introduce `old` outside of post condition

epfl-lara / stainless

Verification framework and tool for higher-order Scala programs

https://epfl-lara.github.io/stainless/

Apache License 2.0

349 stars 50 forks source link

introduce `old` outside of post condition #1551

Open samuelchassot opened 1 month ago

samuelchassot commented 1 month ago

It can be implemented a sugar instead of writing a snapshot at the beginning of the body:

def f() = 
  // mutable operations
  assert(old(this).size > this.size)
  // ...

would be transformed into

def f() = 
  @ghost val oldthis = snapshot(this)
  // mutable operations
  assert(oldThis.size > this.size)
  // ...

vkuncak commented 1 month ago

Be careful about semantics when using old in nested functions, as this could lead to some ambuguity if there is variable shadowing: did the user mean old as "at the entry of the inner function", as in "at the entry of outer function". The behavior of whether the variable is considered changed by a nested function has changed recently in https://github.com/epfl-lara/stainless/pull/1532