| 50da020 | Pierre-Yves Strub | 06 February 2024, 16:51:36 UTC | Merge remote-tracking branch 'origin/main' into feature-micromega | 06 February 2024, 16:51:36 UTC |
| f7992e1 | Cameron Low | 30 January 2024, 16:41:48 UTC | Remove module overriding when cloning a theory. (#458) | 30 January 2024, 16:41:48 UTC |
| ed61f01 | Pierre-Yves Strub | 11 December 2023, 11:05:03 UTC | New tactic: "case <-" This tactic "inlines" tuple assignments, i.e. it transforms ``` (lv1,...,lvn) <- (e1,...,en); ``` in ``` lv1 <- e1; ... lvn <- en; ``` | 30 January 2024, 15:30:11 UTC |
| 5903e1f | Pierre-Yves Strub | 11 December 2023, 10:54:25 UTC | Internal: minor additions to EcLowPhlGoal & EcMatching modules - EcMatching.Zipper.map - EcLowPhlGoal.{is_program_logic,hl_set_stmt} | 30 January 2024, 13:29:18 UTC |
| ff7b195 | Cameron Low | 19 January 2024, 12:29:44 UTC | New tactic: `rewrite equiv` The main idea is to provide a way to rewrite a procedure call, somewhere in a program, into a different procedure call, using an equiv. There is a variant provided to handle cases where the function to be rewritten to has different arguments and/or left-value than the instance provided. Syntax and variants: - Same arguments: `rewrite equiv[{m} p d lem]` - Different arguments: `rewrite equiv[{m} p d lem (a1, a2, ... :@ lv?)]` with - `m`: 1 or 2 - `p`: code position - `d`: direction, either `-` or nothing - `lem`: equiv for the rewrite - `ai`: an expression representing a function argument - `lv`: a left-value For example usage see: `tests/rwequiv.ec` or instances in the stdlib. | 29 January 2024, 14:29:12 UTC |
| 4401490 | Benjamin Grégoire | 29 January 2024, 13:23:41 UTC | Refactoring & simplfication of the low-level substitution. The low-level substitution is now in `EcCoreSubst` Co-authored-by: Pierre-Yves Strub <pierre-yves@strub.nu> | 29 January 2024, 13:31:44 UTC |
| 2b3bbad | Pierre-Yves Strub | 15 December 2023, 19:16:51 UTC | docker: fix opam init CL | 15 December 2023, 19:16:51 UTC |
| 12af606 | Cameron Low | 15 December 2023, 10:45:02 UTC | New tactic: `outline` (#473) The main idea is to provide an inverse to inline when proving an equiv. Currently, it supports basic procedure unification that requires manual selection of the program slice to unify with, as well as, requiring near exact matches on program structure. An optional return value can be supplied for situations where the return expression is just a program variable and needs to be renamed/deconstructed. There is also support for statement outlining although, this is more of a transitivity * with program slicing so may require change. Syntax and variants: - Procedure outlining: outline {m} [s - e] lv? <@ M.foo - Statement outlining: outline {m} [s - e] { s1; s2; ... } with - m: 1 or 2 - s,e: code position - M.foo: path to procedure - lv: a left-value when `s = e`, one can use `[s]` instead of `[s-s]` For example usage see: tests/outline.ec | 15 December 2023, 10:45:02 UTC |
| 1733c19 | Pierre-Yves Strub | 12 December 2023, 11:36:40 UTC | Docker: bump OCaml to 5.1.0 | 12 December 2023, 14:58:32 UTC |
| 943fc84 | François Dupressoir | 12 December 2023, 10:46:03 UTC | Bump provers to latest that succeeds, drop CVC4 Only Alt-Ergo needs kept back. | 12 December 2023, 13:46:57 UTC |
| 98139b7 | Pierre-Yves Strub | 12 December 2023, 10:54:24 UTC | nix-shell: remove why3 pin | 12 December 2023, 12:58:20 UTC |
| 736e322 | Francois Dupressoir | 12 December 2023, 12:18:17 UTC | remove a global axiom warning from the UC example (#502) | 12 December 2023, 12:18:17 UTC |
| 4c564f5 | Pierre-Yves Strub | 06 December 2023, 10:56:36 UTC | Internal API: process_Xhl_* This family of functions type-check a formula w.r.t. a memory that is infered from the program logic goal. The commit changes two things: - for prhl, its uses the same memory name as the one used in the program logic goal. (Previously, it was using `mhr`) - its returns the memory that has been used for the type-checking | 11 December 2023, 12:52:51 UTC |
| 4f02829 | Pierre-Yves Strub | 11 December 2023, 07:03:04 UTC | New command prefix: `fail` This prefix indicates that the following command should fail and that the error has to be ignored. It is an actual error if the command does not fail. In interactive mode, the error is printed (at [info] level). The main purpose of `fail` is to allow to write more precise unit tests where one can indicate which command shoud actually fail. | 11 December 2023, 10:07:50 UTC |
| 530a354 | Pierre-Yves Strub | 11 December 2023, 09:40:46 UTC | CI: do not skip successful duplicates If so, we can end with PR to protected branches that are blocked. | 11 December 2023, 09:50:22 UTC |
| bbe5e6d | Pierre-Yves Strub | 11 December 2023, 06:12:54 UTC | CI: unit tests In the automated tests, add a section `unit`for unit tests. The unit tests are checked by the CI. They can be run using `make unit`. | 11 December 2023, 09:11:50 UTC |
| 9c1ec6b | Pierre-Yves Strub | 07 December 2023, 13:30:49 UTC | CI: skip duplicated jobs | 07 December 2023, 15:57:05 UTC |
| 1d3dcaa | Benjamin Gregoire | 07 December 2023, 15:38:16 UTC | extend weakmem to hoare/choare/ehoare/equiv | 07 December 2023, 15:56:27 UTC |
| 6576223 | Benjamin Gregoire | 06 December 2023, 15:12:04 UTC | Fix reduction w.r.t. memory types. This commit fixes two bugs: - the memory types (in all hoare logic constructor) were not taken into account in conversion. - the bounded memories where not substituted for alpha conversion. | 07 December 2023, 10:35:52 UTC |
| 9e85ab1 | Benjamin Gregoire | 06 December 2023, 17:00:18 UTC | Add tactic `weakmem` This tactic allows to weaken the memory of a phoare hypothesis by adding new variables to it. This tactic is needed in the while rule for phoare, when one wants to apply the induction hypothesis & the memories are not compatible. Currently, the convertibility check does not enforce that memories are equal, but a to-come PR is going to fix that point. | 07 December 2023, 10:21:48 UTC |
| d248e73 | Pierre-Yves Strub | 06 December 2023, 05:52:29 UTC | rndsem: new version that only computes the distribution for used variables This version was already available internally. This commits only add the needed syntax for accessing it. The syntax is: `rndsem* <options>`. closes #415 | 06 December 2023, 15:25:53 UTC |
| 7c0adea | Pierre-Yves Strub | 05 December 2023, 16:20:13 UTC | In substitutions, lazyly refresh the codomain of the univar map This map is allowed to do name capture and is hence sensitive to bound variables renaming. | 05 December 2023, 16:33:38 UTC |
| dd02a37 | Pierre-Yves Strub | 05 December 2023, 10:08:59 UTC | In view application, close cut formula after substitution If not, we are creating a capture. The bug is hidden because we are not using a refreshing substitution in this case. | 05 December 2023, 14:03:35 UTC |
| 8472b50 | Lionel Blatter | 05 December 2023, 11:07:54 UTC | Avoid Why3 warnings | 05 December 2023, 11:07:54 UTC |
| cf193b1 | Lionel Blatter | 04 December 2023, 20:24:46 UTC | Add wanted lemmas option to tactic coq | 04 December 2023, 20:24:46 UTC |
| 0de7f16 | Pierre-Yves Strub | 04 December 2023, 14:17:14 UTC | Compile in `dev` mode by default. Until now, `make` was building EasyCrypt in release mode. The set of warning flags in release mode is weaker then in development mode. Switching to dev mode caused the apparition of some warnings. This commit fixes them. | 04 December 2023, 15:39:51 UTC |
| 0c5b45d | Lionel Blatter | 04 December 2023, 10:51:43 UTC | Some cleanup | 04 December 2023, 10:51:43 UTC |
| 3dc7a97 | Lionel Blatter | 04 December 2023, 10:38:07 UTC | Update to Why3.1.7.0 | 04 December 2023, 10:38:07 UTC |
| 6431843 | Lionel Blatter | 01 December 2023, 12:22:43 UTC | Review error message for coq not found | 04 December 2023, 10:12:37 UTC |
| 00d9960 | Lionel Blatter | 01 December 2023, 12:13:04 UTC | Fix naming of variables, functions, ops, etc.... | 04 December 2023, 10:12:37 UTC |
| 06fa95a | Lionel Blatter | 24 November 2023, 10:27:07 UTC | Fixing redundant tokens in parser | 04 December 2023, 10:12:37 UTC |
| 96bfb0e | Lionel Blatter | 20 November 2023, 11:26:13 UTC | Move coq smt translation to ecSmt | 04 December 2023, 10:12:32 UTC |
| fc109c9 | Lionel Blatter | 14 November 2023, 18:41:38 UTC | Add kmatch | 04 December 2023, 10:10:58 UTC |
| 3653e4c | Lionel Blatter | 13 November 2023, 11:18:32 UTC | Correction of higher-order function naming and add some factorization | 04 December 2023, 10:10:58 UTC |
| 1299ec9 | Lionel Blatter | 18 October 2023, 10:29:21 UTC | Fix naming of coq files | 04 December 2023, 10:10:58 UTC |
| edbb333 | Lionel Blatter | 08 October 2023, 11:11:13 UTC | Avoid warnings | 04 December 2023, 10:10:58 UTC |
| 9287a5f | Lionel Blatter | 08 October 2023, 10:51:31 UTC | Add options for tatic coq | 04 December 2023, 10:10:58 UTC |
| a8d3b2a | Lionel Blatter | 07 October 2023, 20:50:49 UTC | Finish fix of smt | 04 December 2023, 10:10:58 UTC |
| c9f0f5d | Lionel Blatter | 06 October 2023, 14:31:58 UTC | Clean up the call to Coq | 04 December 2023, 10:10:58 UTC |
| 1da4fa3 | Lionel Blatter | 04 October 2023, 08:41:29 UTC | First step to fix smt | 04 December 2023, 10:10:58 UTC |
| 555b2e9 | Lionel Blatter | 20 December 2022, 09:40:35 UTC | Add tactic to call Coq | 04 December 2023, 10:10:58 UTC |
| 068fdd9 | Pierre-Yves Strub | 01 December 2023, 21:49:53 UTC | nix: do not pin provers versions nix-flake should be used to pin provers to a given version. | 02 December 2023, 11:10:24 UTC |
| c0376b7 | Pierre-Yves Strub | 02 December 2023, 08:00:15 UTC | Bump the minimal version of Why to 1.7 This allows us to use more recent versions of the provers. The docker images have been updated accordingly. Docker now comes with the following provers: - Z3 4.12.2 - CVC4 1.8 - CVC5 1.0.6 - Alt-Ergo 2.5.2 | 02 December 2023, 08:24:16 UTC |
| 14a397c | Pierre-Yves Strub | 01 December 2023, 17:16:43 UTC | runtest: new option: why3 (why3 configuration file location) | 01 December 2023, 21:44:34 UTC |
| 23e603e | Pierre-Yves Strub | 01 December 2023, 20:13:32 UTC | runtest: allows to specify provers from the CLI | 01 December 2023, 21:27:04 UTC |
| 42a7841 | Pierre-Yves Strub | 01 December 2023, 16:42:37 UTC | runtest: do not try to load pyyaml when reporting is disabled | 01 December 2023, 16:53:46 UTC |
| 15f0751 | Pierre-Yves Strub | 01 December 2023, 15:12:27 UTC | Allows selecting a prover by its version number. Syntax is name@version. The selected prover is the prover with name `name` and with the lowest version that is greater (or equal) than `version`. For example, if Z3 4.8.0, Z3 4.8.2 & Z3 4.12.2 are installed, Z3@4.8 selects Z3 4.8.2. | 01 December 2023, 16:15:50 UTC |
| 27edb8a | Pierre-Yves Strub | 30 November 2023, 07:12:31 UTC | opam: allow Why3 1.7.x | 30 November 2023, 08:37:08 UTC |
| d9d7bcf | Alley Stoughton | 28 November 2023, 18:44:30 UTC | Removed two unused type declarations. | 28 November 2023, 20:14:47 UTC |
| d43887b | Benjamin Gregoire | 25 November 2023, 09:48:25 UTC | Share the definition of the datatypes in EcAst.ml | 25 November 2023, 10:05:04 UTC |
| b79290f | Pierre-Yves Strub | 24 November 2023, 14:35:35 UTC | SMT timeout can now be configured in INI files The configuration key is "timeout" | 24 November 2023, 17:30:52 UTC |
| 3be7cb9 | Pierre-Yves Strub | 24 November 2023, 14:20:34 UTC | Support project-local ini files EasyCrypt now reads project-local files for getting its configuration settings. This configuration file takes precedence over the system-level configuration file. The project-local configuration file is named 'easycrypt.project'. It is identical to the system-level configuration file. When compiling a file, the configuration file is searched upward from the target file directory. When ran in interactive mode, the configuration file is searched upward from the current working directory. Note that when ProofGeneral starts EasyCrypt, the working directory is set to the directory of the focused file. | 24 November 2023, 17:25:58 UTC |
| 9fd429a | Pierre-Yves Strub | 06 November 2023, 14:12:01 UTC | When rewriting in the local env, do not fail on identity rewriting fix #463 | 08 November 2023, 17:06:32 UTC |
| ff7b698 | AVANZINI Martin | 26 October 2023, 17:56:30 UTC | added adversary and qselect examples | 08 November 2023, 11:03:26 UTC |
| 99ec9f4 | Benjamin Gregoire | 11 October 2023, 11:29:39 UTC | ehoare Co-authored-by: Benjamin Grégoire <benjamin.gregoire@inria.fr> Co-authored-by: Martin Avanzini <martin.avanzini@inria.fr> | 08 November 2023, 11:03:26 UTC |
| 9275a29 | Pierre-Yves Strub | 19 October 2023, 13:35:01 UTC | Nits: choiceb induction principle | 19 October 2023, 14:57:04 UTC |
| a214a56 | Pierre-Yves Strub | 11 September 2023, 14:24:03 UTC | opsem: generate spec lemmas | 26 September 2023, 11:14:56 UTC |
| 5e383f5 | Pierre-Yves Strub | 26 September 2023, 07:14:15 UTC | Internal: do not consider an applied abstract module as a non-functor abstract module fix #455 | 26 September 2023, 07:28:36 UTC |
| 13296e5 | Pierre-Yves Strub | 25 September 2023, 15:06:03 UTC | In subst, when crossing a binding, remove the bound variable. If not, the substitution can lead to name captures. | 25 September 2023, 18:44:32 UTC |
| 8fa2f94 | Pierre-Yves Strub | 22 September 2023, 15:07:33 UTC | op: fix creation of refined operators Do the operator substitution and then close the formula. | 22 September 2023, 19:27:28 UTC |
| 50bcef7 | Cameron Low | 18 September 2023, 12:05:16 UTC | Remove references | 22 September 2023, 11:49:02 UTC |
| ef42e9d | Cameron Low | 04 September 2023, 10:49:01 UTC | Fixed glob unsoundess through eager normalization of globs when type checking and substituting modules. | 22 September 2023, 11:49:02 UTC |
| 755fe93 | Benjamin Gregoire | 22 September 2023, 06:00:25 UTC | stdlib: new lemma on summable | 22 September 2023, 08:09:07 UTC |
| d5a04f5 | Vincent Laporte | 21 September 2023, 10:04:15 UTC | Read library paths from the EC_IDIRS/EC_RDIRS env. vars. Library paths can be specified using the environment variables EC_IDIRS and EC_RDIRS. They contain each a list of specifications separated by semicolumns (;). Each said specification is a path, optionally qualified (when present, the qualifier is followed by a colon (:)). Specifications given in the EC_IDIRS variable behave the same as the ones given in the idirs configuration entry or on the command line following a -I argument. Specifications given in the EC_RDIRS variable behave the same as the ones given in the rdirs configuration entry or on the command line following a -R argument. | 21 September 2023, 11:27:48 UTC |
| a9ae1ae | Benjamin Gregoire | 21 September 2023, 09:15:54 UTC | add more lemmas on converto | 21 September 2023, 09:32:44 UTC |
| c410d3c | Benjamin Gregoire | 21 September 2023, 09:04:50 UTC | remove hyp in normrV | 21 September 2023, 09:32:15 UTC |
| c60092d | Pierre-Yves Strub | 21 September 2023, 08:47:31 UTC | stdlib: limit of the inverse of a sequence | 21 September 2023, 09:08:56 UTC |
| eb00ea4 | Pierre-Yves Strub | 15 September 2023, 11:50:03 UTC | Fix the printing of operator bodies fix #442 | 15 September 2023, 12:25:39 UTC |
| 8746da3 | Pierre-Yves Strub | 14 September 2023, 09:18:37 UTC | cloning: fix regression bug in operators convertibilty check The check should use the full conversion. fix #437 | 14 September 2023, 10:51:55 UTC |
| 287106a | François Dupressoir | 30 August 2023, 15:12:52 UTC | [nix] vendor prover derivations | 13 September 2023, 20:57:12 UTC |
| 480c0ea | Pierre-Yves Strub | 28 August 2023, 15:37:04 UTC | Operator unfolding when applied to enough arguments When declaring an operator, it is now possible to specify which arguments are mandatory before an operator application is automtically unfolded during simplification. Syntax is: ``` op name (x1 : t1) (xp : tp) / (x_p+1 : t_p+1) ... = ... ``` where the optional `/` indicated that the operator `name` will be automatically unfolded when applied to at least `p` arguments. | 06 September 2023, 13:42:47 UTC |
| 8243791 | Pierre-Yves Strub | 05 September 2023, 15:52:17 UTC | [runtest]: new CLI argument --bin This argument tells `runtest` which binary to use for EasyCrypt. It takes precedence over what is found in the INI file (in default/bin). Moreover, `easycrypt runtest` automatically set --bin to itself. This allows to select the correct version of EasyCrypt without having to tweak the INI file accordingly. | 06 September 2023, 11:44:57 UTC |
| 7d59877 | Pierre-Yves Strub | 05 September 2023, 09:00:37 UTC | hint simplify now extracts rewriting rules from <=> | 05 September 2023, 12:52:06 UTC |
| bcdb9cb | Cameron Low | 04 September 2023, 13:10:46 UTC | Fixed the type given to a constructor when matching directly. | 04 September 2023, 16:43:08 UTC |
| 46d6948 | Pierre-Yves Strub | 28 August 2023, 14:00:06 UTC | Operators body can now be formulas When cloning a theory, inlined operator definitions must be expressions s.t. their substitution can be done in procedures bodies. | 04 September 2023, 08:59:09 UTC |
| 35e3849 | Oskar Goldhahn | 23 August 2023, 18:24:43 UTC | get rid of axiom in `Birthday` | 30 August 2023, 11:43:29 UTC |
| faedf01 | mm | 11 July 2023, 14:20:07 UTC | Additional List lemmas. Additional lemmas in StdBigop and RealSeries. | 29 August 2023, 12:08:44 UTC |
| c13b549 | Cameron Low | 19 July 2022, 13:48:12 UTC | [internal] EcSubst does not rely anymore on the low-level substitutions Co-authored-by: Pierre-Yves Strub <pierre-yves@strub.nu> Co-authored-by: Benjamin Grégoire <Benjamin.Gregoire@inria.fr> | 28 August 2023, 10:36:37 UTC |
| 6a203df | François Dupressoir | 07 August 2023, 17:23:25 UTC | fix smt that regressed with z3 bump to 4.12.2 all else being equal, works with 4.12.1, fails with 4.12.2 fails with all other solvers | 12 August 2023, 08:57:48 UTC |
| ae29508 | François Dupressoir | 07 August 2023, 16:24:22 UTC | pin alt-ergo, z3 | 12 August 2023, 08:57:48 UTC |
| 705bafe | François Dupressoir | 07 August 2023, 16:20:33 UTC | refactor nix to avoid repetition | 12 August 2023, 08:57:48 UTC |
| 95cabb9 | François Dupressoir | 04 August 2023, 10:31:26 UTC | add support for test config 'report' option there is currently no way of asking for a report with 'easycrypt runtest' | 07 August 2023, 17:56:12 UTC |
| da3be5c | François Dupressoir | 04 August 2023, 10:30:36 UTC | [chore] whitespace | 07 August 2023, 17:56:12 UTC |
| a72dada | Yi Lee | 01 August 2023, 03:48:35 UTC | Propagate subtype changes to Word | 02 August 2023, 00:47:04 UTC |
| 917bba2 | Pierre Boutry | 20 July 2023, 13:30:54 UTC | Ring/field tactics available as soon as an instance is found. | 20 July 2023, 13:49:02 UTC |
| e75a7cf | Oskar Goldhahn | 12 July 2023, 22:38:59 UTC | get rid of unbounded smt calls outside examples | 20 July 2023, 13:22:13 UTC |
| 1bb2e2d | mm | 19 July 2023, 07:20:20 UTC | Additonal lemmas on fset equality establishing an equivalence, and additional lemma on perm_eq and undup (making the oflist_perm_eq lemma redundant). | 19 July 2023, 08:46:42 UTC |
| 6e066e6 | Pierre-Yves Strub | 13 July 2023, 11:06:46 UTC | Fix wording of error messages "function" -> "procedure" fix #417 | 13 July 2023, 11:07:33 UTC |
| add9232 | Christian Doczkal | 30 June 2023, 09:48:34 UTC | [chore] fix more raw smt calls | 11 July 2023, 20:01:13 UTC |
| 0c60516 | Christian Doczkal | 29 June 2023, 12:13:30 UTC | [chore] fix raw smt calls (theories/distributions) | 11 July 2023, 20:01:13 UTC |
| 757ec09 | François Dupressoir | 26 June 2023, 13:52:42 UTC | [chore] remove more raw smt calls | 29 June 2023, 13:20:43 UTC |
| 85d03a2 | Christian Doczkal | 29 June 2023, 11:18:26 UTC | [chore] fix some warnings and flaky smt calls (#408) | 29 June 2023, 11:18:26 UTC |
| cddd7d9 | Christian Doczkal | 28 June 2023, 14:58:53 UTC | [theories] define product using allpairs (#411) | 28 June 2023, 14:58:53 UTC |
| 60c3179 | Romain Tetley | 28 June 2023, 12:25:32 UTC | Renaming the easycrypt lib (making it easyier for external imports) (#410) | 28 June 2023, 12:25:32 UTC |
| 73ac095 | Pierre-Yves Strub | 27 June 2023, 06:47:59 UTC | proc op: add support for the "local" modifier | 27 June 2023, 13:55:48 UTC |
| 3693e61 | Christian Doczkal | 22 June 2023, 13:18:15 UTC | [theories] additional elimination rules for finite sums (#401) | 22 June 2023, 13:18:15 UTC |
| c0eeee4 | Pierre-Yves Strub | 21 June 2023, 10:19:54 UTC | Refactor out Fermat's little theorem from ZModP to IntDiv | 21 June 2023, 10:34:00 UTC |
| 4965377 | Yi Lee | 21 June 2023, 01:49:39 UTC | Prove Fermat's little theorem | 21 June 2023, 10:34:00 UTC |
| e38fac3 | Cameron Low | 13 June 2023, 20:55:00 UTC | Keep f_let_simp | 16 June 2023, 10:40:43 UTC |
| d1858f6 | Alley Stoughton | 05 June 2023, 14:42:45 UTC | Remove dead code relating to substitution; instead, the f_subst mechanism should be used. (And this is in fact done for simplification of let formulas in EcReduction.) | 16 June 2023, 10:40:43 UTC |
