Skip to content

Support _ghost_stmt in _pure functions#76

Merged
gebner merged 5 commits into
mainfrom
_taramana_pure_ghost_stmt
Mar 9, 2026
Merged

Support _ghost_stmt in _pure functions#76
gebner merged 5 commits into
mainfrom
_taramana_pure_ghost_stmt

Conversation

@tahina-pro

@tahina-pro tahina-pro commented Mar 7, 2026

Copy link
Copy Markdown
Member

Add a GhostStmt case to emit_pure_body that emits ghost statements as let _ = <code> in <rest> in Pure functions, matching the standard F* pattern for sequencing lemma calls in a pure context.

Co-authored-by Copilot (except the unit tests, which I wrote by hand.)

tahina-pro and others added 2 commits March 7, 2026 02:57
@tahina-pro
add pure ghost_stmt test (with shifts)
a35a01e
@tahina-pro
Support _ghost_stmt in _pure functions
b1a72a3 
Add a GhostStmt case to emit_pure_body that emits ghost statements
as 'let _ = <code> in <rest>' in Pure functions, matching the standard
F* pattern for sequencing lemma calls in a pure context.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@tahina-pro tahina-pro requested a review from gebner March 7, 2026 03:02
gebner
gebner requested changes Mar 8, 2026
View reviewed changes
Comment thread src/pass/emit.rs
Comment on lines +2410 to +2420
Doc::text("let")
.append(Doc::line())
.append("_")
.append(Doc::line())
.append("=")
.group()
.nest(2)
.append(Doc::line().append(ghost_doc).nest(2))
.append(Doc::line())
.append("in")
.append(Doc::line().append(rest).nest(2)),

@gebner gebner Mar 8, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So this produces let _ = ... in. Is this what we want?

(I honestly don't know, maybe it's actually better than ...;?)

@tahina-pro tahina-pro Mar 9, 2026

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Using ; in a branch of ìf ... then ... else would require enclosing that branch with parentheses, which is not required with let _ = ... in .

Comment thread test/pure_ghost_stmt.c Outdated
Comment on lines +5 to +6
/* This test is not in pure_fn.c because it also needs shift operations.
Thus, it is not purely a unit test */

@gebner gebner Mar 8, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't read too much into the organization of the test directory, this mostly happened by accident and not by design. My favorite parts are where an agent keeps appending to the same test file for the whole session, even though the features are completely unrelated.

But if you want concrete guidelines, I'd suggest the following:

  • Keep tests independent and medium-sized (F* takes over a second to check a single test).
  • Don't include unnecessary details beyond the feature that you want to test (tests rot and it's easier to keep them fresh when you can see at a glance what it's testing).

In this case, I would suggest the following function as a test:

_pure int pure_ghost_stmt()
  _ensures(false)
{
  _ghost_stmt(assume False);
  return 1;
}

This test is short and self-contained enough that it can easily go in the pure_fn.c file.

@gebner gebner merged commit 4379788 into main Mar 9, 2026
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gebner gebner gebner requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@tahina-pro @gebner