-
Notifications
You must be signed in to change notification settings - Fork 29
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Incompleteness with the closure encoding #723
Comments
This could be addressed in tandem with #713 |
Minimal example: package closure_err
func f() {
i@ := 0
x@ :=
preserves acc(&i)
func x1() {
i += 1
}
g :=
requires acc(&x, _)
requires x implements x1
preserves acc(&i)
func g1() {
x() as x1
}
} |
From my perspective, this is a design problem and not a problem of the encoding. Function literal names are not full specifications because the captured variables are missing. As a consequence, you cannot call a closure with the function literal contract outside of the immediate context. To call the closure inside of another closure, you have to give the called closure a proper specification:
Admittedly, doing it as shown above is more verbose than referring to the I see two points:
|
I though about is bit more. I am not completely sure whether the following approach works, but I wanted to document it for now: Currently, captured variables are encoded via uninterpreted getters. If captured variables are only encoded in implements expressions and calls for function literals, then instead of using uninterpreted getters, we might be able to just use the captured variable dircectly. The reasoning is that implements expressions and call for function literals can only happen in the scope of the function literal, which should be the same scope of the captured variables. This requires (1) a careful naming scheme in the desugared representation such that captured variable parameters always have the same name for the same captured variable and (2) that One challenge of the encoding is that how captured variables are replaced in different within a closure and outside a closure. Inside a closure, the captured variable is some paramter. Outside a closure, the captured variable is a reference to some parameter. At the Viper level, both are encoded to the same, namely just the variable. One solution might be to always use an exclusive variable with the pointer type, even outside of closures. Unless I am missing something, an exclusive variable with a pointer type should be translated correctly outside of the closure because the encoding does not check whether a variable with the same type was actually defined (which does not hold because the actual variable has the element type of the pointer type). |
In Scion, I have a program of the following form:
Unfortunately, the call to read in
(*)
fails with the following perplexing errorNote that this precondition is asserted immediately before the call. Looking at the generated Viper code reveals the failing precondition (marked in blue):
The problem is that, at the source program level, there is no way to write a term that encodes to
closureGet$rc_Run_80c2a36d_F0(d_V0_RN3)
, except for the allocation of a closure.The text was updated successfully, but these errors were encountered: