motoko-san: Update README.md #19
Conversation
int-index
force-pushed
the
motoko-san/readme
branch
from
e9e075f to
b2bf7db
Compare
| Instead of using `{ #A; #B }` in type signatures, one must always | ||
| refer to this variant by its name `N`. | ||
| * Furthermore, given two identical variant declarations, they are | ||
| treated as distinct in the translation: |
There was a problem hiding this comment.
Idea: We could alternatively use an uninterpreted function eq(x: Tuple, y:: Tuple) that is axiomatized as
forall x, y :: eq(x, y) <==> x.0 == y.0 && x.1 == y.1
etc.
This goes, however, into the direction of program-specific preamble generation (as we don't know which tuple types we would need to compare for equality), which is not what we're currently doing.
There was a problem hiding this comment.
@aterga, I'm not sure why your comment is relevant here - I think they are talking about type equality being structural, not value equality.
There was a problem hiding this comment.
IIUC, they are saying "Motoko equality is structural, but we translate it to Viper using ==, which reduces the completeness of the translation." Did I get it wrongly?
If not, then I'm merely suggesting that there could be a straightforward, yet more complete translation. Although I'm not suggesting that it's implemented it in the scope of the current Serokell grant.
There was a problem hiding this comment.
Maybe I phrased it poorly, but I meant to talk about type equality here, as @crusso points out.
|
|
||
| Supporting `async` types is _hard_. | ||
|
|
||
| Supporting `Float`, function types, co-inductive, mutually recursive, and sub-typing is _hard_. | ||
|
|
||
| Supporting container types and generic types, e.g., arrays (`[var T]`) and `HashMap<K, V>`, is _hard_. | ||
| Supporting container types and generic types, e.g. `HashMap<K, V>`, is _hard_. |
There was a problem hiding this comment.
Do you think this is conceptually harder than what we do for Arrays, or about the same complexity?
There was a problem hiding this comment.
If we find the right axioms, it should be possible, but we won't know until we try. For arrays there was an example in Viper's documentation, a hashmap would require more tinkering
There was a problem hiding this comment.
Thanks, this is just my curiosity.
We do have some drafts for translating HashMap from Motoko to Viper from a very long time ago (even before Motoko-san was created). But let's keep working on concrete examples, and I don't think we need to add anything with HashMaps into this project (there's enough interesting canisters with arrays, ADTs and things that we already support — we should utilize those before expanding).
| return a; // conditional early exit | ||
| }; | ||
| return a; // normal exit | ||
| ``` |
There was a problem hiding this comment.
Would the following work, too?
if (length == 0) {
return a; // conditional early exit
};
a // normal exit
There was a problem hiding this comment.
We could make it work, but at the moment it doesn't.
src/viper/README.md
Outdated
| ``` | ||
|
|
||
| * Motoko's type checker has not been modified to account for | ||
| nominative equality of variants, so type inference is not reliable: |
There was a problem hiding this comment.
| nominative equality of variants, so type inference is not reliable: | |
| nominal equality of variants, so type inference is not reliable: |
I guess we will just have to live with this fundamental difference between Viper and Motoko. @aterga is there any way to teach Viper about structural type equivalence (and subtyping)?
There was a problem hiding this comment.
Yes.
The Viper language is designed to be simple, and to allow modeling programs in many different (imperative) languages. So while we cannot translate many statement from Motoko into Viper 1:1, of course there are multiple ways we could model those cases in Viper and still support them.
That is where I was going with this comment, btw: #19 (comment)
There was a problem hiding this comment.
For example Prusti encode all Rust types as predicates. I think in that approach subtyping is not a big deal, but there will be other drawbacks e.g. folding/unfolding Viper isorecursive predicates.
There was a problem hiding this comment.
Correct. I would not recommend using separation logic predicates in Motoko-san, as they would require generating ghost statements to fold / unfold the definitions, and they are limited to tree structures (so, e.g., an array cannot be expressed this way).
int-index
force-pushed
the
motoko-san/readme
branch
from
b2bf7db to
9057948
Compare
| * `if-[else]` statements | ||
|
|
||
|
|
||
| Supporting pattern-matching is conceptually _simple_. |
There was a problem hiding this comment.
We would first have to add support for nested pattern matching, I imagine?
There was a problem hiding this comment.
Indeed, but then the line could be "Supporting general pattern-matching is conceptually simple." :-)
This is a very, very minor issue, so feel free to ignore
There was a problem hiding this comment.
We can take it into account when we will update README after the 3rd Milestone
Update the
README.mdto describe features implemented by Serokell for Milestone 1 and Milestone 2Milestone 1
returnstatement, early exitlet/vardeclarations, assignmentsNatdata type (translated toInt)prep.ml)var:returnsyntax)Milestone 2
letswitchstatements to match on tuples, options, variants