-
Notifications
You must be signed in to change notification settings - Fork 38
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Checks for misuse of nondet
and oneOf
#1431
Conversation
@@ -66,7 +66,7 @@ listed without any additional command line arguments. | |||
| [cosmos/ics23/ics23.qnt](./cosmos/ics23/ics23.qnt) | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | | |||
| [cosmos/lightclient/Blockchain.qnt](./cosmos/lightclient/Blockchain.qnt) | :white_check_mark: | :white_check_mark: | N/A[^parameterized] | N/A[^nostatemachine] | | |||
| [cosmos/lightclient/LCVerificationApi.qnt](./cosmos/lightclient/LCVerificationApi.qnt) | :white_check_mark: | :white_check_mark: | N/A[^parameterized] | N/A[^nostatemachine] | | |||
| [cosmos/lightclient/Lightclient.qnt](./cosmos/lightclient/Lightclient.qnt) | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | | |||
| [cosmos/lightclient/Lightclient.qnt](./cosmos/lightclient/Lightclient.qnt) | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Turns out all that was stopping this from working with Apalache was a hidden nondet issue :)
Breaking tests are unrelated to this PR. CI is picking up the latest release for Apalache I cut this morning, so I have to updated some test's expectations. I'll do that in a separate PR. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, just a couple of comments on clarity of errors and some spelling.
Co-authored-by: Philip Offtermatt <57488781+p-offtermatt@users.noreply.github.com>
Hello
Closes #378 (it actually fails with an "effect" error, which I think it makes more sense than a parse error, but this has been greatly discussed in the past).
It also solves the most important parts of #381, but I still have to see if there's something greater to be accomplished if we make proper effects for non-determinism.
This PR introduces some checks for how
nondet
andoneOf
can be used. The usage is quite restrictive because we need to be able to convert this to TLA+ for model checking, and the current syntax makes it seem like you can use non determinism everywhere. Hopefully, the IDE/cli errors will help people understand that these are special keywords that can't be used everywhere. Also, since the simulator allows too much, you'd only notice something is wrong when running verify or compile to TLA+.One of the cases in particular is when
nondet
definitions are top-level, which is not allowed. This was already being caught, but by the parser, and it was really hard to understand the issue by the parsing error. So I changed the parser to normally parsenondet
as any other qualifier, and then properly report the error later on.Test fixtures were updated because I'm now including the definitions themselves in the lookup table, so the tables in all fixtures were updated. We have issue #1422 to address how hard it is to read the diffs - for now: sorry!
CHANGELOG.md
for any new functionalityREADME.md
updated for any listed functionality