The code for translating a fail (for example) would call
Unreachable(), which terminates the block; if a fail appeared as an
argument, this would cause an LLVM assertion failure. Changed
trans_call to handle this situation correctly.
Implement "claim" (issue #14), which is a version of "check" that
doesn't really do the check at runtime. It's an unsafe feature.
The new flag --check-claims turns claims into checks automatically --
but it's off by default, so by default, the assertion in a claim
doesn't execute at runtime.
This involved, in part, changing the ast::def type so that a def_fn
has a "purity" field. This lets the typechecker determine whether
functions defined in other crates are pure.
It also required updating some error messages in tests. As a test
for cross-crate constrained functions, I added a safe_slice function
to std::str (slice(), with one of the asserts replaced with a
function precondition) and some test cases (various versions of
fn-constraint.rs) that call it. Also, I changed "fn" to "pred" for
some of the boolean functions in std::uint.
In code like "auto foo = fail", a type gets inferred for foo
depending on how it's used. However, fail still has type _|_ and
still should be treated that way: particularly, its value shouldn't
be copied. Fixed trans to reflect that.
The typechecker had a number of special cases for unifying types
with _|_ (as with checking if and alt). But, a value of type _|_
should be usable in any context, as such a value always diverges,
and will never be used by its immediate context. Changed unify
accordingly, removed special cases.
This giant commit changes the syntax of Rust to use "assert" for
"check" expressions that didn't mean anything to the typestate
system, and continue using "check" for checks that are used as
part of typestate checking.
Most of the changes are just replacing "check" with "assert" in test
cases and rustc.
