summaryrefslogtreecommitdiff
path: root/Test
diff options
context:
space:
mode:
authorGravatar Rustan Leino <leino@microsoft.com>2012-02-29 21:36:03 -0800
committerGravatar Rustan Leino <leino@microsoft.com>2012-02-29 21:36:03 -0800
commit3bdf2f0e5ae28a38bda913df4b73085415f2a0e4 (patch)
tree2edd8c47b919242b7f72069a7a5d89c14b7e9334 /Test
parent8f2f6d4a5a63a2e817e76422ebbab878a940351f (diff)
Dafny: fixed well-formedness checking of LET expressions to allow the RHS to be used
Diffstat (limited to 'Test')
-rw-r--r--Test/dafny0/Answer6
-rw-r--r--Test/dafny0/LetExpr.dfy40
2 files changed, 43 insertions, 3 deletions
diff --git a/Test/dafny0/Answer b/Test/dafny0/Answer
index d0dfc9be..bbf9769d 100644
--- a/Test/dafny0/Answer
+++ b/Test/dafny0/Answer
@@ -1445,7 +1445,7 @@ Execution trace:
(0,0): anon0
(0,0): anon11_Then
-Dafny program verifier finished with 13 verified, 2 errors
+Dafny program verifier finished with 19 verified, 2 errors
-------------------- Predicates.dfy --------------------
Predicates.dfy[B](18,5): Error BP5003: A postcondition might not hold on this return path.
@@ -1705,7 +1705,7 @@ Execution trace:
(0,0): anon0
(0,0): anon11_Then
-Dafny program verifier finished with 13 verified, 2 errors
+Dafny program verifier finished with 19 verified, 2 errors
out.tmp.dfy(10,12): Error: assertion violation
Execution trace:
(0,0): anon0
@@ -1714,4 +1714,4 @@ Execution trace:
(0,0): anon0
(0,0): anon11_Then
-Dafny program verifier finished with 13 verified, 2 errors
+Dafny program verifier finished with 19 verified, 2 errors
diff --git a/Test/dafny0/LetExpr.dfy b/Test/dafny0/LetExpr.dfy
index 48e4810b..11bf4fbe 100644
--- a/Test/dafny0/LetExpr.dfy
+++ b/Test/dafny0/LetExpr.dfy
@@ -107,3 +107,43 @@ method PMain(a: array<int>)
assert index == old(index) ==> a[index] == 21 && old(a[index]) == 19;
}
}
+
+// ---------- lemmas ----------
+
+method Theorem0(n: int)
+ requires 1 <= n;
+ ensures 1 <= Fib(n);
+{
+ if (n < 3) {
+ } else {
+ Theorem0(n-2);
+ Theorem0(n-1);
+ }
+}
+
+ghost method Theorem1(n: int)
+ requires 1 <= n;
+ ensures 1 <= Fib(n);
+{
+ // in a ghost method, the induction tactic takes care of it
+}
+
+function Theorem2(n: int): int
+ requires 1 <= n;
+ ensures 1 <= Fib(n);
+{
+ if n < 3 then 5 else
+ var x := Theorem2(n-2);
+ var y := Theorem2(n-1);
+ x + y
+}
+
+function Theorem3(n: int): int
+ requires 1 <= n;
+ ensures 1 <= Fib(n);
+{
+ if n < 3 then 5 else
+ var x := Theorem3(n-2);
+ var y := Theorem3(n-1);
+ 5
+}