Extraction hooks to support custom extraction by extensions

[nikswamy]

This PR adds features in support of custom F* -> ML extraction by extension.

1. RT.dsl_tac_t, the type of the typed extension callback is changed as below, allowing an extension to store whatever metadata it wants, encoding as a "blob" (typically, a Tm_lazy { blob; lkind=Lazy_extension s}, for some choice of s).

(**
 * The type of the top-level tactic that would splice-in the definitions
 * It returns either:
 *   - Some tm, blob, typ, with a proof that `typing g tm typ`
 *   - None, blob, typ), with a proof that `exists tm. typing g tm typ`
 * The blob itself is optional and can store some additional metadata that
 * constructed by the tactic. If present, it will be stored in the 
 * sigmeta_extension_data field of the enclosing sigelt.
 *
 * The blob can be used later, e.g., during extraction, and passed back to the
 * extension to perform additional processing.
 *)
let blob = string & R.term
let dsl_tac_result_base_t = option R.term & option blob & R.typ
let well_typed g (e:dsl_tac_result_base_t) =
  let tm_opt, _, typ = e in
  match tm_opt with
  | None -> exists (tm:R.term). typing g tm (T.E_Total, typ)
  | Some tm -> typing g tm (T.E_Total, typ)

let dsl_tac_result_t g = e:dsl_tac_result_base_t { well_typed g e }

type dsl_tac_t = g:fstar_top_env -> T.Tac (dsl_tac_result_t g)

2. The returned blob from the extension is stored in a new field sigmeta_extension_data associating the extension name with the blob that it returned.

3. FStar.Extaction.ML.Modul exposes an extension hook:

type extension_extractor = 
   uenv -> FStar.Compiler.Dyn.dyn -> either (mlexpr * e_tag * mlty) string

val register_extension_extractor
         (extension_name:string)
         (extractor:extension_extractor)
  : unit

When extracting a top-level let binding, if the Sig_letbinding contains a sigmeta_extension_data, we see if we can find an extension_extractor registered for that extension data and if so, call it with the blob stored in the extension data.

4. Finally, to support the extraction of abstract types that model computations as primitive effects, there's a new attribute extract_as_impure_effect in pervasives, which is interpreted in FStar.Extraction.ML.Term when extracting types.

+(** A qualifier on a type definition which when used in co-domain position
+    on an arrow type will be extracted as if it were an impure effect type.
+
+    e.g., if you have
+
+    [@@extract_as_impure_effect]
+    val stt (a:Type) (pre:_) (post:_) : Type
+
+    then arrows of the form `a -> stt b p q` will be extracted
+    similarly to `a -> Dv b`.
+ *)
+val extract_as_impure_effect : unit

These features are used currently by steel/pulse to extract Pulse terms to F*'s ML AST, from where the rest of the extraction pipeline picks up to emit programs as either OCaml, or to C via krml (also relying there on pre-existing hooks to customize krml extraction)

[nikswamy]

This are just some printers, useful for debugging extraction

[nikswamy]

Just a slight refactoring, since this function only needs tcenv

[nikswamy]

This is a fix to prevent the compiler from relying on the bv.sort field in Tm_name.

Instead, we now look it up in the environment and are careful to push binders in the environment they are traversed

[nikswamy]

Just extract the first argument (the result type) in case fv has the "extract_as_impure_effect" attribute

[nikswamy]

Interpret fv's with extract_as_impure_effect as E_IMPURE

[aseemr]

In the extraction case, this would be a singleton list, right? Is there any other usage where this would be non-singleton?

[nikswamy]

So far, yes, this is singleton when used in extraction. But, I could imagine that different phases could stash different information in here, e.g, some extension data is added after tosyntax, some after typechecking, etc. Also, could one conceivably have multiple extensions process a single sigelt ... maybe?

[aseemr]

Can you please comment on this change, just curious what was the trigger.

[nikswamy]

Not sure why this is still in this PR. I already pushed it separately to master:
08d80b8

[nikswamy]

the issue is that let test (x:erased int) (y:int) = x == y would succeed phase 1 and fail in phase 2. Marking erased as new (which it is) ensures that it also fails phase 1.

[aseemr]

I wonder if we should check this attribute, e.g., when typechecking a let definition, if it has the attribute, then allow only arrows whose codomain is impure effect?

[nikswamy]

Claiming that something is PURE is risky and would require checking. But, claiming that it is IMPURE is conservative, no?

[aseemr]

Thanks Nik, I have minor comments, we can discuss on the PR, but merging it since it is all green.