Previously, typestate was initializing the init constraint for
a declared-but-not-initialized variable (like x in "let x;") to False,
but other constraints to Don't-know. This led to over-lenient results
when a variable was used before declaration (see the included test
case). Now, everything gets initialized to False in the prestate/poststate-
finding phase, and Don't-know should only be used in pre/postconditions.
This aspect of the algorithm really needs formalization (just on paper),
but for now, this closes#700
The logic for how the "returns" constraint was handled was always
dodgy, for reasons explained in the comments I added to
auxiliary::fn_info in this commit. Fixed it by adding distinct
"returns" and "diverges" constraints for each function, which
are both handled positively (that is: for a ! function, the
"diverges" constraint must be true on every exit path; for
any other function, the "returns" constraint must be true
on every exit path).
Closes#779
You can now say
let {bcx, val} = some_result_returner();
Similar for loop variables. Assigning to such variables is not safe
yet. Function arguments also remain a TODO.
To handle multiple-LHS declarations with initializers properly,
I changed seq_states to take a list of expressions paired with optional
names, not just a list of expressions. Then, the same logic that handles
ordered lists of subexpressions everywhere else can handle multi-
declarations.
There are still things not handled properly: relying on other preconditions
of upvars is likely to cause bad things to happen. We probably want to
disallow it.
This adds parser support and most of the machinery for
auto x = 10, y = 20;
However, the above still goes wrong somewhere in typestate, causing
the state checker to believe only the last variable in the list is
initialized after the statement.
Tim, if you have a moment, could you go over the changes to the tstate
code in this patch and see where I'm going wrong?
Multi-var-decls without the typestate extension
Add a loop
Programs with constrained types now parse and typecheck, but
typestate doesn't check them specially, so the one relevant test
case so far is XFAILed.
Also rewrote all of the constraint-related data structures in the
process (again), for some reason. I got rid of a superfluous
data structure in the context that was mapping front-end constraints
to resolved constraints, instead handling constraints in the same
way in which everything else gets resolved.
Assignments and moves with a simple local variable reference on the
RHS now propagate any typestate constraints the RHS was involved
in to the LHS. Swaps where both sides are local variables
exchange the constraints.
This was a pain in the butt and I'm still not proud of the resulting
code. Needs refactoring like whoa.
