c3179 | Romain Tetley | 28 June 2023, 12:25:32 UTC | Renaming the easycrypt lib (making it easyier for external imports) (#410) | 28 June 2023, 12:25:32 UTC |
73ac095 | Pierre-Yves Strub | 27 June 2023, 06:47:59 UTC | proc op: add support for the "local" modifier | 27 June 2023, 13:55:48 UTC |
3693e61 | Christian Doczkal | 22 June 2023, 13:18:15 UTC | [theories] additional elimination rules for finite sums (#401) | 22 June 2023, 13:18:15 UTC |
c0eeee4 | Pierre-Yves Strub | 21 June 2023, 10:19:54 UTC | Refactor out Fermat's little theorem from ZModP to IntDiv | 21 June 2023, 10:34:00 UTC |
4965377 | Yi Lee | 21 June 2023, 01:49:39 UTC | Prove Fermat's little theorem | 21 June 2023, 10:34:00 UTC |
e38fac3 | Cameron Low | 13 June 2023, 20:55:00 UTC | Keep f_let_simp | 16 June 2023, 10:40:43 UTC |
d1858f6 | Alley Stoughton | 05 June 2023, 14:42:45 UTC | Remove dead code relating to substitution; instead, the f_subst mechanism should be used. (And this is in fact done for simplification of let formulas in EcReduction.) | 16 June 2023, 10:40:43 UTC |
341cc08 | Benjamin Gregoire | 26 October 2022, 18:18:55 UTC | New inline tactic We realized that sometimes we want to inline everything besides one procedure and found that it is cumbersome to have to list everything that has to be inlined instead of listing what should remain as is. So we decided to add this to the current inline. We should have kept the previous use cases identical as supported by the fact that nothing broke while not touching any old ec files. In doing so, we also added the possibility to provide the name of a module leading to inlining all the procedure in this module. Finally, one can now provide the name of a procedure and it will inline all the procedures with that name regardless of the module in which they belong. As already mentioned, one can find examples at the following link. https://github.com/EasyCrypt/easycrypt/blob/deploy-inline/examples/tactics/inline.ec start with parsing pattern matching on inline add some examples fix | 16 June 2023, 10:39:43 UTC |
f0e15c2 | Romain Tetley | 15 June 2023, 14:57:04 UTC | Turned the files in src into a lib called Core. (#397) * Turned the files in src into a lib called core. * Removed reference to dead code in dune file The file ecCoreHiPhl was removed as dead code, no need to exclude it in the dune file anymore. --------- Co-authored-by: Romain Tetley <rtetley@inria.fr> | 15 June 2023, 14:57:04 UTC |