-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add opaque modifier #12
Comments
Additionally, we should make sure lemmas are opaque as well. These are usually functions that return |
I am no longer sure if we need to have a Related links: |
What happens to pure functions where we actually do want to reveal the definitions by default? From what I understand, this used to be the way it works but was ultimately dropped because adding the body of those functions as a specification was a bit annoying. Additionally, I think |
I'm still thinking about what the best design would be. The comments here state my current position, which might easily change in the future.
I'm not too concerned with those. The user can always introduce a lemma that states that the function is equal to its body. We can even have syntactic sugar for that (an
I'm not sure I understand this. At the moment, Gobra reveals (and essentially checks) the body of all imported functions.
I am not sure I agree with this. I don't think that the ability to state "this body can never be revealed" is necessary or useful inside a package, especially considering that |
If I understood correctly, this was not always the case. However, I might be misremembering and at the end of the day probably boils down on what the better defaults are. Either way, thanks for the clarification! |
Once opaque has been merged into gobra, it may be useful to add opaque to specific functions.
Candidates
Pow(x, e int) int
in math/math.gobraPow2(e int) int
in math/math.gobraIt may also make sense to see which functions Dafny has marked as opaque.
The text was updated successfully, but these errors were encountered: