diff options
| author |  Rustan Leino <unknown> | 2015-05-29 15:18:29 -0700 |
|---|---|---|
| committer | Rustan Leino <unknown> | 2015-05-29 15:18:29 -0700 |
| commit | 01204bd7e22042ccb335dc885d2f66cdbe25a0aa (patch) | |
| tree | 867032e7be9a2b0f2c5d6fb1898d86ad795752a6 | |
| parent | c17bdfd0330a18d20c0697394d40e0b2dc0288ec (diff) | |
| parent | e34a7e4fd70d1aafacb2782cbcc0354f6587d649 (diff) | |
Merge
47 files changed, 3874 insertions, 1487 deletions
diff --git a/Binaries/PrepareDafnyZip.bat b/Binaries/PrepareDafnyZip.bat index 7d409d6e..a00008c7 100644 --- a/Binaries/PrepareDafnyZip.bat +++ b/Binaries/PrepareDafnyZip.bat @@ -41,7 +41,7 @@ for %%d in ( ) for %%f in ( Util\emacs\dafny-mode.el - Util\vim\dafny.vim + Util\vim\README.md Util\latex\dafny.sty ) do ( copy ..\%%f %DEST_DIR%\%%f diff --git a/Source/Dafny.sln b/Source/Dafny.sln index 40e71952..e7ba8026 100644 --- a/Source/Dafny.sln +++ b/Source/Dafny.sln @@ -28,8 +28,8 @@ Global {63400D1F-05B2-453E-9592-1EAB74B2C9CC}.Debug|.NET.Build.0 = Debug|Any CPU
{63400D1F-05B2-453E-9592-1EAB74B2C9CC}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{63400D1F-05B2-453E-9592-1EAB74B2C9CC}.Debug|Any CPU.Build.0 = Debug|Any CPU
- {63400D1F-05B2-453E-9592-1EAB74B2C9CC}.Debug|Mixed Platforms.ActiveCfg = Checked|Any CPU
- {63400D1F-05B2-453E-9592-1EAB74B2C9CC}.Debug|Mixed Platforms.Build.0 = Checked|Any CPU
+ {63400D1F-05B2-453E-9592-1EAB74B2C9CC}.Debug|Mixed Platforms.ActiveCfg = Debug|Any CPU
+ {63400D1F-05B2-453E-9592-1EAB74B2C9CC}.Debug|Mixed Platforms.Build.0 = Debug|Any CPU
{63400D1F-05B2-453E-9592-1EAB74B2C9CC}.Release|.NET.ActiveCfg = Release|Any CPU
{63400D1F-05B2-453E-9592-1EAB74B2C9CC}.Release|Any CPU.ActiveCfg = Release|Any CPU
{63400D1F-05B2-453E-9592-1EAB74B2C9CC}.Release|Any CPU.Build.0 = Release|Any CPU
@@ -45,8 +45,8 @@ Global {FE44674A-1633-4917-99F4-57635E6FA740}.Debug|.NET.Build.0 = Debug|Any CPU
{FE44674A-1633-4917-99F4-57635E6FA740}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{FE44674A-1633-4917-99F4-57635E6FA740}.Debug|Any CPU.Build.0 = Debug|Any CPU
- {FE44674A-1633-4917-99F4-57635E6FA740}.Debug|Mixed Platforms.ActiveCfg = Checked|Any CPU
- {FE44674A-1633-4917-99F4-57635E6FA740}.Debug|Mixed Platforms.Build.0 = Checked|Any CPU
+ {FE44674A-1633-4917-99F4-57635E6FA740}.Debug|Mixed Platforms.ActiveCfg = Debug|Any CPU
+ {FE44674A-1633-4917-99F4-57635E6FA740}.Debug|Mixed Platforms.Build.0 = Debug|Any CPU
{FE44674A-1633-4917-99F4-57635E6FA740}.Release|.NET.ActiveCfg = Release|Any CPU
{FE44674A-1633-4917-99F4-57635E6FA740}.Release|Any CPU.ActiveCfg = Release|Any CPU
{FE44674A-1633-4917-99F4-57635E6FA740}.Release|Any CPU.Build.0 = Release|Any CPU
diff --git a/Source/Dafny/Cloner.cs b/Source/Dafny/Cloner.cs index 6317e462..f729d411 100644 --- a/Source/Dafny/Cloner.cs +++ b/Source/Dafny/Cloner.cs @@ -300,9 +300,8 @@ namespace Microsoft.Dafny var e = (ExprDotName)expr;
return new ExprDotName(Tok(e.tok), CloneExpr(e.Lhs), e.SuffixName, e.OptTypeArguments == null ? null : e.OptTypeArguments.ConvertAll(CloneType));
} else if (expr is ApplySuffix) {
- var e = (ApplySuffix)expr;
- return new ApplySuffix(Tok(e.tok), CloneExpr(e.Lhs), e.Args.ConvertAll(CloneExpr));
-
+ var e = (ApplySuffix) expr;
+ return CloneApplySuffix(e);
} else if (expr is MemberSelectExpr) {
var e = (MemberSelectExpr)expr;
return new MemberSelectExpr(Tok(e.tok), CloneExpr(e.Obj), e.MemberName);
@@ -411,7 +410,7 @@ namespace Microsoft.Dafny } else if (expr is MatchExpr) {
var e = (MatchExpr)expr;
return new MatchExpr(Tok(e.tok), CloneExpr(e.Source),
- e.Cases.ConvertAll(c => new MatchCaseExpr(Tok(c.tok), c.Id, c.Arguments.ConvertAll(CloneBoundVar), CloneExpr(c.Body))), e.UsesOptionalBraces);
+ e.Cases.ConvertAll(CloneMatchCaseExpr), e.UsesOptionalBraces);
} else if (expr is NegationExpression) {
var e = (NegationExpression)expr;
@@ -422,6 +421,22 @@ namespace Microsoft.Dafny }
}
+ public MatchCaseExpr CloneMatchCaseExpr(MatchCaseExpr c) {
+ Contract.Requires(c != null);
+ if (c.Arguments != null) {
+ Contract.Assert(c.CasePatterns == null);
+ return new MatchCaseExpr(Tok(c.tok), c.Id, c.Arguments.ConvertAll(CloneBoundVar), CloneExpr(c.Body));
+ } else {
+ Contract.Assert(c.Arguments == null);
+ Contract.Assert(c.CasePatterns != null);
+ return new MatchCaseExpr(Tok(c.tok), c.Id, c.CasePatterns.ConvertAll(CloneCasePattern), CloneExpr(c.Body));
+ }
+ }
+
+ public virtual Expression CloneApplySuffix(ApplySuffix e) {
+ return new ApplySuffix(Tok(e.tok), CloneExpr(e.Lhs), e.Args.ConvertAll(CloneExpr));
+ }
+
public virtual CasePattern CloneCasePattern(CasePattern pat) {
Contract.Requires(pat != null);
if (pat.Var != null) {
@@ -530,7 +545,7 @@ namespace Microsoft.Dafny } else if (stmt is MatchStmt) {
var s = (MatchStmt)stmt;
r = new MatchStmt(Tok(s.Tok), Tok(s.EndTok), CloneExpr(s.Source),
- s.Cases.ConvertAll(c => new MatchCaseStmt(Tok(c.tok), c.Id, c.Arguments.ConvertAll(CloneBoundVar), c.Body.ConvertAll(CloneStmt))), s.UsesOptionalBraces);
+ s.Cases.ConvertAll(CloneMatchCaseStmt), s.UsesOptionalBraces);
} else if (stmt is AssignSuchThatStmt) {
var s = (AssignSuchThatStmt)stmt;
@@ -562,6 +577,18 @@ namespace Microsoft.Dafny return r;
}
+ public MatchCaseStmt CloneMatchCaseStmt(MatchCaseStmt c) {
+ Contract.Requires(c != null);
+ if (c.Arguments != null) {
+ Contract.Assert(c.CasePatterns == null);
+ return new MatchCaseStmt(Tok(c.tok), c.Id, c.Arguments.ConvertAll(CloneBoundVar), c.Body.ConvertAll(CloneStmt));
+ } else {
+ Contract.Assert(c.Arguments == null);
+ Contract.Assert(c.CasePatterns != null);
+ return new MatchCaseStmt(Tok(c.tok), c.Id, c.CasePatterns.ConvertAll(CloneCasePattern), c.Body.ConvertAll(CloneStmt));
+ }
+ }
+
public CalcStmt.CalcOp CloneCalcOp(CalcStmt.CalcOp op) {
if (op is CalcStmt.BinaryCalcOp) {
return new CalcStmt.BinaryCalcOp(((CalcStmt.BinaryCalcOp) op).Op);
@@ -604,6 +631,9 @@ namespace Microsoft.Dafny if (f is Predicate) {
return new Predicate(Tok(f.tok), newName, f.HasStaticKeyword, f.IsProtected, f.IsGhost, tps, formals,
req, reads, ens, decreases, body, Predicate.BodyOriginKind.OriginalOrInherited, CloneAttributes(f.Attributes), null);
+ } else if (f is InductivePredicate) {
+ return new InductivePredicate(Tok(f.tok), newName, f.HasStaticKeyword, f.IsProtected, tps, formals,
+ req, reads, ens, body, CloneAttributes(f.Attributes), null);
} else if (f is CoPredicate) {
return new CoPredicate(Tok(f.tok), newName, f.HasStaticKeyword, f.IsProtected, tps, formals,
req, reads, ens, body, CloneAttributes(f.Attributes), null);
@@ -628,6 +658,9 @@ namespace Microsoft.Dafny if (m is Constructor) {
return new Constructor(Tok(m.tok), m.Name, tps, ins,
req, mod, ens, decreases, body, CloneAttributes(m.Attributes), null);
+ } else if (m is InductiveLemma) {
+ return new InductiveLemma(Tok(m.tok), m.Name, m.HasStaticKeyword, tps, ins, m.Outs.ConvertAll(CloneFormal),
+ req, mod, ens, decreases, body, CloneAttributes(m.Attributes), null);
} else if (m is CoLemma) {
return new CoLemma(Tok(m.tok), m.Name, m.HasStaticKeyword, tps, ins, m.Outs.ConvertAll(CloneFormal),
req, mod, ens, decreases, body, CloneAttributes(m.Attributes), null);
@@ -656,15 +689,15 @@ namespace Microsoft.Dafny }
/// <summary>
- /// Subclass of Cloner that collects some common functionality between CoLemmaPostconditionSubstituter and
- /// CoLemmaBodyCloner.
+ /// Subclass of Cloner that collects some common functionality between FixpointLemmaSpecificationSubstituter and
+ /// FixpointLemmaBodyCloner.
/// </summary>
- abstract class CoCloner : Cloner
+ abstract class FixpointCloner : Cloner
{
protected readonly Expression k;
readonly Resolver resolver;
readonly string suffix;
- protected CoCloner(Expression k, Resolver resolver)
+ protected FixpointCloner(Expression k, Resolver resolver)
{
Contract.Requires(k != null);
Contract.Requires(resolver != null);
@@ -681,22 +714,25 @@ namespace Microsoft.Dafny }
/// <summary>
- /// The CoLemmaPostconditionSubstituter clones the postcondition declared on a colemma, but replaces
- /// the calls and equalities in "coConclusions" with corresponding prefix versions. The resulting
- /// expression is then appropriate to be a postcondition of the colemma's corresponding prefix lemma.
+ /// The FixpointLemmaSpecificationSubstituter clones the precondition (or postcondition) declared
+ /// on an inductive lemma (resp. colemma), but replaces the calls and equalities in "coConclusions"
+ /// with corresponding prefix versions. The resulting expression is then appropriate to be a
+ /// precondition (resp. postcondition) of the inductive lemma's (resp. colemma's) corresponding prefix lemma.
/// It is assumed that the source expression has been resolved. Note, the "k" given to the constructor
/// is not cloned with each use; it is simply used as is.
/// </summary>
- class CoLemmaPostconditionSubstituter : CoCloner
+ class FixpointLemmaSpecificationSubstituter : FixpointCloner
{
- readonly ISet<Expression> coConclusions;
- public CoLemmaPostconditionSubstituter(ISet<Expression> coConclusions, Expression k, Resolver resolver)
+ readonly bool isCoContext;
+ readonly ISet<Expression> friendlyCalls;
+ public FixpointLemmaSpecificationSubstituter(ISet<Expression> friendlyCalls, Expression k, Resolver resolver, bool isCoContext)
: base(k, resolver)
{
- Contract.Requires(coConclusions != null);
+ Contract.Requires(friendlyCalls != null);
Contract.Requires(k != null);
Contract.Requires(resolver != null);
- this.coConclusions = coConclusions;
+ this.isCoContext = isCoContext;
+ this.friendlyCalls = friendlyCalls;
}
public override Expression CloneExpr(Expression expr) {
if (expr is ConcreteSyntaxExpression) {
@@ -706,7 +742,7 @@ namespace Microsoft.Dafny return CloneExpr(e.Resolved);
} else if (expr is FunctionCallExpr) {
var e = (FunctionCallExpr)expr;
- if (coConclusions.Contains(e)) {
+ if (friendlyCalls.Contains(e)) {
var receiver = CloneExpr(e.Receiver);
var args = new List<Expression>();
args.Add(k);
@@ -717,9 +753,9 @@ namespace Microsoft.Dafny ReportAdditionalInformation(e.tok, e.Name);
return fexp;
}
- } else if (expr is BinaryExpr) {
+ } else if (expr is BinaryExpr && isCoContext) {
var e = (BinaryExpr)expr;
- if ((e.ResolvedOp == BinaryExpr.ResolvedOpcode.EqCommon || e.ResolvedOp == BinaryExpr.ResolvedOpcode.NeqCommon) && coConclusions.Contains(e)) {
+ if ((e.ResolvedOp == BinaryExpr.ResolvedOpcode.EqCommon || e.ResolvedOp == BinaryExpr.ResolvedOpcode.NeqCommon) && friendlyCalls.Contains(e)) {
var op = e.ResolvedOp == BinaryExpr.ResolvedOpcode.EqCommon ? TernaryExpr.Opcode.PrefixEqOp : TernaryExpr.Opcode.PrefixNeqOp;
var A = CloneExpr(e.E0);
var B = CloneExpr(e.E1);
@@ -754,13 +790,13 @@ namespace Microsoft.Dafny }
/// <summary>
- /// The task of the CoLemmaBodyCloner is to fill in the implicit _k-1 arguments in corecursive colemma calls.
+ /// The task of the FixpointLemmaBodyCloner is to fill in the implicit _k-1 arguments in recursive inductive/co-lemma calls.
/// The source statement and the given "k" are assumed to have been resolved.
/// </summary>
- class CoLemmaBodyCloner : CoCloner
+ class FixpointLemmaBodyCloner : FixpointCloner
{
- readonly CoLemma context;
- public CoLemmaBodyCloner(CoLemma context, Expression k, Resolver resolver)
+ readonly FixpointLemma context;
+ public FixpointLemmaBodyCloner(FixpointLemma context, Expression k, Resolver resolver)
: base(k, resolver)
{
Contract.Requires(context != null);
@@ -773,10 +809,10 @@ namespace Microsoft.Dafny if (r != null && r.Expr is ApplySuffix) {
var apply = (ApplySuffix)r.Expr;
var mse = apply.Lhs.Resolved as MemberSelectExpr;
- if (mse != null && mse.Member is CoLemma && ModuleDefinition.InSameSCC(context, (CoLemma)mse.Member)) {
- // we're looking at a recursive call to a colemma
+ if (mse != null && mse.Member is FixpointLemma && ModuleDefinition.InSameSCC(context, (FixpointLemma)mse.Member)) {
+ // we're looking at a recursive call to a fixpoint lemma
Contract.Assert(apply.Lhs is NameSegment || apply.Lhs is ExprDotName); // this is the only way a call statement can have been parsed
- // clone "apply.Lhs", changing the co lemma to the prefix lemma; then clone "apply", adding in the extra argument
+ // clone "apply.Lhs", changing the inductive/co lemma to the prefix lemma; then clone "apply", adding in the extra argument
Expression lhsClone;
if (apply.Lhs is NameSegment) {
var lhs = (NameSegment)apply.Lhs;
diff --git a/Source/Dafny/Dafny.atg b/Source/Dafny/Dafny.atg index 56d8a431..16cc09eb 100644 --- a/Source/Dafny/Dafny.atg +++ b/Source/Dafny/Dafny.atg @@ -108,6 +108,19 @@ bool IsLoopSpec() { return la.kind == _invariant | la.kind == _decreases | la.kind == _modifies;
}
+bool IsFunctionDecl() {
+ switch (la.kind) {
+ case _function:
+ case _predicate:
+ case _copredicate:
+ return true;
+ case _inductive:
+ return scanner.Peek().kind != _lemma;
+ default:
+ return false;
+ }
+}
+
bool IsParenStar() {
scanner.ResetPeek();
Token x = scanner.Peek();
@@ -438,6 +451,11 @@ TOKENS else = "else".
decreases = "decreases".
invariant = "invariant".
+ function = "function".
+ predicate = "predicate".
+ inductive = "inductive".
+ lemma = "lemma".
+ copredicate = "copredicate".
modifies = "modifies".
reads = "reads".
requires = "requires".
@@ -643,7 +661,8 @@ ClassMemberDecl<.List<MemberDecl> mm, bool allowConstructors, bool moduleLevelDe }
.)
FieldDecl<mmod, mm>
- | (. if (moduleLevelDecl && staticToken != null) {
+ | IF(IsFunctionDecl())
+ (. if (moduleLevelDecl && staticToken != null) {
errors.Warning(staticToken, "module-level functions are always non-instance, so the 'static' keyword is not allowed here");
mmod.IsStatic = false;
}
@@ -927,6 +946,7 @@ MethodDecl<MemberModifiers mmod, bool allowConstructor, out Method/*!*/ m> BlockStmt body = null;
bool isLemma = false;
bool isConstructor = false;
+ bool isIndLemma = false;
bool isCoLemma = false;
IToken signatureEllipsis = null;
IToken bodyStart = Token.NoToken;
@@ -939,6 +959,7 @@ MethodDecl<MemberModifiers mmod, bool allowConstructor, out Method/*!*/ m> | "comethod" (. isCoLemma = true;
errors.Warning(t, "the 'comethod' keyword has been deprecated; it has been renamed to 'colemma'");
.)
+ | "inductive" "lemma" (. isIndLemma = true; .)
| "constructor" (. if (allowConstructor) {
isConstructor = true;
} else {
@@ -957,6 +978,10 @@ MethodDecl<MemberModifiers mmod, bool allowConstructor, out Method/*!*/ m> if (mmod.IsStatic) {
SemErr(t, "constructors cannot be declared 'static'");
}
+ } else if (isIndLemma) {
+ if (mmod.IsGhost) {
+ SemErr(t, "inductive lemmas cannot be declared 'ghost' (they are automatically 'ghost')");
+ }
} else if (isCoLemma) {
if (mmod.IsGhost) {
SemErr(t, "colemmas cannot be declared 'ghost' (they are automatically 'ghost')");
@@ -993,6 +1018,9 @@ MethodDecl<MemberModifiers mmod, bool allowConstructor, out Method/*!*/ m> if (isConstructor) {
m = new Constructor(tok, hasName ? id.val : "_ctor", typeArgs, ins,
req, new Specification<FrameExpression>(mod, modAttrs), ens, new Specification<Expression>(dec, decAttrs), body, attrs, signatureEllipsis);
+ } else if (isIndLemma) {
+ m = new InductiveLemma(tok, id.val, mmod.IsStatic, typeArgs, ins, outs,
+ req, new Specification<FrameExpression>(mod, modAttrs), ens, new Specification<Expression>(dec, decAttrs), body, attrs, signatureEllipsis);
} else if (isCoLemma) {
m = new CoLemma(tok, id.val, mmod.IsStatic, typeArgs, ins, outs,
req, new Specification<FrameExpression>(mod, modAttrs), ens, new Specification<Expression>(dec, decAttrs), body, attrs, signatureEllipsis);
@@ -1211,7 +1239,7 @@ FunctionDecl<MemberModifiers mmod, out Function/*!*/ f> List<FrameExpression/*!*/> reads = new List<FrameExpression/*!*/>();
List<Expression/*!*/> decreases;
Expression body = null;
- bool isPredicate = false; bool isCoPredicate = false;
+ bool isPredicate = false; bool isIndPredicate = false; bool isCoPredicate = false;
bool isFunctionMethod = false;
IToken bodyStart = Token.NoToken;
IToken bodyEnd = Token.NoToken;
@@ -1251,6 +1279,20 @@ FunctionDecl<MemberModifiers mmod, out Function/*!*/ f> | "..." (. signatureEllipsis = t; .)
)
+ /* ----- inductive predicate ----- */
+ | "inductive" "predicate" (. isIndPredicate = true; .)
+ (. if (mmod.IsGhost) { SemErr(t, "inductive predicates cannot be declared 'ghost' (they are ghost by default)"); }
+ .)
+ { Attribute<ref attrs> }
+ NoUSIdent<out id>
+ (
+ [ GenericParameters<typeArgs> ]
+ Formals<true, isFunctionMethod, formals>
+ [ ":" (. SemErr(t, "inductive predicates do not have an explicitly declared return type; it is always bool"); .)
+ ]
+ | "..." (. signatureEllipsis = t; .)
+ )
+
/* ----- copredicate ----- */
| "copredicate" (. isCoPredicate = true; .)
(. if (mmod.IsGhost) { SemErr(t, "copredicates cannot be declared 'ghost' (they are ghost by default)"); }
@@ -1258,16 +1300,15 @@ FunctionDecl<MemberModifiers mmod, out Function/*!*/ f> { Attribute<ref attrs> }
NoUSIdent<out id>
(
- [ GenericParameters<typeArgs> ] (. missingOpenParen = true; .)
- [ Formals<true, isFunctionMethod, formals> (. missingOpenParen = false; .)
- ] (. if (missingOpenParen) { errors.Warning(t, "with the new support of higher-order functions in Dafny, parentheses-less co-predicates are no longer supported; in the new syntax, parentheses are required for the declaration and uses of predicates, even if the co-predicate takes no additional arguments"); } .)
+ [ GenericParameters<typeArgs> ]
+ Formals<true, isFunctionMethod, formals>
[ ":" (. SemErr(t, "copredicates do not have an explicitly declared return type; it is always bool"); .)
]
| "..." (. signatureEllipsis = t; .)
)
)
- (. decreases = isCoPredicate ? null : new List<Expression/*!*/>(); .)
+ (. decreases = isIndPredicate || isCoPredicate ? null : new List<Expression/*!*/>(); .)
{ FunctionSpec<reqs, reads, ens, decreases> }
[ FunctionBody<out body, out bodyStart, out bodyEnd>
]
@@ -1279,9 +1320,12 @@ FunctionDecl<MemberModifiers mmod, out Function/*!*/ f> if (isPredicate) {
f = new Predicate(tok, id.val, mmod.IsStatic, mmod.IsProtected, !isFunctionMethod, typeArgs, formals,
reqs, reads, ens, new Specification<Expression>(decreases, null), body, Predicate.BodyOriginKind.OriginalOrInherited, attrs, signatureEllipsis);
+ } else if (isIndPredicate) {
+ f = new InductivePredicate(tok, id.val, mmod.IsStatic, mmod.IsProtected, typeArgs, formals,
+ reqs, reads, ens, body, attrs, signatureEllipsis);
} else if (isCoPredicate) {
f = new CoPredicate(tok, id.val, mmod.IsStatic, mmod.IsProtected, typeArgs, formals,
- reqs, reads, ens, body, attrs, signatureEllipsis);
+ reqs, reads, ens, body, attrs, signatureEllipsis);
} else {
f = new Function(tok, id.val, mmod.IsStatic, mmod.IsProtected, !isFunctionMethod, typeArgs, formals, returnType,
reqs, reads, ens, new Specification<Expression>(decreases, null), body, attrs, signatureEllipsis);
@@ -1289,7 +1333,7 @@ FunctionDecl<MemberModifiers mmod, out Function/*!*/ f> f.BodyStartTok = bodyStart;
f.BodyEndTok = bodyEnd;
theBuiltIns.CreateArrowTypeDecl(formals.Count);
- if (isCoPredicate) {
+ if (isIndPredicate || isCoPredicate) {
// also create an arrow type for the corresponding prefix predicate
theBuiltIns.CreateArrowTypeDecl(formals.Count + 1);
}
@@ -1750,17 +1794,24 @@ MatchStmt<out Statement/*!*/ s> CaseStatement<out MatchCaseStmt/*!*/ c>
= (. Contract.Ensures(Contract.ValueAtReturn(out c) != null);
IToken/*!*/ x, id;
- List<BoundVar/*!*/> arguments = new List<BoundVar/*!*/>();
- BoundVar/*!*/ bv;
+ List<CasePattern/*!*/> arguments = new List<CasePattern/*!*/>();
+ CasePattern/*!*/ pat;
List<Statement/*!*/> body = new List<Statement/*!*/>();
+ string/*!*/ name = "";
.)
"case" (. x = t; .)
- Ident<out id>
- [ "("
- IdentTypeOptional<out bv> (. arguments.Add(bv); .)
- { "," IdentTypeOptional<out bv> (. arguments.Add(bv); .)
- }
- ")" ]
+ ( Ident<out id> (. name = id.val; .)
+ [ "("
+ CasePattern<out pat> (. arguments.Add(pat); .)
+ { "," CasePattern<out pat> (. arguments.Add(pat); .)
+ }
+ ")" ]
+ | "("
+ CasePattern<out pat> (. arguments.Add(pat); .)
+ { "," CasePattern<out pat> (. arguments.Add(pat); .)
+ }
+ ")"
+ )
"=>"
SYNC /* this SYNC and the one inside the loop below are used to avoid problems with the IsNotEndOfCase test. The SYNC will
* skip until the next symbol that can legally occur here, which is either the beginning of a Stmt or whatever is allowed
@@ -1770,7 +1821,7 @@ CaseStatement<out MatchCaseStmt/*!*/ c> Stmt<body>
SYNC /* see comment about SYNC above */
}
- (. c = new MatchCaseStmt(x, id.val, arguments, body); .)
+ (. c = new MatchCaseStmt(x, name, arguments, body); .)
.
/*------------------------------------------------------------------------*/
AssertStmt<out Statement/*!*/ s>
@@ -2540,19 +2591,26 @@ MatchExpression<out Expression e, bool allowSemi, bool allowLambda> .
CaseExpression<out MatchCaseExpr c, bool allowSemi, bool allowLambda>
= (. Contract.Ensures(Contract.ValueAtReturn(out c) != null); IToken/*!*/ x, id;
- List<BoundVar/*!*/> arguments = new List<BoundVar/*!*/>();
- BoundVar/*!*/ bv;
+ List<CasePattern/*!*/> arguments = new List<CasePattern/*!*/>();
+ CasePattern/*!*/ pat;
Expression/*!*/ body;
+ string/*!*/ name = "";
.)
"case" (. x = t; .)
- Ident<out id>
- [ "("
- IdentTypeOptional<out bv> (. arguments.Add(bv); .)
- { "," IdentTypeOptional<out bv> (. arguments.Add(bv); .)
- }
- ")" ]
+ ( Ident<out id> (. name = id.val; .)
+ [ "("
+ CasePattern<out pat> (. arguments.Add(pat); .)
+ { "," CasePattern<out pat> (. arguments.Add(pat); .)
+ }
+ ")" ]
+ | "("
+ CasePattern<out pat> (. arguments.Add(pat); .)
+ { "," CasePattern<out pat> (. arguments.Add(pat); .)
+ }
+ ")"
+ )
"=>"
- Expression<out body, allowSemi, allowLambda> (. c = new MatchCaseExpr(x, id.val, arguments, body); .)
+ Expression<out body, allowSemi, allowLambda> (. c = new MatchCaseExpr(x, name, arguments, body); .)
.
CasePattern<out CasePattern pat>
= (. IToken id; List<CasePattern> arguments;
@@ -2567,7 +2625,18 @@ CasePattern<out CasePattern pat> }
]
")" (. pat = new CasePattern(id, id.val, arguments); .)
-
+ | "(" (. id = t;
+ arguments = new List<CasePattern>();
+ .)
+ [ CasePattern<out pat> (. arguments.Add(pat); .)
+ { "," CasePattern<out pat> (. arguments.Add(pat); .)
+ }
+ ]
+ ")" (. // Parse parenthesis without an identifier as a built in tuple type.
+ theBuiltIns.TupleType(id, arguments.Count, true); // make sure the tuple type exists
+ string ctor = BuiltIns.TupleTypeCtorName; //use the TupleTypeCtors
+ pat = new CasePattern(id, ctor, arguments);
+ .)
| IdentTypeOptional<out bv> (. // This could be a BoundVar of a parameter-less constructor and we may not know until resolution.
// Nevertheless, we do put the "bv" into the CasePattern here (even though it will get thrown out
// later if resolution finds the CasePattern to denote a parameter-less constructor), because this
diff --git a/Source/Dafny/DafnyAst.cs b/Source/Dafny/DafnyAst.cs index 0b94f7fb..a94b9a1b 100644 --- a/Source/Dafny/DafnyAst.cs +++ b/Source/Dafny/DafnyAst.cs @@ -633,7 +633,7 @@ namespace Microsoft.Dafny { /// </summary>
public bool IsOrdered {
get {
- return !IsTypeParameter && !IsCoDatatype && !(this is MapType && ((MapType)this).Finite);
+ return !IsTypeParameter && !IsCoDatatype && !IsArrowType && !IsIMapType;
}
}
@@ -1793,12 +1793,12 @@ namespace Microsoft.Dafny { }
}
- public static IEnumerable<CoLemma> AllCoLemmas(List<TopLevelDecl> declarations) {
+ public static IEnumerable<FixpointLemma> AllFixpointLemmas(List<TopLevelDecl> declarations) {
foreach (var d in declarations) {
var cl = d as ClassDecl;
if (cl != null) {
foreach (var member in cl.Members) {
- var m = member as CoLemma;
+ var m = member as FixpointLemma;
if (m != null) {
yield return m;
}
@@ -2023,6 +2023,7 @@ namespace Microsoft.Dafny { TypeParametersUsedInConstructionByDefaultCtor[i] = true;
}
}
+ this.EqualitySupport = ES.ConsultTypeArguments;
}
private static List<TypeParameter> CreateTypeParameters(int dims) {
Contract.Requires(0 <= dims);
@@ -2881,7 +2882,7 @@ namespace Microsoft.Dafny { }
/// <summary>
- /// The "AllCalls" field is used for non-CoPredicate, non-PrefixPredicate functions only (so its value should not be relied upon for CoPredicate and PrefixPredicate functions).
+ /// The "AllCalls" field is used for non-FixpointPredicate, non-PrefixPredicate functions only (so its value should not be relied upon for FixpointPredicate and PrefixPredicate functions).
/// It records all function calls made by the Function, including calls made in the body as well as in the specification.
/// The field is filled in during resolution (and used toward the end of resolution, to attach a helpful "decreases" prefix to functions in clusters
/// with co-recursive calls.
@@ -2971,36 +2972,35 @@ namespace Microsoft.Dafny { }
/// <summary>
- /// An PrefixPredicate is the inductive unrolling P# implicitly declared for every copredicate P.
+ /// An PrefixPredicate is the inductive unrolling P# implicitly declared for every fixpoint-predicate P.
/// </summary>
public class PrefixPredicate : Function
{
public override string WhatKind { get { return "prefix predicate"; } }
public readonly Formal K;
- public readonly CoPredicate Co;
+ public readonly FixpointPredicate FixpointPred;
public PrefixPredicate(IToken tok, string name, bool hasStaticKeyword, bool isProtected,
List<TypeParameter> typeArgs, Formal k, List<Formal> formals,
List<Expression> req, List<FrameExpression> reads, List<Expression> ens, Specification<Expression> decreases,
- Expression body, Attributes attributes, CoPredicate coPred)
+ Expression body, Attributes attributes, FixpointPredicate fixpointPred)
: base(tok, name, hasStaticKeyword, isProtected, true, typeArgs, formals, new BoolType(), req, reads, ens, decreases, body, attributes, null) {
Contract.Requires(k != null);
- Contract.Requires(coPred != null);
+ Contract.Requires(fixpointPred != null);
Contract.Requires(formals != null && 1 <= formals.Count && formals[0] == k);
K = k;
- Co = coPred;
+ FixpointPred = fixpointPred;
}
}
- public class CoPredicate : Function
+ public abstract class FixpointPredicate : Function
{
- public override string WhatKind { get { return "copredicate"; } }
public readonly List<FunctionCallExpr> Uses = new List<FunctionCallExpr>(); // filled in during resolution, used by verifier
public PrefixPredicate PrefixPredicate; // filled in during resolution (name registration)
- public CoPredicate(IToken tok, string name, bool hasStaticKeyword, bool isProtected,
- List<TypeParameter> typeArgs, List<Formal> formals,
- List<Expression> req, List<FrameExpression> reads, List<Expression> ens,
- Expression body, Attributes attributes, IToken signatureEllipsis)
+ public FixpointPredicate(IToken tok, string name, bool hasStaticKeyword, bool isProtected,
+ List<TypeParameter> typeArgs, List<Formal> formals,
+ List<Expression> req, List<FrameExpression> reads, List<Expression> ens,
+ Expression body, Attributes attributes, IToken signatureEllipsis)
: base(tok, name, hasStaticKeyword, isProtected, true, typeArgs, formals, new BoolType(),
req, reads, ens, new Specification<Expression>(new List<Expression>(), null), body, attributes, signatureEllipsis) {
}
@@ -3035,6 +3035,30 @@ namespace Microsoft.Dafny { }
}
+ public class InductivePredicate : FixpointPredicate
+ {
+ public override string WhatKind { get { return "inductive predicate"; } }
+ public InductivePredicate(IToken tok, string name, bool hasStaticKeyword, bool isProtected,
+ List<TypeParameter> typeArgs, List<Formal> formals,
+ List<Expression> req, List<FrameExpression> reads, List<Expression> ens,
+ Expression body, Attributes attributes, IToken signatureEllipsis)
+ : base(tok, name, hasStaticKeyword, isProtected, typeArgs, formals,
+ req, reads, ens, body, attributes, signatureEllipsis) {
+ }
+ }
+
+ public class CoPredicate : FixpointPredicate
+ {
+ public override string WhatKind { get { return "copredicate"; } }
+ public CoPredicate(IToken tok, string name, bool hasStaticKeyword, bool isProtected,
+ List<TypeParameter> typeArgs, List<Formal> formals,
+ List<Expression> req, List<FrameExpression> reads, List<Expression> ens,
+ Expression body, Attributes attributes, IToken signatureEllipsis)
+ : base(tok, name, hasStaticKeyword, isProtected, typeArgs, formals,
+ req, reads, ens, body, attributes, signatureEllipsis) {
+ }
+ }
+
public class Method : MemberDecl, TypeParameter.ParentType, IMethodCodeContext
{
public override string WhatKind { get { return "method"; } }
@@ -3187,25 +3211,76 @@ namespace Microsoft.Dafny { {
public override string WhatKind { get { return "prefix lemma"; } }
public readonly Formal K;
- public readonly CoLemma Co;
+ public readonly FixpointLemma FixpointLemma;
public PrefixLemma(IToken tok, string name, bool hasStaticKeyword,
List<TypeParameter> typeArgs, Formal k, List<Formal> ins, List<Formal> outs,
List<MaybeFreeExpression> req, Specification<FrameExpression> mod, List<MaybeFreeExpression> ens, Specification<Expression> decreases,
- BlockStmt body, Attributes attributes, CoLemma co)
+ BlockStmt body, Attributes attributes, FixpointLemma fixpointLemma)
: base(tok, name, hasStaticKeyword, true, typeArgs, ins, outs, req, mod, ens, decreases, body, attributes, null) {
Contract.Requires(k != null);
Contract.Requires(ins != null && 1 <= ins.Count && ins[0] == k);
- Contract.Requires(co != null);
+ Contract.Requires(fixpointLemma != null);
K = k;
- Co = co;
+ FixpointLemma = fixpointLemma;
}
}
- public class CoLemma : Method
+ public abstract class FixpointLemma : Method
{
- public override string WhatKind { get { return "colemma"; } }
public PrefixLemma PrefixLemma; // filled in during resolution (name registration)
+ public FixpointLemma(IToken tok, string name,
+ bool hasStaticKeyword,
+ List<TypeParameter> typeArgs,
+ List<Formal> ins, [Captured] List<Formal> outs,
+ List<MaybeFreeExpression> req, [Captured] Specification<FrameExpression> mod,
+ List<MaybeFreeExpression> ens,
+ Specification<Expression> decreases,
+ BlockStmt body,
+ Attributes attributes, IToken signatureEllipsis)
+ : base(tok, name, hasStaticKeyword, true, typeArgs, ins, outs, req, mod, ens, decreases, body, attributes, signatureEllipsis) {
+ Contract.Requires(tok != null);
+ Contract.Requires(name != null);
+ Contract.Requires(cce.NonNullElements(typeArgs));
+ Contract.Requires(cce.NonNullElements(ins));
+ Contract.Requires(cce.NonNullElements(outs));
+ Contract.Requires(cce.NonNullElements(req));
+ Contract.Requires(mod != null);
+ Contract.Requires(cce.NonNullElements(ens));
+ Contract.Requires(decreases != null);
+ }
+ }
+
+ public class InductiveLemma : FixpointLemma
+ {
+ public override string WhatKind { get { return "inductive lemma"; } }
+
+ public InductiveLemma(IToken tok, string name,
+ bool hasStaticKeyword,
+ List<TypeParameter> typeArgs,
+ List<Formal> ins, [Captured] List<Formal> outs,
+ List<MaybeFreeExpression> req, [Captured] Specification<FrameExpression> mod,
+ List<MaybeFreeExpression> ens,
+ Specification<Expression> decreases,
+ BlockStmt body,
+ Attributes attributes, IToken signatureEllipsis)
+ : base(tok, name, hasStaticKeyword, typeArgs, ins, outs, req, mod, ens, decreases, body, attributes, signatureEllipsis) {
+ Contract.Requires(tok != null);
+ Contract.Requires(name != null);
+ Contract.Requires(cce.NonNullElements(typeArgs));
+ Contract.Requires(cce.NonNullElements(ins));
+ Contract.Requires(cce.NonNullElements(outs));
+ Contract.Requires(cce.NonNullElements(req));
+ Contract.Requires(mod != null);
+ Contract.Requires(cce.NonNullElements(ens));
+ Contract.Requires(decreases != null);
+ }
+ }
+
+ public class CoLemma : FixpointLemma
+ {
+ public override string WhatKind { get { return "colemma"; } }
+
public CoLemma(IToken tok, string name,
bool hasStaticKeyword,
List<TypeParameter> typeArgs,
@@ -3215,7 +3290,7 @@ namespace Microsoft.Dafny { Specification<Expression> decreases,
BlockStmt body,
Attributes attributes, IToken signatureEllipsis)
- : base(tok, name, hasStaticKeyword, true, typeArgs, ins, outs, req, mod, ens, decreases, body, attributes, signatureEllipsis) {
+ : base(tok, name, hasStaticKeyword, typeArgs, ins, outs, req, mod, ens, decreases, body, attributes, signatureEllipsis) {
Contract.Requires(tok != null);
Contract.Requires(name != null);
Contract.Requires(cce.NonNullElements(typeArgs));
@@ -4635,8 +4710,8 @@ namespace Microsoft.Dafny { Contract.Invariant(cce.NonNullElements(MissingCases));
}
- public readonly Expression Source;
- public readonly List<MatchCaseStmt> Cases;
+ private Expression source;
+ private List<MatchCaseStmt> cases;
public readonly List<DatatypeCtor> MissingCases = new List<DatatypeCtor>(); // filled in during resolution
public readonly bool UsesOptionalBraces;
@@ -4646,14 +4721,31 @@ namespace Microsoft.Dafny { Contract.Requires(endTok != null);
Contract.Requires(source != null);
Contract.Requires(cce.NonNullElements(cases));
- this.Source = source;
- this.Cases = cases;
+ this.source = source;
+ this.cases = cases;
this.UsesOptionalBraces = usesOptionalBraces;
}
+ public Expression Source {
+ get { return source; }
+ }
+
+ public List<MatchCaseStmt> Cases {
+ get { return cases; }
+ }
+
+ // should only be used in desugar in resolve to change the cases of the matchexpr
+ public void UpdateSource(Expression source) {
+ this.source = source;
+ }
+
+ public void UpdateCases(List<MatchCaseStmt> cases) {
+ this.cases = cases;
+ }
+
public override IEnumerable<Statement> SubStatements {
get {
- foreach (var kase in Cases) {
+ foreach (var kase in cases) {
foreach (var s in kase.Body) {
yield return s;
}
@@ -4670,7 +4762,7 @@ namespace Microsoft.Dafny { public class MatchCaseStmt : MatchCase
{
- public readonly List<Statement> Body;
+ private List<Statement> body;
[ContractInvariantMethod]
void ObjectInvariant() {
@@ -4684,7 +4776,25 @@ namespace Microsoft.Dafny { Contract.Requires(id != null);
Contract.Requires(cce.NonNullElements(arguments));
Contract.Requires(cce.NonNullElements(body));
- this.Body = body;
+ this.body = body;
+ }
+
+ public MatchCaseStmt(IToken tok, string id, [Captured] List<CasePattern> cps, [Captured] List<Statement> body)
+ : base(tok, id, cps) {
+ Contract.Requires(tok != null);
+ Contract.Requires(id != null);
+ Contract.Requires(cce.NonNullElements(cps));
+ Contract.Requires(cce.NonNullElements(body));
+ this.body = body;
+ }
+
+ public List<Statement> Body {
+ get { return body; }
+ }
+
+ // should only be called by resolve to reset the body of the MatchCaseExpr
+ public void UpdateBody(List<Statement> body) {
+ this.body = body;
}
}
@@ -6731,8 +6841,8 @@ namespace Microsoft.Dafny { }
public class MatchExpr : Expression { // a MatchExpr is an "extended expression" and is only allowed in certain places
- public readonly Expression Source;
- public readonly List<MatchCaseExpr> Cases;
+ private Expression source;
+ private List<MatchCaseExpr> cases;
public readonly List<DatatypeCtor> MissingCases = new List<DatatypeCtor>(); // filled in during resolution
public readonly bool UsesOptionalBraces;
@@ -6748,15 +6858,32 @@ namespace Microsoft.Dafny { Contract.Requires(tok != null);
Contract.Requires(source != null);
Contract.Requires(cce.NonNullElements(cases));
- this.Source = source;
- this.Cases = cases;
+ this.source = source;
+ this.cases = cases;
this.UsesOptionalBraces = usesOptionalBraces;
}
+ public Expression Source {
+ get { return source; }
+ }
+
+ public List<MatchCaseExpr> Cases {
+ get { return cases; }
+ }
+
+ // should only be used in desugar in resolve to change the source and cases of the matchexpr
+ public void UpdateSource(Expression source) {
+ this.source = source;
+ }
+
+ public void UpdateCases(List<MatchCaseExpr> cases) {
+ this.cases = cases;
+ }
+
public override IEnumerable<Expression> SubExpressions {
get {
yield return Source;
- foreach (var mc in Cases) {
+ foreach (var mc in cases) {
yield return mc.Body;
}
}
@@ -6838,12 +6965,13 @@ namespace Microsoft.Dafny { public readonly IToken tok;
public readonly string Id;
public DatatypeCtor Ctor; // filled in by resolution
- public readonly List<BoundVar> Arguments;
+ public List<BoundVar> Arguments; // created by the resolver.
+ public List<CasePattern> CasePatterns; // generated from parsers. It should be converted to List<BoundVar> during resolver. Invariant: CasePatterns != null ==> Arguments == null
[ContractInvariantMethod]
void ObjectInvariant() {
Contract.Invariant(tok != null);
Contract.Invariant(Id != null);
- Contract.Invariant(cce.NonNullElements(Arguments));
+ Contract.Invariant(cce.NonNullElements(Arguments) || cce.NonNullElements(CasePatterns));
}
public MatchCase(IToken tok, string id, [Captured] List<BoundVar> arguments) {
@@ -6854,24 +6982,51 @@ namespace Microsoft.Dafny { this.Id = id;
this.Arguments = arguments;
}
+
+ public MatchCase(IToken tok, string id, [Captured] List<CasePattern> cps) {
+ Contract.Requires(tok != null);
+ Contract.Requires(id != null);
+ Contract.Requires(cce.NonNullElements(cps));
+ this.tok = tok;
+ this.Id = id;
+ this.CasePatterns = cps;
+ }
}
public class MatchCaseExpr : MatchCase
{
- public readonly Expression Body;
+ private Expression body;
[ContractInvariantMethod]
void ObjectInvariant() {
- Contract.Invariant(Body != null);
+ Contract.Invariant(body != null);
}
public MatchCaseExpr(IToken tok, string id, [Captured] List<BoundVar> arguments, Expression body)
- : base(tok, id, arguments)
- {
+ : base(tok, id, arguments) {
Contract.Requires(tok != null);
Contract.Requires(id != null);
Contract.Requires(cce.NonNullElements(arguments));
Contract.Requires(body != null);
- this.Body = body;
+ this.body = body;
+ }
+
+ public MatchCaseExpr(IToken tok, string id, [Captured] List<CasePattern> cps, Expression body)
+ : base(tok, id, cps)
+ {
+ Contract.Requires(tok != null);
+ Contract.Requires(id != null);
+ Contract.Requires(cce.NonNullElements(cps));
+ Contract.Requires(body != null);
+ this.body = body;
+ }
+
+ public Expression Body {
+ get { return body; }
+ }
+
+ // should only be called by resolve to reset the body of the MatchCaseExpr
+ public void UpdateBody(Expression body) {
+ this.body = body;
}
}
diff --git a/Source/Dafny/Parser.cs b/Source/Dafny/Parser.cs index 3085c975..162e23a3 100644 --- a/Source/Dafny/Parser.cs +++ b/Source/Dafny/Parser.cs @@ -49,24 +49,29 @@ public class Parser { public const int _else = 33;
public const int _decreases = 34;
public const int _invariant = 35;
- public const int _modifies = 36;
- public const int _reads = 37;
- public const int _requires = 38;
- public const int _lbrace = 39;
- public const int _rbrace = 40;
- public const int _lbracket = 41;
- public const int _rbracket = 42;
- public const int _openparen = 43;
- public const int _closeparen = 44;
- public const int _openAngleBracket = 45;
- public const int _closeAngleBracket = 46;
- public const int _eq = 47;
- public const int _neq = 48;
- public const int _neqAlt = 49;
- public const int _star = 50;
- public const int _notIn = 51;
- public const int _ellipsis = 52;
- public const int maxT = 135;
+ public const int _function = 36;
+ public const int _predicate = 37;
+ public const int _inductive = 38;
+ public const int _lemma = 39;
+ public const int _copredicate = 40;
+ public const int _modifies = 41;
+ public const int _reads = 42;
+ public const int _requires = 43;
+ public const int _lbrace = 44;
+ public const int _rbrace = 45;
+ public const int _lbracket = 46;
+ public const int _rbracket = 47;
+ public const int _openparen = 48;
+ public const int _closeparen = 49;
+ public const int _openAngleBracket = 50;
+ public const int _closeAngleBracket = 51;
+ public const int _eq = 52;
+ public const int _neq = 53;
+ public const int _neqAlt = 54;
+ public const int _star = 55;
+ public const int _notIn = 56;
+ public const int _ellipsis = 57;
+ public const int maxT = 136;
const bool _T = true;
const bool _x = false;
@@ -173,6 +178,19 @@ bool IsLoopSpec() { return la.kind == _invariant | la.kind == _decreases | la.kind == _modifies;
}
+bool IsFunctionDecl() {
+ switch (la.kind) {
+ case _function:
+ case _predicate:
+ case _copredicate:
+ return true;
+ case _inductive:
+ return scanner.Peek().kind != _lemma;
+ default:
+ return false;
+ }
+}
+
bool IsParenStar() {
scanner.ResetPeek();
Token x = scanner.Peek();
@@ -497,7 +515,7 @@ bool IsType(ref IToken pt) { TraitDecl/*!*/ trait;
Contract.Assert(defaultModule != null);
- while (la.kind == 53) {
+ while (la.kind == 58) {
Get();
Expect(19);
{
@@ -517,42 +535,42 @@ bool IsType(ref IToken pt) { }
while (StartOf(1)) {
switch (la.kind) {
- case 54: case 55: case 57: {
+ case 59: case 60: case 62: {
SubModuleDecl(defaultModule, out submodule);
defaultModule.TopLevelDecls.Add(submodule);
break;
}
- case 62: {
+ case 67: {
ClassDecl(defaultModule, out c);
defaultModule.TopLevelDecls.Add(c);
break;
}
- case 68: case 69: {
+ case 73: case 74: {
DatatypeDecl(defaultModule, out dt);
defaultModule.TopLevelDecls.Add(dt);
break;
}
- case 71: {
+ case 76: {
NewtypeDecl(defaultModule, out td);
defaultModule.TopLevelDecls.Add(td);
break;
}
- case 72: {
+ case 77: {
OtherTypeDecl(defaultModule, out td);
defaultModule.TopLevelDecls.Add(td);
break;
}
- case 73: {
+ case 78: {
IteratorDecl(defaultModule, out iter);
defaultModule.TopLevelDecls.Add(iter);
break;
}
- case 64: {
+ case 69: {
TraitDecl(defaultModule, out trait);
defaultModule.TopLevelDecls.Add(trait);
break;
}
- case 65: case 66: case 67: case 70: case 76: case 77: case 78: case 79: case 80: case 84: case 85: case 86: {
+ case 36: case 37: case 38: case 39: case 40: case 70: case 71: case 72: case 75: case 81: case 82: case 83: case 84: {
ClassMemberDecl(membersDefaultClass, false, !DafnyOptions.O.AllowGlobals);
break;
}
@@ -585,86 +603,86 @@ bool IsType(ref IToken pt) { bool isAbstract = false;
bool opened = false;
- if (la.kind == 54 || la.kind == 55) {
- if (la.kind == 54) {
+ if (la.kind == 59 || la.kind == 60) {
+ if (la.kind == 59) {
Get();
isAbstract = true;
}
- Expect(55);
- while (la.kind == 39) {
+ Expect(60);
+ while (la.kind == 44) {
Attribute(ref attrs);
}
NoUSIdent(out id);
- if (la.kind == 56) {
+ if (la.kind == 61) {
Get();
QualifiedModuleName(out idRefined);
}
module = new ModuleDefinition(id, id.val, isAbstract, false, idRefined == null ? null : idRefined, parent, attrs, false);
- Expect(39);
+ Expect(44);
module.BodyStartTok = t;
while (StartOf(1)) {
switch (la.kind) {
- case 54: case 55: case 57: {
+ case 59: case 60: case 62: {
SubModuleDecl(module, out sm);
module.TopLevelDecls.Add(sm);
break;
}
- case 62: {
+ case 67: {
ClassDecl(module, out c);
module.TopLevelDecls.Add(c);
break;
}
- case 64: {
+ case 69: {
TraitDecl(module, out trait);
module.TopLevelDecls.Add(trait);
break;
}
- case 68: case 69: {
+ case 73: case 74: {
DatatypeDecl(module, out dt);
module.TopLevelDecls.Add(dt);
break;
}
- case 71: {
+ case 76: {
NewtypeDecl(module, out td);
module.TopLevelDecls.Add(td);
break;
}
- case 72: {
+ case 77: {
OtherTypeDecl(module, out td);
module.TopLevelDecls.Add(td);
break;
}
- case 73: {
+ case 78: {
IteratorDecl(module, out iter);
module.TopLevelDecls.Add(iter);
break;
}
- case 65: case 66: case 67: case 70: case 76: case 77: case 78: case 79: case 80: case 84: case 85: case 86: {
+ case 36: case 37: case 38: case 39: case 40: case 70: case 71: case 72: case 75: case 81: case 82: case 83: case 84: {
ClassMemberDecl(namedModuleDefaultClassMembers, false, !DafnyOptions.O.AllowGlobals);
break;
}
}
}
- Expect(40);
+ Expect(45);
module.BodyEndTok = t;
module.TopLevelDecls.Add(new DefaultClassDecl(module, namedModuleDefaultClassMembers));
submodule = new LiteralModuleDecl(module, parent);
- } else if (la.kind == 57) {
+ } else if (la.kind == 62) {
Get();
- if (la.kind == 58) {
+ if (la.kind == 63) {
Get();
opened = true;
}
NoUSIdent(out id);
- if (la.kind == 59 || la.kind == 60) {
- if (la.kind == 59) {
+ if (la.kind == 64 || la.kind == 65) {
+ if (la.kind == 64) {
Get();
QualifiedModuleName(out idPath);
submodule = new AliasModuleDecl(idPath, id, parent, opened);
} else {
Get();
QualifiedModuleName(out idPath);
- if (la.kind == 61) {
+ if (la.kind == 66) {
Get();
QualifiedModuleName(out idAssignment);
}
@@ -672,7 +690,7 @@ bool IsType(ref IToken pt) { }
}
if (la.kind == 26) {
- while (!(la.kind == 0 || la.kind == 26)) {SynErr(136); Get();}
+ while (!(la.kind == 0 || la.kind == 26)) {SynErr(137); Get();}
Get();
errors.Warning(t, "the semi-colon that used to terminate a sub-module declaration has been deprecated; in the new syntax, just leave off the semi-colon");
}
@@ -682,7 +700,7 @@ bool IsType(ref IToken pt) { submodule = new AliasModuleDecl(idPath, id, parent, opened);
}
- } else SynErr(137);
+ } else SynErr(138);
}
void ClassDecl(ModuleDefinition/*!*/ module, out ClassDecl/*!*/ c) {
@@ -696,16 +714,16 @@ bool IsType(ref IToken pt) { List<MemberDecl/*!*/> members = new List<MemberDecl/*!*/>();
IToken bodyStart;
- while (!(la.kind == 0 || la.kind == 62)) {SynErr(138); Get();}
- Expect(62);
- while (la.kind == 39) {
+ while (!(la.kind == 0 || la.kind == 67)) {SynErr(139); Get();}
+ Expect(67);
+ while (la.kind == 44) {
Attribute(ref attrs);
}
NoUSIdent(out id);
- if (la.kind == 45) {
+ if (la.kind == 50) {
GenericParameters(typeArgs);
}
- if (la.kind == 63) {
+ if (la.kind == 68) {
Get();
Type(out trait);
traits.Add(trait);
@@ -715,12 +733,12 @@ bool IsType(ref IToken pt) { traits.Add(trait);
}
}
- Expect(39);
+ Expect(44);
bodyStart = t;
while (StartOf(2)) {
ClassMemberDecl(members, true, false);
}
- Expect(40);
+ Expect(45);
c = new ClassDecl(id, id.val, module, typeArgs, members, attrs, traits);
c.BodyStartTok = bodyStart;
c.BodyEndTok = t;
@@ -737,21 +755,21 @@ bool IsType(ref IToken pt) { IToken bodyStart = Token.NoToken; // dummy assignment
bool co = false;
- while (!(la.kind == 0 || la.kind == 68 || la.kind == 69)) {SynErr(139); Get();}
- if (la.kind == 68) {
+ while (!(la.kind == 0 || la.kind == 73 || la.kind == 74)) {SynErr(140); Get();}
+ if (la.kind == 73) {
Get();
- } else if (la.kind == 69) {
+ } else if (la.kind == 74) {
Get();
co = true;
- } else SynErr(140);
- while (la.kind == 39) {
+ } else SynErr(141);
+ while (la.kind == 44) {
Attribute(ref attrs);
}
NoUSIdent(out id);
- if (la.kind == 45) {
+ if (la.kind == 50) {
GenericParameters(typeArgs);
}
- Expect(59);
+ Expect(64);
bodyStart = t;
DatatypeMemberDecl(ctors);
while (la.kind == 22) {
@@ -759,7 +777,7 @@ bool IsType(ref IToken pt) { DatatypeMemberDecl(ctors);
}
if (la.kind == 26) {
- while (!(la.kind == 0 || la.kind == 26)) {SynErr(141); Get();}
+ while (!(la.kind == 0 || la.kind == 26)) {SynErr(142); Get();}
Get();
errors.Warning(t, "the semi-colon that used to terminate a (co)datatype declaration has been deprecated; in the new syntax, just leave off the semi-colon");
}
@@ -780,12 +798,12 @@ bool IsType(ref IToken pt) { Type baseType = null;
Expression wh;
- Expect(71);
- while (la.kind == 39) {
+ Expect(76);
+ while (la.kind == 44) {
Attribute(ref attrs);
}
NoUSIdent(out id);
- Expect(59);
+ Expect(64);
if (IsIdentColonOrBar()) {
NoUSIdent(out bvId);
if (la.kind == 20) {
@@ -799,7 +817,7 @@ bool IsType(ref IToken pt) { } else if (StartOf(3)) {
Type(out baseType);
td = new NewtypeDecl(theVerifyThisFile ? id : new IncludeToken(id), id.val, module, baseType, attrs);
- } else SynErr(142);
+ } else SynErr(143);
}
void OtherTypeDecl(ModuleDefinition module, out TopLevelDecl td) {
@@ -810,35 +828,35 @@ bool IsType(ref IToken pt) { td = null;
Type ty;
- Expect(72);
- while (la.kind == 39) {
+ Expect(77);
+ while (la.kind == 44) {
Attribute(ref attrs);
}
NoUSIdent(out id);
- if (la.kind == 43) {
+ if (la.kind == 48) {
Get();
- Expect(47);
- Expect(44);
+ Expect(52);
+ Expect(49);
eqSupport = TypeParameter.EqualitySupportValue.Required;
- if (la.kind == 45) {
+ if (la.kind == 50) {
GenericParameters(typeArgs);
}
} else if (StartOf(4)) {
- if (la.kind == 45) {
+ if (la.kind == 50) {
GenericParameters(typeArgs);
}
- if (la.kind == 59) {
+ if (la.kind == 64) {
Get();
Type(out ty);
td = new TypeSynonymDecl(id, id.val, typeArgs, module, ty, attrs);
}
- } else SynErr(143);
+ } else SynErr(144);
if (td == null) {
td = new OpaqueTypeDecl(id, id.val, module, eqSupport, typeArgs, attrs);
}
if (la.kind == 26) {
- while (!(la.kind == 0 || la.kind == 26)) {SynErr(144); Get();}
+ while (!(la.kind == 0 || la.kind == 26)) {SynErr(145); Get();}
Get();
errors.Warning(t, "the semi-colon that used to terminate an opaque-type declaration has been deprecated; in the new syntax, just leave off the semi-colon");
}
@@ -867,19 +885,19 @@ bool IsType(ref IToken pt) { IToken bodyStart = Token.NoToken;
IToken bodyEnd = Token.NoToken;
- while (!(la.kind == 0 || la.kind == 73)) {SynErr(145); Get();}
- Expect(73);
- while (la.kind == 39) {
+ while (!(la.kind == 0 || la.kind == 78)) {SynErr(146); Get();}
+ Expect(78);
+ while (la.kind == 44) {
Attribute(ref attrs);
}
NoUSIdent(out id);
- if (la.kind == 43 || la.kind == 45) {
- if (la.kind == 45) {
+ if (la.kind == 48 || la.kind == 50) {
+ if (la.kind == 50) {
GenericParameters(typeArgs);
}
Formals(true, true, ins);
- if (la.kind == 74 || la.kind == 75) {
- if (la.kind == 74) {
+ if (la.kind == 79 || la.kind == 80) {
+ if (la.kind == 79) {
Get();
} else {
Get();
@@ -887,14 +905,14 @@ bool IsType(ref IToken pt) { }
Formals(false, true, outs);
}
- } else if (la.kind == 52) {
+ } else if (la.kind == 57) {
Get();
signatureEllipsis = t;
- } else SynErr(146);
+ } else SynErr(147);
while (StartOf(5)) {
IteratorSpec(reads, mod, decreases, req, ens, yieldReq, yieldEns, ref readsAttrs, ref modAttrs, ref decrAttrs);
}
- if (la.kind == 39) {
+ if (la.kind == 44) {
BlockStmt(out body, out bodyStart, out bodyEnd);
}
iter = new IteratorDecl(id, id.val, module, typeArgs, ins, outs,
@@ -917,21 +935,21 @@ bool IsType(ref IToken pt) { List<MemberDecl/*!*/> members = new List<MemberDecl/*!*/>();
IToken bodyStart;
- while (!(la.kind == 0 || la.kind == 64)) {SynErr(147); Get();}
- Expect(64);
- while (la.kind == 39) {
+ while (!(la.kind == 0 || la.kind == 69)) {SynErr(148); Get();}
+ Expect(69);
+ while (la.kind == 44) {
Attribute(ref attrs);
}
NoUSIdent(out id);
- if (la.kind == 45) {
+ if (la.kind == 50) {
GenericParameters(typeArgs);
}
- Expect(39);
+ Expect(44);
bodyStart = t;
while (StartOf(2)) {
ClassMemberDecl(members, true, false);
}
- Expect(40);
+ Expect(45);
trait = new TraitDecl(id, id.val, module, typeArgs, members, attrs);
trait.BodyStartTok = bodyStart;
trait.BodyEndTok = t;
@@ -945,11 +963,11 @@ bool IsType(ref IToken pt) { MemberModifiers mmod = new MemberModifiers();
IToken staticToken = null, protectedToken = null;
- while (la.kind == 65 || la.kind == 66 || la.kind == 67) {
- if (la.kind == 65) {
+ while (la.kind == 70 || la.kind == 71 || la.kind == 72) {
+ if (la.kind == 70) {
Get();
mmod.IsGhost = true;
- } else if (la.kind == 66) {
+ } else if (la.kind == 71) {
Get();
mmod.IsStatic = true; staticToken = t;
} else {
@@ -957,7 +975,7 @@ bool IsType(ref IToken pt) { mmod.IsProtected = true; protectedToken = t;
}
}
- if (la.kind == 70) {
+ if (la.kind == 75) {
if (moduleLevelDecl) {
SemErr(la, "fields are not allowed to be declared at the module level; instead, wrap the field in a 'class' declaration");
mmod.IsStatic = false;
@@ -965,7 +983,7 @@ bool IsType(ref IToken pt) { }
FieldDecl(mmod, mm);
- } else if (la.kind == 84 || la.kind == 85 || la.kind == 86) {
+ } else if (IsFunctionDecl()) {
if (moduleLevelDecl && staticToken != null) {
errors.Warning(staticToken, "module-level functions are always non-instance, so the 'static' keyword is not allowed here");
mmod.IsStatic = false;
@@ -985,21 +1003,21 @@ bool IsType(ref IToken pt) { MethodDecl(mmod, allowConstructors, out m);
mm.Add(m);
- } else SynErr(148);
+ } else SynErr(149);
}
void Attribute(ref Attributes attrs) {
string name;
var args = new List<Expression>();
- Expect(39);
+ Expect(44);
Expect(20);
Expect(1);
name = t.val;
if (StartOf(7)) {
Expressions(args);
}
- Expect(40);
+ Expect(45);
attrs = new Attributes(name, args, attrs);
}
@@ -1035,13 +1053,13 @@ bool IsType(ref IToken pt) { IToken/*!*/ id;
TypeParameter.EqualitySupportValue eqSupport;
- Expect(45);
+ Expect(50);
NoUSIdent(out id);
eqSupport = TypeParameter.EqualitySupportValue.Unspecified;
- if (la.kind == 43) {
+ if (la.kind == 48) {
Get();
- Expect(47);
- Expect(44);
+ Expect(52);
+ Expect(49);
eqSupport = TypeParameter.EqualitySupportValue.Required;
}
typeArgs.Add(new TypeParameter(id, id.val, eqSupport));
@@ -1049,15 +1067,15 @@ bool IsType(ref IToken pt) { Get();
NoUSIdent(out id);
eqSupport = TypeParameter.EqualitySupportValue.Unspecified;
- if (la.kind == 43) {
+ if (la.kind == 48) {
Get();
- Expect(47);
- Expect(44);
+ Expect(52);
+ Expect(49);
eqSupport = TypeParameter.EqualitySupportValue.Required;
}
typeArgs.Add(new TypeParameter(id, id.val, eqSupport));
}
- Expect(46);
+ Expect(51);
}
void Type(out Type ty) {
@@ -1070,11 +1088,11 @@ bool IsType(ref IToken pt) { Attributes attrs = null;
IToken/*!*/ id; Type/*!*/ ty;
- while (!(la.kind == 0 || la.kind == 70)) {SynErr(149); Get();}
- Expect(70);
+ while (!(la.kind == 0 || la.kind == 75)) {SynErr(150); Get();}
+ Expect(75);
if (mmod.IsStatic) { SemErr(t, "fields cannot be declared 'static'"); }
- while (la.kind == 39) {
+ while (la.kind == 44) {
Attribute(ref attrs);
}
FIdentType(out id, out ty);
@@ -1099,55 +1117,55 @@ bool IsType(ref IToken pt) { List<FrameExpression/*!*/> reads = new List<FrameExpression/*!*/>();
List<Expression/*!*/> decreases;
Expression body = null;
- bool isPredicate = false; bool isCoPredicate = false;
+ bool isPredicate = false; bool isIndPredicate = false; bool isCoPredicate = false;
bool isFunctionMethod = false;
IToken bodyStart = Token.NoToken;
IToken bodyEnd = Token.NoToken;
IToken signatureEllipsis = null;
bool missingOpenParen;
- if (la.kind == 84) {
+ if (la.kind == 36) {
Get();
- if (la.kind == 76) {
+ if (la.kind == 81) {
Get();
isFunctionMethod = true;
}
if (mmod.IsGhost) { SemErr(t, "functions cannot be declared 'ghost' (they are ghost by default)"); }
- while (la.kind == 39) {
+ while (la.kind == 44) {
Attribute(ref attrs);
}
NoUSIdent(out id);
- if (la.kind == 43 || la.kind == 45) {
- if (la.kind == 45) {
+ if (la.kind == 48 || la.kind == 50) {
+ if (la.kind == 50) {
GenericParameters(typeArgs);
}
Formals(true, isFunctionMethod, formals);
Expect(20);
Type(out returnType);
- } else if (la.kind == 52) {
+ } else if (la.kind == 57) {
Get();
signatureEllipsis = t;
- } else SynErr(150);
- } else if (la.kind == 85) {
+ } else SynErr(151);
+ } else if (la.kind == 37) {
Get();
isPredicate = true;
- if (la.kind == 76) {
+ if (la.kind == 81) {
Get();
isFunctionMethod = true;
}
if (mmod.IsGhost) { SemErr(t, "predicates cannot be declared 'ghost' (they are ghost by default)"); }
- while (la.kind == 39) {
+ while (la.kind == 44) {
Attribute(ref attrs);
}
NoUSIdent(out id);
if (StartOf(8)) {
- if (la.kind == 45) {
+ if (la.kind == 50) {
GenericParameters(typeArgs);
}
missingOpenParen = true;
- if (la.kind == 43) {
+ if (la.kind == 48) {
Formals(true, isFunctionMethod, formals);
missingOpenParen = false;
}
@@ -1156,43 +1174,61 @@ bool IsType(ref IToken pt) { Get();
SemErr(t, "predicates do not have an explicitly declared return type; it is always bool");
}
- } else if (la.kind == 52) {
+ } else if (la.kind == 57) {
Get();
signatureEllipsis = t;
- } else SynErr(151);
- } else if (la.kind == 86) {
+ } else SynErr(152);
+ } else if (la.kind == 38) {
+ Get();
+ Expect(37);
+ isIndPredicate = true;
+ if (mmod.IsGhost) { SemErr(t, "inductive predicates cannot be declared 'ghost' (they are ghost by default)"); }
+
+ while (la.kind == 44) {
+ Attribute(ref attrs);
+ }
+ NoUSIdent(out id);
+ if (la.kind == 48 || la.kind == 50) {
+ if (la.kind == 50) {
+ GenericParameters(typeArgs);
+ }
+ Formals(true, isFunctionMethod, formals);
+ if (la.kind == 20) {
+ Get();
+ SemErr(t, "inductive predicates do not have an explicitly declared return type; it is always bool");
+ }
+ } else if (la.kind == 57) {
+ Get();
+ signatureEllipsis = t;
+ } else SynErr(153);
+ } else if (la.kind == 40) {
Get();
isCoPredicate = true;
if (mmod.IsGhost) { SemErr(t, "copredicates cannot be declared 'ghost' (they are ghost by default)"); }
- while (la.kind == 39) {
+ while (la.kind == 44) {
Attribute(ref attrs);
}
NoUSIdent(out id);
- if (StartOf(8)) {
- if (la.kind == 45) {
+ if (la.kind == 48 || la.kind == 50) {
+ if (la.kind == 50) {
GenericParameters(typeArgs);
}
- missingOpenParen = true;
- if (la.kind == 43) {
- Formals(true, isFunctionMethod, formals);
- missingOpenParen = false;
- }
- if (missingOpenParen) { errors.Warning(t, "with the new support of higher-order functions in Dafny, parentheses-less co-predicates are no longer supported; in the new syntax, parentheses are required for the declaration and uses of predicates, even if the co-predicate takes no additional arguments"); }
+ Formals(true, isFunctionMethod, formals);
if (la.kind == 20) {
Get();
SemErr(t, "copredicates do not have an explicitly declared return type; it is always bool");
}
- } else if (la.kind == 52) {
+ } else if (la.kind == 57) {
Get();
signatureEllipsis = t;
- } else SynErr(152);
- } else SynErr(153);
- decreases = isCoPredicate ? null : new List<Expression/*!*/>();
+ } else SynErr(154);
+ } else SynErr(155);
+ decreases = isIndPredicate || isCoPredicate ? null : new List<Expression/*!*/>();
while (StartOf(9)) {
FunctionSpec(reqs, reads, ens, decreases);
}
- if (la.kind == 39) {
+ if (la.kind == 44) {
FunctionBody(out body, out bodyStart, out bodyEnd);
}
if (DafnyOptions.O.DisallowSoundnessCheating && body == null && ens.Count > 0 && !Attributes.Contains(attrs, "axiom") && !Attributes.Contains(attrs, "imported")) {
@@ -1203,9 +1239,12 @@ bool IsType(ref IToken pt) { if (isPredicate) {
f = new Predicate(tok, id.val, mmod.IsStatic, mmod.IsProtected, !isFunctionMethod, typeArgs, formals,
reqs, reads, ens, new Specification<Expression>(decreases, null), body, Predicate.BodyOriginKind.OriginalOrInherited, attrs, signatureEllipsis);
+ } else if (isIndPredicate) {
+ f = new InductivePredicate(tok, id.val, mmod.IsStatic, mmod.IsProtected, typeArgs, formals,
+ reqs, reads, ens, body, attrs, signatureEllipsis);
} else if (isCoPredicate) {
f = new CoPredicate(tok, id.val, mmod.IsStatic, mmod.IsProtected, typeArgs, formals,
- reqs, reads, ens, body, attrs, signatureEllipsis);
+ reqs, reads, ens, body, attrs, signatureEllipsis);
} else {
f = new Function(tok, id.val, mmod.IsStatic, mmod.IsProtected, !isFunctionMethod, typeArgs, formals, returnType,
reqs, reads, ens, new Specification<Expression>(decreases, null), body, attrs, signatureEllipsis);
@@ -1213,7 +1252,7 @@ bool IsType(ref IToken pt) { f.BodyStartTok = bodyStart;
f.BodyEndTok = bodyEnd;
theBuiltIns.CreateArrowTypeDecl(formals.Count);
- if (isCoPredicate) {
+ if (isIndPredicate || isCoPredicate) {
// also create an arrow type for the corresponding prefix predicate
theBuiltIns.CreateArrowTypeDecl(formals.Count + 1);
}
@@ -1237,26 +1276,42 @@ bool IsType(ref IToken pt) { BlockStmt body = null;
bool isLemma = false;
bool isConstructor = false;
+ bool isIndLemma = false;
bool isCoLemma = false;
IToken signatureEllipsis = null;
IToken bodyStart = Token.NoToken;
IToken bodyEnd = Token.NoToken;
- while (!(StartOf(10))) {SynErr(154); Get();}
- if (la.kind == 76) {
+ while (!(StartOf(10))) {SynErr(156); Get();}
+ switch (la.kind) {
+ case 81: {
Get();
- } else if (la.kind == 77) {
+ break;
+ }
+ case 39: {
Get();
isLemma = true;
- } else if (la.kind == 78) {
+ break;
+ }
+ case 82: {
Get();
isCoLemma = true;
- } else if (la.kind == 79) {
+ break;
+ }
+ case 83: {
Get();
isCoLemma = true;
errors.Warning(t, "the 'comethod' keyword has been deprecated; it has been renamed to 'colemma'");
- } else if (la.kind == 80) {
+ break;
+ }
+ case 38: {
+ Get();
+ Expect(39);
+ isIndLemma = true;
+ break;
+ }
+ case 84: {
Get();
if (allowConstructor) {
isConstructor = true;
@@ -1264,7 +1319,10 @@ bool IsType(ref IToken pt) { SemErr(t, "constructors are allowed only in classes");
}
- } else SynErr(155);
+ break;
+ }
+ default: SynErr(157); break;
+ }
keywordToken = t;
if (isLemma) {
if (mmod.IsGhost) {
@@ -1277,13 +1335,17 @@ bool IsType(ref IToken pt) { if (mmod.IsStatic) {
SemErr(t, "constructors cannot be declared 'static'");
}
+ } else if (isIndLemma) {
+ if (mmod.IsGhost) {
+ SemErr(t, "inductive lemmas cannot be declared 'ghost' (they are automatically 'ghost')");
+ }
} else if (isCoLemma) {
if (mmod.IsGhost) {
SemErr(t, "colemmas cannot be declared 'ghost' (they are automatically 'ghost')");
}
}
- while (la.kind == 39) {
+ while (la.kind == 44) {
Attribute(ref attrs);
}
if (la.kind == 1) {
@@ -1297,24 +1359,24 @@ bool IsType(ref IToken pt) { }
}
- if (la.kind == 43 || la.kind == 45) {
- if (la.kind == 45) {
+ if (la.kind == 48 || la.kind == 50) {
+ if (la.kind == 50) {
GenericParameters(typeArgs);
}
Formals(true, !mmod.IsGhost, ins);
- if (la.kind == 75) {
+ if (la.kind == 80) {
Get();
if (isConstructor) { SemErr(t, "constructors cannot have out-parameters"); }
Formals(false, !mmod.IsGhost, outs);
}
- } else if (la.kind == 52) {
+ } else if (la.kind == 57) {
Get();
signatureEllipsis = t;
- } else SynErr(156);
+ } else SynErr(158);
while (StartOf(11)) {
MethodSpec(req, mod, ens, dec, ref decAttrs, ref modAttrs);
}
- if (la.kind == 39) {
+ if (la.kind == 44) {
BlockStmt(out body, out bodyStart, out bodyEnd);
}
if (DafnyOptions.O.DisallowSoundnessCheating && body == null && ens.Count > 0 && !Attributes.Contains(attrs, "axiom") && !Attributes.Contains(attrs, "imported") && !Attributes.Contains(attrs, "decl") && theVerifyThisFile) {
@@ -1325,6 +1387,9 @@ bool IsType(ref IToken pt) { if (isConstructor) {
m = new Constructor(tok, hasName ? id.val : "_ctor", typeArgs, ins,
req, new Specification<FrameExpression>(mod, modAttrs), ens, new Specification<Expression>(dec, decAttrs), body, attrs, signatureEllipsis);
+ } else if (isIndLemma) {
+ m = new InductiveLemma(tok, id.val, mmod.IsStatic, typeArgs, ins, outs,
+ req, new Specification<FrameExpression>(mod, modAttrs), ens, new Specification<Expression>(dec, decAttrs), body, attrs, signatureEllipsis);
} else if (isCoLemma) {
m = new CoLemma(tok, id.val, mmod.IsStatic, typeArgs, ins, outs,
req, new Specification<FrameExpression>(mod, modAttrs), ens, new Specification<Expression>(dec, decAttrs), body, attrs, signatureEllipsis);
@@ -1346,11 +1411,11 @@ bool IsType(ref IToken pt) { IToken/*!*/ id;
List<Formal/*!*/> formals = new List<Formal/*!*/>();
- while (la.kind == 39) {
+ while (la.kind == 44) {
Attribute(ref attrs);
}
NoUSIdent(out id);
- if (la.kind == 43) {
+ if (la.kind == 48) {
FormalsOptionalIds(formals);
}
ctors.Add(new DatatypeCtor(id, id.val, formals, attrs));
@@ -1358,7 +1423,7 @@ bool IsType(ref IToken pt) { void FormalsOptionalIds(List<Formal/*!*/>/*!*/ formals) {
Contract.Requires(cce.NonNullElements(formals)); IToken/*!*/ id; Type/*!*/ ty; string/*!*/ name; bool isGhost;
- Expect(43);
+ Expect(48);
if (StartOf(12)) {
TypeIdentOptional(out id, out name, out ty, out isGhost);
formals.Add(new Formal(id, name, ty, true, isGhost));
@@ -1368,7 +1433,7 @@ bool IsType(ref IToken pt) { formals.Add(new Formal(id, name, ty, true, isGhost));
}
}
- Expect(44);
+ Expect(49);
}
void FIdentType(out IToken/*!*/ id, out Type/*!*/ ty) {
@@ -1380,14 +1445,14 @@ bool IsType(ref IToken pt) { } else if (la.kind == 2) {
Get();
id = t;
- } else SynErr(157);
+ } else SynErr(159);
Expect(20);
Type(out ty);
}
void OldSemi() {
if (la.kind == 26) {
- while (!(la.kind == 0 || la.kind == 26)) {SynErr(158); Get();}
+ while (!(la.kind == 0 || la.kind == 26)) {SynErr(160); Get();}
Get();
}
}
@@ -1410,7 +1475,7 @@ bool IsType(ref IToken pt) { Contract.Ensures(Contract.ValueAtReturn(out id)!=null);
Contract.Ensures(Contract.ValueAtReturn(out ty)!=null);
isGhost = false;
- if (la.kind == 65) {
+ if (la.kind == 70) {
Get();
if (allowGhostKeyword) { isGhost = true; } else { SemErr(t, "formal cannot be declared 'ghost' in this context"); }
}
@@ -1462,7 +1527,7 @@ bool IsType(ref IToken pt) { Contract.Ensures(Contract.ValueAtReturn(out ty)!=null);
Contract.Ensures(Contract.ValueAtReturn(out identName)!=null);
string name = null; id = Token.NoToken; ty = new BoolType()/*dummy*/; isGhost = false;
- if (la.kind == 65) {
+ if (la.kind == 70) {
Get();
isGhost = true;
}
@@ -1484,7 +1549,7 @@ bool IsType(ref IToken pt) { id = t; name = id.val;
Expect(20);
Type(out ty);
- } else SynErr(159);
+ } else SynErr(161);
if (name != null) {
identName = name;
} else {
@@ -1532,7 +1597,7 @@ bool IsType(ref IToken pt) { case 13: {
Get();
tok = t; gt = new List<Type>();
- if (la.kind == 45) {
+ if (la.kind == 50) {
GenericInstantiation(gt);
}
if (gt.Count > 1) {
@@ -1545,7 +1610,7 @@ bool IsType(ref IToken pt) { case 14: {
Get();
tok = t; gt = new List<Type>();
- if (la.kind == 45) {
+ if (la.kind == 50) {
GenericInstantiation(gt);
}
if (gt.Count > 1) {
@@ -1558,7 +1623,7 @@ bool IsType(ref IToken pt) { case 15: {
Get();
tok = t; gt = new List<Type>();
- if (la.kind == 45) {
+ if (la.kind == 50) {
GenericInstantiation(gt);
}
if (gt.Count > 1) {
@@ -1576,7 +1641,7 @@ bool IsType(ref IToken pt) { case 16: {
Get();
tok = t; gt = new List<Type>();
- if (la.kind == 45) {
+ if (la.kind == 50) {
GenericInstantiation(gt);
}
if (gt.Count == 0) {
@@ -1593,7 +1658,7 @@ bool IsType(ref IToken pt) { case 17: {
Get();
tok = t; gt = new List<Type>();
- if (la.kind == 45) {
+ if (la.kind == 50) {
GenericInstantiation(gt);
}
if (gt.Count == 0) {
@@ -1610,7 +1675,7 @@ bool IsType(ref IToken pt) { case 5: {
Get();
tok = t; gt = null;
- if (la.kind == 45) {
+ if (la.kind == 50) {
gt = new List<Type>();
GenericInstantiation(gt);
}
@@ -1619,7 +1684,7 @@ bool IsType(ref IToken pt) { break;
}
- case 43: {
+ case 48: {
Get();
tok = t; tupleArgTypes = new List<Type>();
if (StartOf(3)) {
@@ -1631,7 +1696,7 @@ bool IsType(ref IToken pt) { tupleArgTypes.Add(ty);
}
}
- Expect(44);
+ Expect(49);
if (tupleArgTypes.Count == 1) {
// just return the type 'ty'
} else {
@@ -1650,7 +1715,7 @@ bool IsType(ref IToken pt) { Get();
Expect(1);
tok = t; List<Type> typeArgs = null;
- if (la.kind == 45) {
+ if (la.kind == 50) {
typeArgs = new List<Type>();
GenericInstantiation(typeArgs);
}
@@ -1659,7 +1724,7 @@ bool IsType(ref IToken pt) { ty = new UserDefinedType(e.tok, e);
break;
}
- default: SynErr(160); break;
+ default: SynErr(162); break;
}
if (la.kind == 28) {
Type t2;
@@ -1679,8 +1744,8 @@ bool IsType(ref IToken pt) { void Formals(bool incoming, bool allowGhostKeyword, List<Formal> formals) {
Contract.Requires(cce.NonNullElements(formals)); IToken id; Type ty; bool isGhost;
- Expect(43);
- if (la.kind == 1 || la.kind == 65) {
+ Expect(48);
+ if (la.kind == 1 || la.kind == 70) {
GIdentType(allowGhostKeyword, out id, out ty, out isGhost);
formals.Add(new Formal(id, id.val, ty, incoming, isGhost));
while (la.kind == 21) {
@@ -1689,7 +1754,7 @@ bool IsType(ref IToken pt) { formals.Add(new Formal(id, id.val, ty, incoming, isGhost));
}
}
- Expect(44);
+ Expect(49);
}
void IteratorSpec(List<FrameExpression/*!*/>/*!*/ reads, List<FrameExpression/*!*/>/*!*/ mod, List<Expression/*!*/> decreases,
@@ -1698,8 +1763,8 @@ List<MaybeFreeExpression/*!*/>/*!*/ yieldReq, List<MaybeFreeExpression/*!*/>/*!* ref Attributes readsAttrs, ref Attributes modAttrs, ref Attributes decrAttrs) {
Expression/*!*/ e; FrameExpression/*!*/ fe; bool isFree = false; bool isYield = false; Attributes ensAttrs = null;
- while (!(StartOf(13))) {SynErr(161); Get();}
- if (la.kind == 37) {
+ while (!(StartOf(13))) {SynErr(163); Get();}
+ if (la.kind == 42) {
Get();
while (IsAttribute()) {
Attribute(ref readsAttrs);
@@ -1712,7 +1777,7 @@ ref Attributes readsAttrs, ref Attributes modAttrs, ref Attributes decrAttrs) { reads.Add(fe);
}
OldSemi();
- } else if (la.kind == 36) {
+ } else if (la.kind == 41) {
Get();
while (IsAttribute()) {
Attribute(ref modAttrs);
@@ -1726,17 +1791,17 @@ ref Attributes readsAttrs, ref Attributes modAttrs, ref Attributes decrAttrs) { }
OldSemi();
} else if (StartOf(14)) {
- if (la.kind == 81) {
+ if (la.kind == 85) {
Get();
isFree = true;
errors.Warning(t, "the 'free' keyword is soon to be deprecated");
}
- if (la.kind == 83) {
+ if (la.kind == 87) {
Get();
isYield = true;
}
- if (la.kind == 38) {
+ if (la.kind == 43) {
Get();
Expression(out e, false, false);
OldSemi();
@@ -1746,7 +1811,7 @@ ref Attributes readsAttrs, ref Attributes modAttrs, ref Attributes decrAttrs) { req.Add(new MaybeFreeExpression(e, isFree));
}
- } else if (la.kind == 82) {
+ } else if (la.kind == 86) {
Get();
while (IsAttribute()) {
Attribute(ref ensAttrs);
@@ -1759,7 +1824,7 @@ ref Attributes readsAttrs, ref Attributes modAttrs, ref Attributes decrAttrs) { ens.Add(new MaybeFreeExpression(e, isFree, ensAttrs));
}
- } else SynErr(162);
+ } else SynErr(164);
} else if (la.kind == 34) {
Get();
while (IsAttribute()) {
@@ -1767,19 +1832,19 @@ ref Attributes readsAttrs, ref Attributes modAttrs, ref Attributes decrAttrs) { }
DecreasesList(decreases, false, false);
OldSemi();
- } else SynErr(163);
+ } else SynErr(165);
}
void BlockStmt(out BlockStmt/*!*/ block, out IToken bodyStart, out IToken bodyEnd) {
Contract.Ensures(Contract.ValueAtReturn(out block) != null);
List<Statement/*!*/> body = new List<Statement/*!*/>();
- Expect(39);
+ Expect(44);
bodyStart = t;
while (StartOf(15)) {
Stmt(body);
}
- Expect(40);
+ Expect(45);
bodyEnd = t;
block = new BlockStmt(bodyStart, bodyEnd, body);
}
@@ -1789,8 +1854,8 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Contract.Requires(cce.NonNullElements(req)); Contract.Requires(cce.NonNullElements(mod)); Contract.Requires(cce.NonNullElements(ens)); Contract.Requires(cce.NonNullElements(decreases));
Expression/*!*/ e; FrameExpression/*!*/ fe; bool isFree = false; Attributes ensAttrs = null;
- while (!(StartOf(16))) {SynErr(164); Get();}
- if (la.kind == 36) {
+ while (!(StartOf(16))) {SynErr(166); Get();}
+ if (la.kind == 41) {
Get();
while (IsAttribute()) {
Attribute(ref modAttrs);
@@ -1803,19 +1868,19 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo mod.Add(fe);
}
OldSemi();
- } else if (la.kind == 38 || la.kind == 81 || la.kind == 82) {
- if (la.kind == 81) {
+ } else if (la.kind == 43 || la.kind == 85 || la.kind == 86) {
+ if (la.kind == 85) {
Get();
isFree = true;
errors.Warning(t, "the 'free' keyword is soon to be deprecated");
}
- if (la.kind == 38) {
+ if (la.kind == 43) {
Get();
Expression(out e, false, false);
OldSemi();
req.Add(new MaybeFreeExpression(e, isFree));
- } else if (la.kind == 82) {
+ } else if (la.kind == 86) {
Get();
while (IsAttribute()) {
Attribute(ref ensAttrs);
@@ -1823,7 +1888,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Expression(out e, false, false);
OldSemi();
ens.Add(new MaybeFreeExpression(e, isFree, ensAttrs));
- } else SynErr(165);
+ } else SynErr(167);
} else if (la.kind == 34) {
Get();
while (IsAttribute()) {
@@ -1831,7 +1896,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo }
DecreasesList(decreases, true, false);
OldSemi();
- } else SynErr(166);
+ } else SynErr(168);
}
void FrameExpression(out FrameExpression fe, bool allowSemi, bool allowLambda) {
@@ -1844,18 +1909,18 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo if (StartOf(7)) {
Expression(out e, allowSemi, allowLambda);
feTok = e.tok;
- if (la.kind == 87) {
+ if (la.kind == 88) {
Get();
Ident(out id);
fieldName = id.val; feTok = id;
}
fe = new FrameExpression(feTok, e, fieldName);
- } else if (la.kind == 87) {
+ } else if (la.kind == 88) {
Get();
Ident(out id);
fieldName = id.val;
fe = new FrameExpression(id, new ImplicitThisExpr(id), fieldName);
- } else SynErr(167);
+ } else SynErr(169);
}
void DecreasesList(List<Expression> decreases, bool allowWildcard, bool allowLambda) {
@@ -1881,7 +1946,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo void GenericInstantiation(List<Type/*!*/>/*!*/ gt) {
Contract.Requires(cce.NonNullElements(gt)); Type/*!*/ ty;
- Expect(45);
+ Expect(50);
Type(out ty);
gt.Add(ty);
while (la.kind == 21) {
@@ -1889,7 +1954,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Type(out ty);
gt.Add(ty);
}
- Expect(46);
+ Expect(51);
}
void NameSegmentForTypeName(out Expression e) {
@@ -1897,7 +1962,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo List<Type> typeArgs = null;
Ident(out id);
- if (la.kind == 45) {
+ if (la.kind == 50) {
typeArgs = new List<Type>();
GenericInstantiation(typeArgs);
}
@@ -1910,13 +1975,13 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Contract.Requires(cce.NonNullElements(reads));
Contract.Requires(decreases == null || cce.NonNullElements(decreases));
Expression/*!*/ e; FrameExpression/*!*/ fe;
- while (!(StartOf(17))) {SynErr(168); Get();}
- if (la.kind == 38) {
+ while (!(StartOf(17))) {SynErr(170); Get();}
+ if (la.kind == 43) {
Get();
Expression(out e, false, false);
OldSemi();
reqs.Add(e);
- } else if (la.kind == 37) {
+ } else if (la.kind == 42) {
Get();
PossiblyWildFrameExpression(out fe, false);
reads.Add(fe);
@@ -1926,7 +1991,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo reads.Add(fe);
}
OldSemi();
- } else if (la.kind == 82) {
+ } else if (la.kind == 86) {
Get();
Expression(out e, false, false);
OldSemi();
@@ -1940,37 +2005,37 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo DecreasesList(decreases, false, false);
OldSemi();
- } else SynErr(169);
+ } else SynErr(171);
}
void FunctionBody(out Expression/*!*/ e, out IToken bodyStart, out IToken bodyEnd) {
Contract.Ensures(Contract.ValueAtReturn(out e) != null); e = dummyExpr;
- Expect(39);
+ Expect(44);
bodyStart = t;
Expression(out e, true, true);
- Expect(40);
+ Expect(45);
bodyEnd = t;
}
void PossiblyWildFrameExpression(out FrameExpression fe, bool allowSemi) {
Contract.Ensures(Contract.ValueAtReturn(out fe) != null); fe = dummyFrameExpr;
- if (la.kind == 50) {
+ if (la.kind == 55) {
Get();
fe = new FrameExpression(t, new WildcardExpr(t), null);
} else if (StartOf(18)) {
FrameExpression(out fe, allowSemi, false);
- } else SynErr(170);
+ } else SynErr(172);
}
void PossiblyWildExpression(out Expression e, bool allowLambda) {
Contract.Ensures(Contract.ValueAtReturn(out e)!=null);
e = dummyExpr;
- if (la.kind == 50) {
+ if (la.kind == 55) {
Get();
e = new WildcardExpr(t);
} else if (StartOf(7)) {
Expression(out e, false, allowLambda);
- } else SynErr(171);
+ } else SynErr(173);
}
void Stmt(List<Statement/*!*/>/*!*/ ss) {
@@ -1987,14 +2052,14 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo IToken bodyStart, bodyEnd;
int breakCount;
- while (!(StartOf(19))) {SynErr(172); Get();}
+ while (!(StartOf(19))) {SynErr(174); Get();}
switch (la.kind) {
- case 39: {
+ case 44: {
BlockStmt(out bs, out bodyStart, out bodyEnd);
s = bs;
break;
}
- case 98: {
+ case 99: {
AssertStmt(out s);
break;
}
@@ -2002,31 +2067,31 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo AssumeStmt(out s);
break;
}
- case 99: {
+ case 100: {
PrintStmt(out s);
break;
}
- case 1: case 2: case 3: case 4: case 8: case 10: case 18: case 19: case 22: case 43: case 128: case 129: case 130: case 131: case 132: case 133: {
+ case 1: case 2: case 3: case 4: case 8: case 10: case 18: case 19: case 22: case 48: case 129: case 130: case 131: case 132: case 133: case 134: {
UpdateStmt(out s);
break;
}
- case 65: case 70: {
+ case 70: case 75: {
VarDeclStatement(out s);
break;
}
- case 95: {
+ case 96: {
IfStmt(out s);
break;
}
- case 96: {
+ case 97: {
WhileStmt(out s);
break;
}
- case 97: {
+ case 98: {
MatchStmt(out s);
break;
}
- case 100: case 101: {
+ case 101: case 102: {
ForallStmt(out s);
break;
}
@@ -2034,11 +2099,11 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo CalcStmt(out s);
break;
}
- case 102: {
+ case 103: {
ModifyStmt(out s);
break;
}
- case 88: {
+ case 89: {
Get();
x = t;
NoUSIdent(out id);
@@ -2047,32 +2112,32 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo s.Labels = new LList<Label>(new Label(x, id.val), s.Labels);
break;
}
- case 89: {
+ case 90: {
Get();
x = t; breakCount = 1; label = null;
if (la.kind == 1) {
NoUSIdent(out id);
label = id.val;
- } else if (la.kind == 26 || la.kind == 89) {
- while (la.kind == 89) {
+ } else if (la.kind == 26 || la.kind == 90) {
+ while (la.kind == 90) {
Get();
breakCount++;
}
- } else SynErr(173);
- while (!(la.kind == 0 || la.kind == 26)) {SynErr(174); Get();}
+ } else SynErr(175);
+ while (!(la.kind == 0 || la.kind == 26)) {SynErr(176); Get();}
Expect(26);
s = label != null ? new BreakStmt(x, t, label) : new BreakStmt(x, t, breakCount);
break;
}
- case 83: case 92: {
+ case 87: case 93: {
ReturnStmt(out s);
break;
}
- case 52: {
+ case 57: {
SkeletonStmt(out s);
break;
}
- default: SynErr(175); break;
+ default: SynErr(177); break;
}
}
@@ -2081,17 +2146,17 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Expression e = dummyExpr; Attributes attrs = null;
IToken dotdotdot = null;
- Expect(98);
+ Expect(99);
x = t;
while (IsAttribute()) {
Attribute(ref attrs);
}
if (StartOf(7)) {
Expression(out e, false, true);
- } else if (la.kind == 52) {
+ } else if (la.kind == 57) {
Get();
dotdotdot = t;
- } else SynErr(176);
+ } else SynErr(178);
Expect(26);
if (dotdotdot != null) {
s = new SkeletonStatement(new AssertStmt(x, t, new LiteralExpr(x, true), attrs), dotdotdot, null);
@@ -2113,10 +2178,10 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo }
if (StartOf(7)) {
Expression(out e, false, true);
- } else if (la.kind == 52) {
+ } else if (la.kind == 57) {
Get();
dotdotdot = t;
- } else SynErr(177);
+ } else SynErr(179);
Expect(26);
if (dotdotdot != null) {
s = new SkeletonStatement(new AssumeStmt(x, t, new LiteralExpr(x, true), attrs), dotdotdot, null);
@@ -2131,7 +2196,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo IToken x; Expression e;
var args = new List<Expression>();
- Expect(99);
+ Expect(100);
x = t;
Expression(out e, false, true);
args.Add(e);
@@ -2155,20 +2220,20 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Lhs(out e);
x = e.tok;
- if (la.kind == 26 || la.kind == 39) {
- while (la.kind == 39) {
+ if (la.kind == 26 || la.kind == 44) {
+ while (la.kind == 44) {
Attribute(ref attrs);
}
Expect(26);
endTok = t; rhss.Add(new ExprRhs(e, attrs));
- } else if (la.kind == 21 || la.kind == 91 || la.kind == 93) {
+ } else if (la.kind == 21 || la.kind == 92 || la.kind == 94) {
lhss.Add(e);
while (la.kind == 21) {
Get();
Lhs(out e);
lhss.Add(e);
}
- if (la.kind == 91) {
+ if (la.kind == 92) {
Get();
x = t;
Rhs(out r);
@@ -2178,7 +2243,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Rhs(out r);
rhss.Add(r);
}
- } else if (la.kind == 93) {
+ } else if (la.kind == 94) {
Get();
x = t;
if (la.kind == _assume) {
@@ -2186,13 +2251,13 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo suchThatAssume = t;
}
Expression(out suchThat, false, true);
- } else SynErr(178);
+ } else SynErr(180);
Expect(26);
endTok = t;
} else if (la.kind == 20) {
Get();
SemErr(t, "invalid statement (did you forget the 'label' keyword?)");
- } else SynErr(179);
+ } else SynErr(181);
if (suchThat != null) {
s = new AssignSuchThatStmt(x, endTok, lhss, suchThat, suchThatAssume, null);
} else {
@@ -2216,27 +2281,27 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Attributes attrs = null;
IToken endTok;
- if (la.kind == 65) {
+ if (la.kind == 70) {
Get();
isGhost = true; x = t;
}
- Expect(70);
+ Expect(75);
if (!isGhost) { x = t; }
- while (la.kind == 39) {
+ while (la.kind == 44) {
Attribute(ref attrs);
}
LocalIdentTypeOptional(out d, isGhost);
lhss.Add(d); d.Attributes = attrs; attrs = null;
while (la.kind == 21) {
Get();
- while (la.kind == 39) {
+ while (la.kind == 44) {
Attribute(ref attrs);
}
LocalIdentTypeOptional(out d, isGhost);
lhss.Add(d); d.Attributes = attrs; attrs = null;
}
- if (la.kind == 39 || la.kind == 91 || la.kind == 93) {
- if (la.kind == 91) {
+ if (la.kind == 44 || la.kind == 92 || la.kind == 94) {
+ if (la.kind == 92) {
Get();
assignTok = t;
Rhs(out r);
@@ -2247,10 +2312,10 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo rhss.Add(r);
}
} else {
- while (la.kind == 39) {
+ while (la.kind == 44) {
Attribute(ref attrs);
}
- Expect(93);
+ Expect(94);
assignTok = t;
if (la.kind == _assume) {
Expect(29);
@@ -2259,7 +2324,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Expression(out suchThat, false, true);
}
}
- while (!(la.kind == 0 || la.kind == 26)) {SynErr(180); Get();}
+ while (!(la.kind == 0 || la.kind == 26)) {SynErr(182); Get();}
Expect(26);
endTok = t;
ConcreteUpdateStatement update;
@@ -2293,7 +2358,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo List<GuardedAlternative> alternatives;
ifStmt = dummyStmt; // to please the compiler
- Expect(95);
+ Expect(96);
x = t;
if (IsAlternative()) {
AlternativeBlock(out alternatives, out endTok);
@@ -2309,13 +2374,13 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo endTok = thn.EndTok;
if (la.kind == 33) {
Get();
- if (la.kind == 95) {
+ if (la.kind == 96) {
IfStmt(out s);
els = s; endTok = s.EndTok;
- } else if (la.kind == 39) {
+ } else if (la.kind == 44) {
BlockStmt(out bs, out bodyStart, out bodyEnd);
els = bs; endTok = bs.EndTok;
- } else SynErr(181);
+ } else SynErr(183);
}
if (guardEllipsis != null) {
ifStmt = new SkeletonStatement(new IfStmt(x, endTok, guard, thn, els), guardEllipsis, null);
@@ -2323,7 +2388,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo ifStmt = new IfStmt(x, endTok, guard, thn, els);
}
- } else SynErr(182);
+ } else SynErr(184);
}
void WhileStmt(out Statement stmt) {
@@ -2342,7 +2407,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo stmt = dummyStmt; // to please the compiler
bool isDirtyLoop = true;
- Expect(96);
+ Expect(97);
x = t;
if (IsLoopSpec() || IsAlternative()) {
while (StartOf(22)) {
@@ -2365,10 +2430,10 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo BlockStmt(out body, out bodyStart, out bodyEnd);
endTok = body.EndTok; isDirtyLoop = false;
} else if (la.kind == _ellipsis) {
- Expect(52);
+ Expect(57);
bodyEllipsis = t; endTok = t; isDirtyLoop = false;
} else if (StartOf(23)) {
- } else SynErr(183);
+ } else SynErr(185);
if (guardEllipsis != null || bodyEllipsis != null) {
if (mod != null) {
SemErr(mod[0].E.tok, "'modifies' clauses are not allowed on refining loops");
@@ -2386,7 +2451,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo stmt = new WhileStmt(x, endTok, guard, invariants, new Specification<Expression>(decreases, decAttrs), new Specification<FrameExpression>(mod, modAttrs), body);
}
- } else SynErr(184);
+ } else SynErr(186);
}
void MatchStmt(out Statement/*!*/ s) {
@@ -2395,23 +2460,23 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo List<MatchCaseStmt/*!*/> cases = new List<MatchCaseStmt/*!*/>();
bool usesOptionalBrace = false;
- Expect(97);
+ Expect(98);
x = t;
Expression(out e, true, true);
if (la.kind == _lbrace) {
- Expect(39);
+ Expect(44);
usesOptionalBrace = true;
while (la.kind == 31) {
CaseStatement(out c);
cases.Add(c);
}
- Expect(40);
+ Expect(45);
} else if (StartOf(23)) {
while (la.kind == _case) {
CaseStatement(out c);
cases.Add(c);
}
- } else SynErr(185);
+ } else SynErr(187);
s = new MatchStmt(x, t, e, cases, usesOptionalBrace);
}
@@ -2428,38 +2493,38 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo IToken bodyStart, bodyEnd;
IToken tok = Token.NoToken;
- if (la.kind == 100) {
+ if (la.kind == 101) {
Get();
x = t; tok = x;
- } else if (la.kind == 101) {
+ } else if (la.kind == 102) {
Get();
x = t;
errors.Warning(t, "the 'parallel' keyword has been deprecated; the comprehension statement now uses the keyword 'forall' (and the parentheses around the bound variables are now optional)");
- } else SynErr(186);
+ } else SynErr(188);
if (la.kind == _openparen) {
- Expect(43);
+ Expect(48);
if (la.kind == 1) {
QuantifierDomain(out bvars, out attrs, out range);
}
- Expect(44);
+ Expect(49);
} else if (StartOf(24)) {
if (la.kind == _ident) {
QuantifierDomain(out bvars, out attrs, out range);
}
- } else SynErr(187);
+ } else SynErr(189);
if (bvars == null) { bvars = new List<BoundVar>(); }
if (range == null) { range = new LiteralExpr(x, true); }
- while (la.kind == 81 || la.kind == 82) {
+ while (la.kind == 85 || la.kind == 86) {
isFree = false;
- if (la.kind == 81) {
+ if (la.kind == 85) {
Get();
isFree = true;
errors.Warning(t, "the 'free' keyword is soon to be deprecated");
}
- Expect(82);
+ Expect(86);
Expression(out e, false, true);
ens.Add(new MaybeFreeExpression(e, isFree));
OldSemi();
@@ -2503,7 +2568,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo resOp = calcOp;
}
- Expect(39);
+ Expect(44);
while (StartOf(7)) {
Expression(out e, false, true);
lines.Add(e); stepOp = calcOp; danglingOperator = null;
@@ -2527,20 +2592,20 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo BlockStmt subBlock; Statement subCalc;
while (la.kind == _lbrace || la.kind == _calc) {
- if (la.kind == 39) {
+ if (la.kind == 44) {
BlockStmt(out subBlock, out t0, out t1);
hintEnd = subBlock.EndTok; subhints.Add(subBlock);
} else if (la.kind == 30) {
CalcStmt(out subCalc);
hintEnd = subCalc.EndTok; subhints.Add(subCalc);
- } else SynErr(188);
+ } else SynErr(190);
}
var h = new BlockStmt(hintStart, hintEnd, subhints); // if the hint is empty, hintStart is the first token of the next line, but it doesn't matter because the block statement is just used as a container
hints.Add(h);
if (h.Body.Count != 0) { danglingOperator = null; }
}
- Expect(40);
+ Expect(45);
if (danglingOperator != null) {
SemErr(danglingOperator, "a calculation cannot end with an operator");
}
@@ -2559,7 +2624,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo BlockStmt body = null; IToken bodyStart;
IToken ellipsisToken = null;
- Expect(102);
+ Expect(103);
tok = t;
while (IsAttribute()) {
Attribute(ref attrs);
@@ -2572,17 +2637,17 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo FrameExpression(out fe, false, true);
mod.Add(fe);
}
- } else if (la.kind == 52) {
+ } else if (la.kind == 57) {
Get();
ellipsisToken = t;
- } else SynErr(189);
- if (la.kind == 39) {
+ } else SynErr(191);
+ if (la.kind == 44) {
BlockStmt(out body, out bodyStart, out endTok);
} else if (la.kind == 26) {
- while (!(la.kind == 0 || la.kind == 26)) {SynErr(190); Get();}
+ while (!(la.kind == 0 || la.kind == 26)) {SynErr(192); Get();}
Get();
endTok = t;
- } else SynErr(191);
+ } else SynErr(193);
s = new ModifyStmt(tok, endTok, mod, attrs, body);
if (ellipsisToken != null) {
s = new SkeletonStatement(s, ellipsisToken, null);
@@ -2596,13 +2661,13 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo AssignmentRhs r;
bool isYield = false;
- if (la.kind == 92) {
+ if (la.kind == 93) {
Get();
returnTok = t;
- } else if (la.kind == 83) {
+ } else if (la.kind == 87) {
Get();
returnTok = t; isYield = true;
- } else SynErr(192);
+ } else SynErr(194);
if (StartOf(26)) {
Rhs(out r);
rhss = new List<AssignmentRhs>(); rhss.Add(r);
@@ -2626,9 +2691,9 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo List<Expression> exprs = null;
IToken tok, dotdotdot, whereTok;
Expression e;
- Expect(52);
+ Expect(57);
dotdotdot = t;
- if (la.kind == 90) {
+ if (la.kind == 91) {
Get();
names = new List<IToken>(); exprs = new List<Expression>(); whereTok = t;
Ident(out tok);
@@ -2638,7 +2703,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Ident(out tok);
names.Add(tok);
}
- Expect(91);
+ Expect(92);
Expression(out e, false, true);
exprs.Add(e);
while (la.kind == 21) {
@@ -2665,16 +2730,16 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo r = dummyRhs; // to please compiler
Attributes attrs = null;
- if (la.kind == 94) {
+ if (la.kind == 95) {
Get();
newToken = t;
TypeAndToken(out x, out ty);
- if (la.kind == 41 || la.kind == 43) {
- if (la.kind == 41) {
+ if (la.kind == 46 || la.kind == 48) {
+ if (la.kind == 46) {
Get();
ee = new List<Expression>();
Expressions(ee);
- Expect(42);
+ Expect(47);
var tmp = theBuiltIns.ArrayType(ee.Count, new IntType(), true);
} else {
@@ -2683,7 +2748,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo if (StartOf(7)) {
Expressions(args);
}
- Expect(44);
+ Expect(49);
}
}
if (ee != null) {
@@ -2694,14 +2759,14 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo r = new TypeRhs(newToken, ty);
}
- } else if (la.kind == 50) {
+ } else if (la.kind == 55) {
Get();
r = new HavocRhs(t);
} else if (StartOf(7)) {
Expression(out e, false, true);
r = new ExprRhs(e);
- } else SynErr(193);
- while (la.kind == 39) {
+ } else SynErr(195);
+ while (la.kind == 44) {
Attribute(ref attrs);
}
r.Attributes = attrs;
@@ -2712,16 +2777,16 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo if (la.kind == 1) {
NameSegment(out e);
- while (la.kind == 25 || la.kind == 41 || la.kind == 43) {
+ while (la.kind == 25 || la.kind == 46 || la.kind == 48) {
Suffix(ref e);
}
} else if (StartOf(27)) {
ConstAtomExpression(out e, false, false);
Suffix(ref e);
- while (la.kind == 25 || la.kind == 41 || la.kind == 43) {
+ while (la.kind == 25 || la.kind == 46 || la.kind == 48) {
Suffix(ref e);
}
- } else SynErr(194);
+ } else SynErr(196);
}
void Expressions(List<Expression> args) {
@@ -2741,7 +2806,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Expression e;
List<Statement> body;
- Expect(39);
+ Expect(44);
while (la.kind == 31) {
Get();
x = t;
@@ -2753,33 +2818,33 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo }
alternatives.Add(new GuardedAlternative(x, e, body));
}
- Expect(40);
+ Expect(45);
endTok = t;
}
void Guard(out Expression e) {
Expression/*!*/ ee; e = null;
- if (la.kind == 50) {
+ if (la.kind == 55) {
Get();
e = null;
} else if (IsParenStar()) {
- Expect(43);
- Expect(50);
- Expect(44);
+ Expect(48);
+ Expect(55);
+ Expect(49);
e = null;
} else if (StartOf(7)) {
Expression(out ee, true, true);
e = ee;
- } else SynErr(195);
+ } else SynErr(197);
}
void LoopSpec(List<MaybeFreeExpression> invariants, List<Expression> decreases, ref List<FrameExpression> mod, ref Attributes decAttrs, ref Attributes modAttrs) {
Expression e; FrameExpression fe;
bool isFree = false; Attributes attrs = null;
- if (la.kind == 35 || la.kind == 81) {
- while (!(la.kind == 0 || la.kind == 35 || la.kind == 81)) {SynErr(196); Get();}
- if (la.kind == 81) {
+ if (la.kind == 35 || la.kind == 85) {
+ while (!(la.kind == 0 || la.kind == 35 || la.kind == 85)) {SynErr(198); Get();}
+ if (la.kind == 85) {
Get();
isFree = true; errors.Warning(t, "the 'free' keyword is soon to be deprecated");
}
@@ -2791,15 +2856,15 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo invariants.Add(new MaybeFreeExpression(e, isFree, attrs));
OldSemi();
} else if (la.kind == 34) {
- while (!(la.kind == 0 || la.kind == 34)) {SynErr(197); Get();}
+ while (!(la.kind == 0 || la.kind == 34)) {SynErr(199); Get();}
Get();
while (IsAttribute()) {
Attribute(ref decAttrs);
}
DecreasesList(decreases, true, true);
OldSemi();
- } else if (la.kind == 36) {
- while (!(la.kind == 0 || la.kind == 36)) {SynErr(198); Get();}
+ } else if (la.kind == 41) {
+ while (!(la.kind == 0 || la.kind == 41)) {SynErr(200); Get();}
Get();
mod = mod ?? new List<FrameExpression>();
while (IsAttribute()) {
@@ -2813,37 +2878,101 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo mod.Add(fe);
}
OldSemi();
- } else SynErr(199);
+ } else SynErr(201);
}
void CaseStatement(out MatchCaseStmt/*!*/ c) {
Contract.Ensures(Contract.ValueAtReturn(out c) != null);
IToken/*!*/ x, id;
- List<BoundVar/*!*/> arguments = new List<BoundVar/*!*/>();
- BoundVar/*!*/ bv;
+ List<CasePattern/*!*/> arguments = new List<CasePattern/*!*/>();
+ CasePattern/*!*/ pat;
List<Statement/*!*/> body = new List<Statement/*!*/>();
+ string/*!*/ name = "";
Expect(31);
x = t;
- Ident(out id);
- if (la.kind == 43) {
+ if (la.kind == 1) {
+ Ident(out id);
+ name = id.val;
+ if (la.kind == 48) {
+ Get();
+ CasePattern(out pat);
+ arguments.Add(pat);
+ while (la.kind == 21) {
+ Get();
+ CasePattern(out pat);
+ arguments.Add(pat);
+ }
+ Expect(49);
+ }
+ } else if (la.kind == 48) {
Get();
- IdentTypeOptional(out bv);
- arguments.Add(bv);
+ CasePattern(out pat);
+ arguments.Add(pat);
while (la.kind == 21) {
Get();
- IdentTypeOptional(out bv);
- arguments.Add(bv);
+ CasePattern(out pat);
+ arguments.Add(pat);
}
- Expect(44);
- }
+ Expect(49);
+ } else SynErr(202);
Expect(27);
- while (!(StartOf(28))) {SynErr(200); Get();}
+ while (!(StartOf(28))) {SynErr(203); Get();}
while (IsNotEndOfCase()) {
Stmt(body);
- while (!(StartOf(28))) {SynErr(201); Get();}
+ while (!(StartOf(28))) {SynErr(204); Get();}
+ }
+ c = new MatchCaseStmt(x, name, arguments, body);
+ }
+
+ void CasePattern(out CasePattern pat) {
+ IToken id; List<CasePattern> arguments;
+ BoundVar bv;
+ pat = null;
+
+ if (IsIdentParen()) {
+ Ident(out id);
+ Expect(48);
+ arguments = new List<CasePattern>();
+ if (la.kind == 1 || la.kind == 48) {
+ CasePattern(out pat);
+ arguments.Add(pat);
+ while (la.kind == 21) {
+ Get();
+ CasePattern(out pat);
+ arguments.Add(pat);
+ }
+ }
+ Expect(49);
+ pat = new CasePattern(id, id.val, arguments);
+ } else if (la.kind == 48) {
+ Get();
+ id = t;
+ arguments = new List<CasePattern>();
+
+ if (la.kind == 1 || la.kind == 48) {
+ CasePattern(out pat);
+ arguments.Add(pat);
+ while (la.kind == 21) {
+ Get();
+ CasePattern(out pat);
+ arguments.Add(pat);
+ }
+ }
+ Expect(49);
+ theBuiltIns.TupleType(id, arguments.Count, true); // make sure the tuple type exists
+ string ctor = BuiltIns.TupleTypeCtorName; //use the TupleTypeCtors
+ pat = new CasePattern(id, ctor, arguments);
+
+ } else if (la.kind == 1) {
+ IdentTypeOptional(out bv);
+ pat = new CasePattern(bv.tok, bv);
+
+ } else SynErr(205);
+ if (pat == null) {
+ pat = new CasePattern(t, "_ParseError", new List<CasePattern>());
}
- c = new MatchCaseStmt(x, id.val, arguments, body);
+
}
void QuantifierDomain(out List<BoundVar> bvars, out Attributes attrs, out Expression range) {
@@ -2874,73 +3003,73 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo x = null;
switch (la.kind) {
- case 47: {
+ case 52: {
Get();
x = t; binOp = BinaryExpr.Opcode.Eq;
- if (la.kind == 103) {
+ if (la.kind == 104) {
Get();
- Expect(41);
+ Expect(46);
Expression(out k, true, true);
- Expect(42);
+ Expect(47);
}
break;
}
- case 45: {
+ case 50: {
Get();
x = t; binOp = BinaryExpr.Opcode.Lt;
break;
}
- case 46: {
+ case 51: {
Get();
x = t; binOp = BinaryExpr.Opcode.Gt;
break;
}
- case 104: {
+ case 105: {
Get();
x = t; binOp = BinaryExpr.Opcode.Le;
break;
}
- case 105: {
+ case 106: {
Get();
x = t; binOp = BinaryExpr.Opcode.Ge;
break;
}
- case 48: {
+ case 53: {
Get();
x = t; binOp = BinaryExpr.Opcode.Neq;
break;
}
- case 49: {
+ case 54: {
Get();
x = t; binOp = BinaryExpr.Opcode.Neq;
break;
}
- case 106: {
+ case 107: {
Get();
x = t; binOp = BinaryExpr.Opcode.Le;
break;
}
- case 107: {
+ case 108: {
Get();
x = t; binOp = BinaryExpr.Opcode.Ge;
break;
}
- case 108: case 109: {
+ case 109: case 110: {
EquivOp();
x = t; binOp = BinaryExpr.Opcode.Iff;
break;
}
- case 110: case 111: {
+ case 111: case 112: {
ImpliesOp();
x = t; binOp = BinaryExpr.Opcode.Imp;
break;
}
- case 112: case 113: {
+ case 113: case 114: {
ExpliesOp();
x = t; binOp = BinaryExpr.Opcode.Exp;
break;
}
- default: SynErr(202); break;
+ default: SynErr(206); break;
}
if (k == null) {
op = new Microsoft.Dafny.CalcStmt.BinaryCalcOp(binOp);
@@ -2951,67 +3080,67 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo }
void EquivOp() {
- if (la.kind == 108) {
+ if (la.kind == 109) {
Get();
- } else if (la.kind == 109) {
+ } else if (la.kind == 110) {
Get();
- } else SynErr(203);
+ } else SynErr(207);
}
void ImpliesOp() {
- if (la.kind == 110) {
+ if (la.kind == 111) {
Get();
- } else if (la.kind == 111) {
+ } else if (la.kind == 112) {
Get();
- } else SynErr(204);
+ } else SynErr(208);
}
void ExpliesOp() {
- if (la.kind == 112) {
+ if (la.kind == 113) {
Get();
- } else if (la.kind == 113) {
+ } else if (la.kind == 114) {
Get();
- } else SynErr(205);
+ } else SynErr(209);
}
void AndOp() {
- if (la.kind == 114) {
+ if (la.kind == 115) {
Get();
- } else if (la.kind == 115) {
+ } else if (la.kind == 116) {
Get();
- } else SynErr(206);
+ } else SynErr(210);
}
void OrOp() {
- if (la.kind == 116) {
+ if (la.kind == 117) {
Get();
- } else if (la.kind == 117) {
+ } else if (la.kind == 118) {
Get();
- } else SynErr(207);
+ } else SynErr(211);
}
void NegOp() {
- if (la.kind == 118) {
+ if (la.kind == 119) {
Get();
- } else if (la.kind == 119) {
+ } else if (la.kind == 120) {
Get();
- } else SynErr(208);
+ } else SynErr(212);
}
void Forall() {
- if (la.kind == 100) {
+ if (la.kind == 101) {
Get();
- } else if (la.kind == 120) {
+ } else if (la.kind == 121) {
Get();
- } else SynErr(209);
+ } else SynErr(213);
}
void Exists() {
- if (la.kind == 121) {
+ if (la.kind == 122) {
Get();
- } else if (la.kind == 122) {
+ } else if (la.kind == 123) {
Get();
- } else SynErr(210);
+ } else SynErr(214);
}
void QSep() {
@@ -3019,7 +3148,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Get();
} else if (la.kind == 24) {
Get();
- } else SynErr(211);
+ } else SynErr(215);
}
void EquivExpression(out Expression e0, bool allowSemi, bool allowLambda) {
@@ -3037,12 +3166,12 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Contract.Ensures(Contract.ValueAtReturn(out e0) != null); IToken/*!*/ x; Expression/*!*/ e1;
LogicalExpression(out e0, allowSemi, allowLambda);
if (IsImpliesOp() || IsExpliesOp()) {
- if (la.kind == 110 || la.kind == 111) {
+ if (la.kind == 111 || la.kind == 112) {
ImpliesOp();
x = t;
ImpliesExpression(out e1, allowSemi, allowLambda);
e0 = new BinaryExpr(x, BinaryExpr.Opcode.Imp, e0, e1);
- } else if (la.kind == 112 || la.kind == 113) {
+ } else if (la.kind == 113 || la.kind == 114) {
ExpliesOp();
x = t;
LogicalExpression(out e1, allowSemi, allowLambda);
@@ -3053,7 +3182,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo LogicalExpression(out e1, allowSemi, allowLambda);
e0 = new BinaryExpr(x, BinaryExpr.Opcode.Exp, e0, e1);
}
- } else SynErr(212);
+ } else SynErr(216);
}
}
@@ -3061,7 +3190,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Contract.Ensures(Contract.ValueAtReturn(out e0) != null); IToken/*!*/ x; Expression/*!*/ e1;
RelationalExpression(out e0, allowSemi, allowLambda);
if (IsAndOp() || IsOrOp()) {
- if (la.kind == 114 || la.kind == 115) {
+ if (la.kind == 115 || la.kind == 116) {
AndOp();
x = t;
RelationalExpression(out e1, allowSemi, allowLambda);
@@ -3072,7 +3201,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo RelationalExpression(out e1, allowSemi, allowLambda);
e0 = new BinaryExpr(x, BinaryExpr.Opcode.And, e0, e1);
}
- } else if (la.kind == 116 || la.kind == 117) {
+ } else if (la.kind == 117 || la.kind == 118) {
OrOp();
x = t;
RelationalExpression(out e1, allowSemi, allowLambda);
@@ -3083,7 +3212,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo RelationalExpression(out e1, allowSemi, allowLambda);
e0 = new BinaryExpr(x, BinaryExpr.Opcode.Or, e0, e1);
}
- } else SynErr(213);
+ } else SynErr(217);
}
}
@@ -3216,63 +3345,63 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo k = null;
switch (la.kind) {
- case 47: {
+ case 52: {
Get();
x = t; op = BinaryExpr.Opcode.Eq;
- if (la.kind == 103) {
+ if (la.kind == 104) {
Get();
- Expect(41);
+ Expect(46);
Expression(out k, true, true);
- Expect(42);
+ Expect(47);
}
break;
}
- case 45: {
+ case 50: {
Get();
x = t; op = BinaryExpr.Opcode.Lt;
break;
}
- case 46: {
+ case 51: {
Get();
x = t; op = BinaryExpr.Opcode.Gt;
break;
}
- case 104: {
+ case 105: {
Get();
x = t; op = BinaryExpr.Opcode.Le;
break;
}
- case 105: {
+ case 106: {
Get();
x = t; op = BinaryExpr.Opcode.Ge;
break;
}
- case 48: {
+ case 53: {
Get();
x = t; op = BinaryExpr.Opcode.Neq;
- if (la.kind == 103) {
+ if (la.kind == 104) {
Get();
- Expect(41);
+ Expect(46);
Expression(out k, true, true);
- Expect(42);
+ Expect(47);
}
break;
}
- case 123: {
+ case 124: {
Get();
x = t; op = BinaryExpr.Opcode.In;
break;
}
- case 51: {
+ case 56: {
Get();
x = t; op = BinaryExpr.Opcode.NotIn;
break;
}
- case 118: {
+ case 119: {
Get();
x = t; y = Token.NoToken;
if (la.val == "!") {
- Expect(118);
+ Expect(119);
y = t;
}
if (y == Token.NoToken) {
@@ -3286,22 +3415,22 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo break;
}
- case 49: {
+ case 54: {
Get();
x = t; op = BinaryExpr.Opcode.Neq;
break;
}
- case 106: {
+ case 107: {
Get();
x = t; op = BinaryExpr.Opcode.Le;
break;
}
- case 107: {
+ case 108: {
Get();
x = t; op = BinaryExpr.Opcode.Ge;
break;
}
- default: SynErr(214); break;
+ default: SynErr(218); break;
}
}
@@ -3317,23 +3446,23 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo void AddOp(out IToken x, out BinaryExpr.Opcode op) {
Contract.Ensures(Contract.ValueAtReturn(out x) != null); x = Token.NoToken; op=BinaryExpr.Opcode.Add/*(dummy)*/;
- if (la.kind == 124) {
+ if (la.kind == 125) {
Get();
x = t; op = BinaryExpr.Opcode.Add;
- } else if (la.kind == 125) {
+ } else if (la.kind == 126) {
Get();
x = t; op = BinaryExpr.Opcode.Sub;
- } else SynErr(215);
+ } else SynErr(219);
}
void UnaryExpression(out Expression e, bool allowSemi, bool allowLambda) {
Contract.Ensures(Contract.ValueAtReturn(out e) != null); IToken/*!*/ x; e = dummyExpr;
- if (la.kind == 125) {
+ if (la.kind == 126) {
Get();
x = t;
UnaryExpression(out e, allowSemi, allowLambda);
e = new NegationExpression(x, e);
- } else if (la.kind == 118 || la.kind == 119) {
+ } else if (la.kind == 119 || la.kind == 120) {
NegOp();
x = t;
UnaryExpression(out e, allowSemi, allowLambda);
@@ -3361,7 +3490,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo while (IsSuffix()) {
Suffix(ref e);
}
- } else if (la.kind == 39 || la.kind == 41) {
+ } else if (la.kind == 44 || la.kind == 46) {
DisplayExpr(out e);
while (IsSuffix()) {
Suffix(ref e);
@@ -3376,21 +3505,21 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo while (IsSuffix()) {
Suffix(ref e);
}
- } else SynErr(216);
+ } else SynErr(220);
}
void MulOp(out IToken x, out BinaryExpr.Opcode op) {
Contract.Ensures(Contract.ValueAtReturn(out x) != null); x = Token.NoToken; op = BinaryExpr.Opcode.Add/*(dummy)*/;
- if (la.kind == 50) {
+ if (la.kind == 55) {
Get();
x = t; op = BinaryExpr.Opcode.Mul;
- } else if (la.kind == 126) {
+ } else if (la.kind == 127) {
Get();
x = t; op = BinaryExpr.Opcode.Div;
- } else if (la.kind == 127) {
+ } else if (la.kind == 128) {
Get();
x = t; op = BinaryExpr.Opcode.Mod;
- } else SynErr(217);
+ } else SynErr(221);
}
void MapDisplayExpr(IToken/*!*/ mapToken, bool finite, out Expression e) {
@@ -3398,12 +3527,12 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo List<ExpressionPair/*!*/>/*!*/ elements= new List<ExpressionPair/*!*/>() ;
e = dummyExpr;
- Expect(41);
+ Expect(46);
if (StartOf(7)) {
MapLiteralExpressions(out elements);
}
e = new MapDisplayExpr(mapToken, finite, elements);
- Expect(42);
+ Expect(47);
}
void Suffix(ref Expression e) {
@@ -3425,29 +3554,29 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo if (IsGenericInstantiation()) {
typeArgs = new List<Type>();
GenericInstantiation(typeArgs);
- } else if (la.kind == 103) {
+ } else if (la.kind == 104) {
HashCall(id, out openParen, out typeArgs, out args);
} else if (StartOf(30)) {
- } else SynErr(218);
+ } else SynErr(222);
e = new ExprDotName(id, e, id.val, typeArgs);
if (openParen != null) {
e = new ApplySuffix(openParen, e, args);
}
- } else if (la.kind == 41) {
+ } else if (la.kind == 46) {
Get();
x = t;
if (StartOf(7)) {
Expression(out ee, true, true);
e0 = ee;
- if (la.kind == 134) {
+ if (la.kind == 135) {
Get();
anyDots = true;
if (StartOf(7)) {
Expression(out ee, true, true);
e1 = ee;
}
- } else if (la.kind == 91) {
+ } else if (la.kind == 92) {
Get();
Expression(out ee, true, true);
e1 = ee;
@@ -3470,7 +3599,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo takeRest = true;
}
}
- } else if (la.kind == 21 || la.kind == 42) {
+ } else if (la.kind == 21 || la.kind == 47) {
while (la.kind == 21) {
Get();
Expression(out ee, true, true);
@@ -3481,15 +3610,15 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo multipleIndices.Add(ee);
}
- } else SynErr(219);
- } else if (la.kind == 134) {
+ } else SynErr(223);
+ } else if (la.kind == 135) {
Get();
anyDots = true;
if (StartOf(7)) {
Expression(out ee, true, true);
e1 = ee;
}
- } else SynErr(220);
+ } else SynErr(224);
if (multipleIndices != null) {
e = new MultiSelectExpr(x, e, multipleIndices);
// make sure an array class with this dimensionality exists
@@ -3524,16 +3653,16 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo }
}
- Expect(42);
- } else if (la.kind == 43) {
+ Expect(47);
+ } else if (la.kind == 48) {
Get();
IToken openParen = t; var args = new List<Expression>();
if (StartOf(7)) {
Expressions(args);
}
- Expect(44);
+ Expect(49);
e = new ApplySuffix(openParen, e, args);
- } else SynErr(221);
+ } else SynErr(225);
}
void LambdaExpression(out Expression e, bool allowSemi) {
@@ -3549,7 +3678,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo if (la.kind == 1) {
WildIdent(out id, true);
x = t; bvs.Add(new BoundVar(id, id.val, new InferredTypeProxy()));
- } else if (la.kind == 43) {
+ } else if (la.kind == 48) {
Get();
x = t;
if (la.kind == 1) {
@@ -3561,10 +3690,10 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo bvs.Add(bv);
}
}
- Expect(44);
- } else SynErr(222);
- while (la.kind == 37 || la.kind == 38) {
- if (la.kind == 37) {
+ Expect(49);
+ } else SynErr(226);
+ while (la.kind == 42 || la.kind == 43) {
+ if (la.kind == 42) {
Get();
PossiblyWildFrameExpression(out fe, true);
reads.Add(fe);
@@ -3588,7 +3717,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo e = dummyExpr;
switch (la.kind) {
- case 95: {
+ case 96: {
Get();
x = t;
Expression(out e, true, true);
@@ -3599,11 +3728,11 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo e = new ITEExpr(x, e, e0, e1);
break;
}
- case 97: {
+ case 98: {
MatchExpression(out e, allowSemi, allowLambda);
break;
}
- case 100: case 120: case 121: case 122: {
+ case 101: case 121: case 122: case 123: {
QuantifierGuts(out e, allowSemi, allowLambda);
break;
}
@@ -3611,13 +3740,13 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo SetComprehensionExpr(out e, allowSemi, allowLambda);
break;
}
- case 29: case 30: case 98: {
+ case 29: case 30: case 99: {
StmtInExpr(out s);
Expression(out e, allowSemi, allowLambda);
e = new StmtExpr(s.Tok, s, e);
break;
}
- case 65: case 70: {
+ case 70: case 75: {
LetExpr(out e, allowSemi, allowLambda);
break;
}
@@ -3633,11 +3762,11 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo MapComprehensionExpr(x, false, out e, allowSemi, allowLambda);
break;
}
- case 88: {
+ case 89: {
NamedExpr(out e, allowSemi, allowLambda);
break;
}
- default: SynErr(223); break;
+ default: SynErr(227); break;
}
}
@@ -3649,10 +3778,10 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo if (IsGenericInstantiation()) {
typeArgs = new List<Type>();
GenericInstantiation(typeArgs);
- } else if (la.kind == 103) {
+ } else if (la.kind == 104) {
HashCall(id, out openParen, out typeArgs, out args);
} else if (StartOf(30)) {
- } else SynErr(224);
+ } else SynErr(228);
e = new NameSegment(id, id.val, typeArgs);
if (openParen != null) {
e = new ApplySuffix(openParen, e, args);
@@ -3665,23 +3794,23 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo IToken x; List<Expression> elements;
e = dummyExpr;
- if (la.kind == 39) {
+ if (la.kind == 44) {
Get();
x = t; elements = new List<Expression/*!*/>();
if (StartOf(7)) {
Expressions(elements);
}
e = new SetDisplayExpr(x, elements);
- Expect(40);
- } else if (la.kind == 41) {
+ Expect(45);
+ } else if (la.kind == 46) {
Get();
x = t; elements = new List<Expression/*!*/>();
if (StartOf(7)) {
Expressions(elements);
}
e = new SeqDisplayExpr(x, elements);
- Expect(42);
- } else SynErr(225);
+ Expect(47);
+ } else SynErr(229);
}
void MultiSetExpr(out Expression e) {
@@ -3691,21 +3820,21 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Expect(14);
x = t;
- if (la.kind == 39) {
+ if (la.kind == 44) {
Get();
elements = new List<Expression/*!*/>();
if (StartOf(7)) {
Expressions(elements);
}
e = new MultiSetDisplayExpr(x, elements);
- Expect(40);
- } else if (la.kind == 43) {
+ Expect(45);
+ } else if (la.kind == 48) {
Get();
x = t; elements = new List<Expression/*!*/>();
Expression(out e, true, true);
e = new MultiSetFormingExpr(x, e);
- Expect(44);
- } else SynErr(226);
+ Expect(49);
+ } else SynErr(230);
}
void ConstAtomExpression(out Expression e, bool allowSemi, bool allowLambda) {
@@ -3714,17 +3843,17 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo e = dummyExpr; Type toType = null;
switch (la.kind) {
- case 128: {
+ case 129: {
Get();
e = new LiteralExpr(t, false);
break;
}
- case 129: {
+ case 130: {
Get();
e = new LiteralExpr(t, true);
break;
}
- case 130: {
+ case 131: {
Get();
e = new LiteralExpr(t);
break;
@@ -3752,26 +3881,26 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo break;
}
- case 131: {
+ case 132: {
Get();
e = new ThisExpr(t);
break;
}
- case 132: {
+ case 133: {
Get();
x = t;
- Expect(43);
+ Expect(48);
Expression(out e, true, true);
- Expect(44);
+ Expect(49);
e = new UnaryOpExpr(x, UnaryOpExpr.Opcode.Fresh, e);
break;
}
- case 133: {
+ case 134: {
Get();
x = t;
- Expect(43);
+ Expect(48);
Expression(out e, true, true);
- Expect(44);
+ Expect(49);
e = new OldExpr(x, e);
break;
}
@@ -3791,17 +3920,17 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Get();
x = t; toType = new RealType();
}
- Expect(43);
+ Expect(48);
Expression(out e, true, true);
- Expect(44);
+ Expect(49);
e = new ConversionExpr(x, e, toType);
break;
}
- case 43: {
+ case 48: {
ParensExpression(out e, allowSemi, allowLambda);
break;
}
- default: SynErr(227); break;
+ default: SynErr(231); break;
}
}
@@ -3830,7 +3959,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo n = BigInteger.Zero;
}
- } else SynErr(228);
+ } else SynErr(232);
}
void Dec(out Basetypes.BigDec d) {
@@ -3850,12 +3979,12 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo IToken x;
var args = new List<Expression>();
- Expect(43);
+ Expect(48);
x = t;
if (StartOf(7)) {
Expressions(args);
}
- Expect(44);
+ Expect(49);
if (args.Count == 1) {
e = new ParensExpression(x, args[0]);
} else {
@@ -3874,20 +4003,20 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo } else if (la.kind == 28) {
Get();
oneShot = true;
- } else SynErr(229);
+ } else SynErr(233);
}
void MapLiteralExpressions(out List<ExpressionPair> elements) {
Expression/*!*/ d, r;
elements = new List<ExpressionPair/*!*/>();
Expression(out d, true, true);
- Expect(91);
+ Expect(92);
Expression(out r, true, true);
elements.Add(new ExpressionPair(d,r));
while (la.kind == 21) {
Get();
Expression(out d, true, true);
- Expect(91);
+ Expect(92);
Expression(out r, true, true);
elements.Add(new ExpressionPair(d,r));
}
@@ -3903,7 +4032,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo IdentTypeOptional(out bv);
bvars.Add(bv);
- while (la.kind == 39) {
+ while (la.kind == 44) {
Attribute(ref attrs);
}
if (la.kind == 22) {
@@ -3921,23 +4050,23 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo List<MatchCaseExpr/*!*/> cases = new List<MatchCaseExpr/*!*/>();
bool usesOptionalBrace = false;
- Expect(97);
+ Expect(98);
x = t;
Expression(out e, allowSemi, allowLambda);
if (la.kind == _lbrace) {
- Expect(39);
+ Expect(44);
usesOptionalBrace = true;
while (la.kind == 31) {
CaseExpression(out c, true, true);
cases.Add(c);
}
- Expect(40);
+ Expect(45);
} else if (StartOf(31)) {
while (la.kind == _case) {
CaseExpression(out c, allowSemi, allowLambda);
cases.Add(c);
}
- } else SynErr(230);
+ } else SynErr(234);
e = new MatchExpr(x, e, cases, usesOptionalBrace);
}
@@ -3949,13 +4078,13 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Expression range;
Expression/*!*/ body;
- if (la.kind == 100 || la.kind == 120) {
+ if (la.kind == 101 || la.kind == 121) {
Forall();
x = t; univ = true;
- } else if (la.kind == 121 || la.kind == 122) {
+ } else if (la.kind == 122 || la.kind == 123) {
Exists();
x = t;
- } else SynErr(231);
+ } else SynErr(235);
QuantifierDomain(out bvars, out attrs, out range);
QSep();
Expression(out body, allowSemi, allowLambda);
@@ -3985,7 +4114,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo IdentTypeOptional(out bv);
bvars.Add(bv);
}
- while (la.kind == 39) {
+ while (la.kind == 44) {
Attribute(ref attrs);
}
Expect(22);
@@ -4001,13 +4130,13 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo void StmtInExpr(out Statement s) {
s = dummyStmt;
- if (la.kind == 98) {
+ if (la.kind == 99) {
AssertStmt(out s);
} else if (la.kind == 29) {
AssumeStmt(out s);
} else if (la.kind == 30) {
CalcStmt(out s);
- } else SynErr(232);
+ } else SynErr(236);
}
void LetExpr(out Expression e, bool allowSemi, bool allowLambda) {
@@ -4020,11 +4149,11 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Attributes attrs = null;
e = dummyExpr;
- if (la.kind == 65) {
+ if (la.kind == 70) {
Get();
isGhost = true; x = t;
}
- Expect(70);
+ Expect(75);
if (!isGhost) { x = t; }
CasePattern(out pat);
if (isGhost) { pat.Vars.Iter(bv => bv.IsGhost = true); }
@@ -4037,13 +4166,13 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo letLHSs.Add(pat);
}
- if (la.kind == 91) {
+ if (la.kind == 92) {
Get();
- } else if (la.kind == 39 || la.kind == 93) {
- while (la.kind == 39) {
+ } else if (la.kind == 44 || la.kind == 94) {
+ while (la.kind == 44) {
Attribute(ref attrs);
}
- Expect(93);
+ Expect(94);
exact = false;
foreach (var lhs in letLHSs) {
if (lhs.Arguments != null) {
@@ -4051,7 +4180,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo }
}
- } else SynErr(233);
+ } else SynErr(237);
Expression(out e, false, true);
letRHSs.Add(e);
while (la.kind == 21) {
@@ -4069,7 +4198,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo e = dummyExpr;
Expression expr;
- Expect(88);
+ Expect(89);
x = t;
NoUSIdent(out d);
Expect(20);
@@ -4078,16 +4207,20 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo e = new NamedExpr(x, d.val, expr);
}
- void CasePattern(out CasePattern pat) {
- IToken id; List<CasePattern> arguments;
- BoundVar bv;
- pat = null;
+ void CaseExpression(out MatchCaseExpr c, bool allowSemi, bool allowLambda) {
+ Contract.Ensures(Contract.ValueAtReturn(out c) != null); IToken/*!*/ x, id;
+ List<CasePattern/*!*/> arguments = new List<CasePattern/*!*/>();
+ CasePattern/*!*/ pat;
+ Expression/*!*/ body;
+ string/*!*/ name = "";
- if (IsIdentParen()) {
+ Expect(31);
+ x = t;
+ if (la.kind == 1) {
Ident(out id);
- Expect(43);
- arguments = new List<CasePattern>();
- if (la.kind == 1) {
+ name = id.val;
+ if (la.kind == 48) {
+ Get();
CasePattern(out pat);
arguments.Add(pat);
while (la.kind == 21) {
@@ -4095,63 +4228,42 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo CasePattern(out pat);
arguments.Add(pat);
}
+ Expect(49);
}
- Expect(44);
- pat = new CasePattern(id, id.val, arguments);
- } else if (la.kind == 1) {
- IdentTypeOptional(out bv);
- pat = new CasePattern(bv.tok, bv);
-
- } else SynErr(234);
- if (pat == null) {
- pat = new CasePattern(t, "_ParseError", new List<CasePattern>());
- }
-
- }
-
- void CaseExpression(out MatchCaseExpr c, bool allowSemi, bool allowLambda) {
- Contract.Ensures(Contract.ValueAtReturn(out c) != null); IToken/*!*/ x, id;
- List<BoundVar/*!*/> arguments = new List<BoundVar/*!*/>();
- BoundVar/*!*/ bv;
- Expression/*!*/ body;
-
- Expect(31);
- x = t;
- Ident(out id);
- if (la.kind == 43) {
+ } else if (la.kind == 48) {
Get();
- IdentTypeOptional(out bv);
- arguments.Add(bv);
+ CasePattern(out pat);
+ arguments.Add(pat);
while (la.kind == 21) {
Get();
- IdentTypeOptional(out bv);
- arguments.Add(bv);
+ CasePattern(out pat);
+ arguments.Add(pat);
}
- Expect(44);
- }
+ Expect(49);
+ } else SynErr(238);
Expect(27);
Expression(out body, allowSemi, allowLambda);
- c = new MatchCaseExpr(x, id.val, arguments, body);
+ c = new MatchCaseExpr(x, name, arguments, body);
}
void HashCall(IToken id, out IToken openParen, out List<Type> typeArgs, out List<Expression> args) {
Expression k; args = new List<Expression>(); typeArgs = null;
- Expect(103);
+ Expect(104);
id.val = id.val + "#";
- if (la.kind == 45) {
+ if (la.kind == 50) {
typeArgs = new List<Type>();
GenericInstantiation(typeArgs);
}
- Expect(41);
+ Expect(46);
Expression(out k, true, true);
- Expect(42);
+ Expect(47);
args.Add(k);
- Expect(43);
+ Expect(48);
openParen = t;
if (StartOf(7)) {
Expressions(args);
}
- Expect(44);
+ Expect(49);
}
void DotSuffix(out IToken x, out IToken y) {
@@ -4187,13 +4299,13 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo }
}
- } else if (la.kind == 38) {
+ } else if (la.kind == 43) {
Get();
x = t;
- } else if (la.kind == 37) {
+ } else if (la.kind == 42) {
Get();
x = t;
- } else SynErr(235);
+ } else SynErr(239);
}
@@ -4209,38 +4321,38 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo }
static readonly bool[,]/*!*/ set = {
- {_T,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_x,_T,_x, _x,_x,_T,_x, _x,_T,_T,_T, _x,_x,_T,_T, _T,_T,_T,_T, _T,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _T,_T,_x,_x, _T,_T,_T,_x, _x,_T,_x,_x, _T,_T,_T,_T, _T,_T,_T,_T, _x,_x,_x,_x, _T,_T,_x,_x, _T,_x,_x,_T, _T,_T,_T,_T, _T,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_T,_T,_T, _T,_T,_x,_x, _x},
- {_x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_T,_x,_x, _x,_x,_T,_x, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_x,_x, _T,_T,_T,_T, _T,_x,_x,_x, _T,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x},
- {_x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _T,_T,_T,_T, _T,_x,_x,_x, _T,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x},
- {_x,_T,_x,_x, _x,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x},
- {_T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_x,_x, _x,_T,_x,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_T,_x,_T, _x,_x,_T,_x, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_x,_x, _T,_T,_T,_T, _T,_x,_x,_x, _T,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x},
- {_x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _T,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x},
- {_x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_T,_T,_T, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x},
- {_x,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_T,_T,_x, _T,_T,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_T, _x,_T,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_x,_x, _x,_x,_x,_T, _x,_T,_T,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_T, _T,_T,_T,_x, _x,_T,_x,_x, _T,_T,_T,_T, _T,_T,_x,_x, _x},
- {_T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_T,_T,_T, _T,_x,_x,_T, _x,_T,_x,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_T,_x,_x, _x,_x,_T,_x, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_x,_x, _T,_T,_T,_T, _T,_x,_T,_x, _T,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x},
- {_x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x},
- {_T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_T,_T,_T, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x},
- {_x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x},
- {_x,_T,_T,_x, _x,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x},
- {_T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _T,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x},
- {_x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x},
- {_x,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_T, _x,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_T, _x,_x,_x,_x, _T,_T,_x,_x, _T,_x,_x,_T, _T,_T,_T,_T, _T,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_T,_T,_T, _T,_T,_x,_x, _x},
- {_T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x},
- {_T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x},
- {_x,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_T,_T,_x, _T,_T,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_T, _x,_T,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_T, _T,_x,_x,_x, _x,_x,_x,_T, _x,_T,_T,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_T, _T,_T,_T,_x, _x,_T,_x,_x, _T,_T,_T,_T, _T,_T,_x,_x, _x},
- {_T,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_T, _x,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_T, _x,_x,_x,_x, _T,_T,_x,_x, _T,_x,_x,_T, _T,_T,_T,_T, _T,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_T,_T,_T, _T,_T,_x,_x, _x},
- {_x,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_T,_T,_x, _T,_T,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_T, _x,_T,_x,_T, _x,_x,_x,_x, _x,_x,_T,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_x,_x, _x,_x,_x,_T, _x,_T,_T,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_T, _T,_T,_T,_x, _x,_T,_x,_x, _T,_T,_T,_T, _T,_T,_x,_x, _x},
- {_x,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_T,_T,_x, _T,_T,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_T, _x,_T,_x,_T, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_x,_x, _x,_x,_x,_T, _x,_T,_T,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_T, _T,_T,_T,_x, _x,_T,_x,_x, _T,_T,_T,_T, _T,_T,_x,_x, _x},
- {_x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_T, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x},
- {_x,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_T, _x,_x,_x,_x, _x,_x,_x,_T, _T,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_T, _x,_x,_x,_x, _T,_T,_x,_x, _T,_x,_x,_T, _T,_T,_T,_T, _T,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_T,_T,_T, _T,_T,_x,_x, _x},
- {_x,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_T, _x,_x,_x,_x, _x,_x,_x,_T, _T,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_T, _x,_x,_x,_x, _T,_T,_x,_x, _T,_x,_x,_T, _T,_T,_T,_T, _T,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_T,_T,_T, _T,_T,_x,_x, _x},
- {_x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_T, _T,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x},
- {_x,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_T,_T,_x, _T,_T,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_T, _x,_T,_x,_T, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_x,_x, _x,_x,_T,_T, _x,_T,_T,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_T, _T,_T,_T,_x, _x,_T,_x,_x, _T,_T,_T,_T, _T,_T,_x,_x, _x},
- {_x,_x,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_T,_T,_T, _T,_T,_x,_x, _x},
- {_T,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_T, _x,_x,_x,_x, _x,_x,_x,_T, _T,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_T, _x,_x,_x,_x, _T,_T,_x,_x, _T,_x,_x,_T, _T,_T,_T,_T, _T,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_T,_T,_T, _T,_T,_x,_x, _x},
- {_x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _T,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_x,_x, _x,_x,_x,_T, _x,_T,_T,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x},
- {_T,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_x,_T,_T, _x,_T,_x,_x, _x,_x,_T,_x, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_x,_x, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_x,_T, _T,_T,_x,_T, _T,_T,_T,_T, _T,_T,_T,_x, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_x, _x,_x,_x,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_x, _x},
- {_T,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_T,_T, _T,_T,_T,_T, _T,_x,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_x,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_x,_T,_T, _x,_T,_x,_x, _x,_x,_T,_x, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_x,_x, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_x,_T, _T,_x,_x,_T, _T,_T,_T,_T, _T,_T,_T,_x, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_x, _x,_x,_x,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_x, _x}
+ {_T,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_x,_T,_x, _x,_x,_T,_x, _x,_T,_T,_T, _x,_x,_T,_T, _x,_x,_T,_T, _x,_T,_T,_T, _T,_T,_x,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_T, _x,_T,_T,_x, _x,_T,_T,_T, _x,_x,_T,_x, _x,_T,_T,_T, _T,_T,_T,_T, _x,_T,_T,_x, _x,_T,_x,_x, _T,_T,_T,_T, _T,_T,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_T, _T,_T,_T,_x, _x,_x},
+ {_x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_T,_T,_T, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_T, _T,_x,_T,_x, _x,_x,_x,_T, _x,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_x, _x,_T,_T,_T, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x},
+ {_x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_T,_T,_T, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_T, _T,_x,_x,_T, _x,_x,_x,_x, _x,_T,_T,_T, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x},
+ {_x,_T,_x,_x, _x,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x},
+ {_T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_T,_T,_T, _T,_x,_x,_x, _x,_T,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_T, _T,_x,_T,_x, _T,_x,_x,_T, _x,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_x, _x,_T,_T,_T, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x},
+ {_x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x},
+ {_x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_T, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x},
+ {_x,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_T,_T,_x, _T,_T,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_T,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_x,_x, _T,_x,_T,_T, _x,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_T, _T,_T,_T,_T, _x,_x,_T,_x, _x,_T,_T,_T, _T,_T,_T,_x, _x,_x},
+ {_T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _T,_T,_T,_T, _T,_x,_T,_T, _T,_T,_x,_x, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_T, _T,_x,_T,_x, _x,_x,_x,_T, _x,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_x, _x,_T,_T,_T, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x},
+ {_x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x},
+ {_T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_T, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x},
+ {_x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x},
+ {_x,_T,_T,_x, _x,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x},
+ {_T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x},
+ {_x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x},
+ {_x,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_x,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_T, _x,_T,_T,_x, _x,_T,_x,_x, _T,_T,_T,_T, _T,_T,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_T, _T,_T,_T,_x, _x,_x},
+ {_T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x},
+ {_T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x},
+ {_x,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_T,_T,_x, _T,_T,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_T,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_T,_x,_x, _x,_x,_x,_x, _T,_x,_T,_T, _x,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_T, _T,_T,_T,_T, _x,_x,_T,_x, _x,_T,_T,_T, _T,_T,_T,_x, _x,_x},
+ {_T,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_x,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_T, _x,_T,_T,_x, _x,_T,_x,_x, _T,_T,_T,_T, _T,_T,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_T, _T,_T,_T,_x, _x,_x},
+ {_x,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_T,_T,_x, _T,_T,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_T,_x, _T,_x,_x,_x, _x,_x,_x,_T, _x,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_x,_x, _T,_x,_T,_T, _x,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_T, _T,_T,_T,_T, _x,_x,_T,_x, _x,_T,_T,_T, _T,_T,_T,_x, _x,_x},
+ {_x,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_T,_T,_x, _T,_T,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_T,_x, _T,_x,_x,_x, _x,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_x,_x, _T,_x,_T,_T, _x,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_T, _T,_T,_T,_T, _x,_x,_T,_x, _x,_T,_T,_T, _T,_T,_T,_x, _x,_x},
+ {_x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x},
+ {_x,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_T,_x,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_T, _x,_T,_T,_x, _x,_T,_x,_x, _T,_T,_T,_T, _T,_T,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_T, _T,_T,_T,_x, _x,_x},
+ {_x,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_T,_x,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_T, _x,_T,_T,_x, _x,_T,_x,_x, _T,_T,_T,_T, _T,_T,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_T, _T,_T,_T,_x, _x,_x},
+ {_x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_T, _T,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x},
+ {_x,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_T,_T,_x, _T,_T,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_T,_x, _T,_x,_x,_x, _x,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_x,_T, _T,_x,_T,_T, _x,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_T, _T,_T,_T,_T, _x,_x,_T,_x, _x,_T,_T,_T, _T,_T,_T,_x, _x,_x},
+ {_x,_x,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_T, _T,_T,_T,_x, _x,_x},
+ {_T,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_T,_T, _x,_x,_T,_x, _x,_x,_x,_x, _x,_T,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _T,_T,_x,_x, _T,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_T, _x,_T,_T,_x, _x,_T,_x,_x, _T,_T,_T,_T, _T,_T,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_T, _T,_T,_T,_x, _x,_x},
+ {_x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _T,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_T,_x, _x,_x,_x,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_x,_x, _x,_x,_x,_x, _T,_x,_T,_T, _x,_T,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_T,_T,_T, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x,_x,_x, _x,_x},
+ {_T,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_x,_T, _T,_x,_T,_x, _x,_x,_x,_T, _x,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_x, _x,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_x, _T,_T,_T,_x, _T,_T,_T,_T, _T,_T,_T,_T, _x,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _x,_x,_x,_x, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _x,_x},
+ {_T,_T,_T,_T, _T,_x,_x,_x, _T,_x,_T,_x, _x,_x,_x,_x, _x,_x,_T,_T, _T,_T,_T,_T, _T,_x,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_x,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_x,_T, _T,_x,_T,_x, _x,_x,_x,_T, _x,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_x, _x,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_x, _T,_T,_x,_x, _T,_T,_T,_T, _T,_T,_T,_T, _x,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _x,_x,_x,_x, _T,_T,_T,_T, _T,_T,_T,_T, _T,_T,_T,_T, _x,_x}
};
} // end Parser
@@ -4301,206 +4413,210 @@ public class Errors { case 33: s = "else expected"; break;
case 34: s = "decreases expected"; break;
case 35: s = "invariant expected"; break;
- case 36: s = "modifies expected"; break;
- case 37: s = "reads expected"; break;
- case 38: s = "requires expected"; break;
- case 39: s = "lbrace expected"; break;
- case 40: s = "rbrace expected"; break;
- case 41: s = "lbracket expected"; break;
- case 42: s = "rbracket expected"; break;
- case 43: s = "openparen expected"; break;
- case 44: s = "closeparen expected"; break;
- case 45: s = "openAngleBracket expected"; break;
- case 46: s = "closeAngleBracket expected"; break;
- case 47: s = "eq expected"; break;
- case 48: s = "neq expected"; break;
- case 49: s = "neqAlt expected"; break;
- case 50: s = "star expected"; break;
- case 51: s = "notIn expected"; break;
- case 52: s = "ellipsis expected"; break;
- case 53: s = "\"include\" expected"; break;
- case 54: s = "\"abstract\" expected"; break;
- case 55: s = "\"module\" expected"; break;
- case 56: s = "\"refines\" expected"; break;
- case 57: s = "\"import\" expected"; break;
- case 58: s = "\"opened\" expected"; break;
- case 59: s = "\"=\" expected"; break;
- case 60: s = "\"as\" expected"; break;
- case 61: s = "\"default\" expected"; break;
- case 62: s = "\"class\" expected"; break;
- case 63: s = "\"extends\" expected"; break;
- case 64: s = "\"trait\" expected"; break;
- case 65: s = "\"ghost\" expected"; break;
- case 66: s = "\"static\" expected"; break;
- case 67: s = "\"protected\" expected"; break;
- case 68: s = "\"datatype\" expected"; break;
- case 69: s = "\"codatatype\" expected"; break;
- case 70: s = "\"var\" expected"; break;
- case 71: s = "\"newtype\" expected"; break;
- case 72: s = "\"type\" expected"; break;
- case 73: s = "\"iterator\" expected"; break;
- case 74: s = "\"yields\" expected"; break;
- case 75: s = "\"returns\" expected"; break;
- case 76: s = "\"method\" expected"; break;
- case 77: s = "\"lemma\" expected"; break;
- case 78: s = "\"colemma\" expected"; break;
- case 79: s = "\"comethod\" expected"; break;
- case 80: s = "\"constructor\" expected"; break;
- case 81: s = "\"free\" expected"; break;
- case 82: s = "\"ensures\" expected"; break;
- case 83: s = "\"yield\" expected"; break;
- case 84: s = "\"function\" expected"; break;
- case 85: s = "\"predicate\" expected"; break;
- case 86: s = "\"copredicate\" expected"; break;
- case 87: s = "\"`\" expected"; break;
- case 88: s = "\"label\" expected"; break;
- case 89: s = "\"break\" expected"; break;
- case 90: s = "\"where\" expected"; break;
- case 91: s = "\":=\" expected"; break;
- case 92: s = "\"return\" expected"; break;
- case 93: s = "\":|\" expected"; break;
- case 94: s = "\"new\" expected"; break;
- case 95: s = "\"if\" expected"; break;
- case 96: s = "\"while\" expected"; break;
- case 97: s = "\"match\" expected"; break;
- case 98: s = "\"assert\" expected"; break;
- case 99: s = "\"print\" expected"; break;
- case 100: s = "\"forall\" expected"; break;
- case 101: s = "\"parallel\" expected"; break;
- case 102: s = "\"modify\" expected"; break;
- case 103: s = "\"#\" expected"; break;
- case 104: s = "\"<=\" expected"; break;
- case 105: s = "\">=\" expected"; break;
- case 106: s = "\"\\u2264\" expected"; break;
- case 107: s = "\"\\u2265\" expected"; break;
- case 108: s = "\"<==>\" expected"; break;
- case 109: s = "\"\\u21d4\" expected"; break;
- case 110: s = "\"==>\" expected"; break;
- case 111: s = "\"\\u21d2\" expected"; break;
- case 112: s = "\"<==\" expected"; break;
- case 113: s = "\"\\u21d0\" expected"; break;
- case 114: s = "\"&&\" expected"; break;
- case 115: s = "\"\\u2227\" expected"; break;
- case 116: s = "\"||\" expected"; break;
- case 117: s = "\"\\u2228\" expected"; break;
- case 118: s = "\"!\" expected"; break;
- case 119: s = "\"\\u00ac\" expected"; break;
- case 120: s = "\"\\u2200\" expected"; break;
- case 121: s = "\"exists\" expected"; break;
- case 122: s = "\"\\u2203\" expected"; break;
- case 123: s = "\"in\" expected"; break;
- case 124: s = "\"+\" expected"; break;
- case 125: s = "\"-\" expected"; break;
- case 126: s = "\"/\" expected"; break;
- case 127: s = "\"%\" expected"; break;
- case 128: s = "\"false\" expected"; break;
- case 129: s = "\"true\" expected"; break;
- case 130: s = "\"null\" expected"; break;
- case 131: s = "\"this\" expected"; break;
- case 132: s = "\"fresh\" expected"; break;
- case 133: s = "\"old\" expected"; break;
- case 134: s = "\"..\" expected"; break;
- case 135: s = "??? expected"; break;
- case 136: s = "this symbol not expected in SubModuleDecl"; break;
- case 137: s = "invalid SubModuleDecl"; break;
- case 138: s = "this symbol not expected in ClassDecl"; break;
- case 139: s = "this symbol not expected in DatatypeDecl"; break;
- case 140: s = "invalid DatatypeDecl"; break;
- case 141: s = "this symbol not expected in DatatypeDecl"; break;
- case 142: s = "invalid NewtypeDecl"; break;
- case 143: s = "invalid OtherTypeDecl"; break;
- case 144: s = "this symbol not expected in OtherTypeDecl"; break;
- case 145: s = "this symbol not expected in IteratorDecl"; break;
- case 146: s = "invalid IteratorDecl"; break;
- case 147: s = "this symbol not expected in TraitDecl"; break;
- case 148: s = "invalid ClassMemberDecl"; break;
- case 149: s = "this symbol not expected in FieldDecl"; break;
- case 150: s = "invalid FunctionDecl"; break;
+ case 36: s = "function expected"; break;
+ case 37: s = "predicate expected"; break;
+ case 38: s = "inductive expected"; break;
+ case 39: s = "lemma expected"; break;
+ case 40: s = "copredicate expected"; break;
+ case 41: s = "modifies expected"; break;
+ case 42: s = "reads expected"; break;
+ case 43: s = "requires expected"; break;
+ case 44: s = "lbrace expected"; break;
+ case 45: s = "rbrace expected"; break;
+ case 46: s = "lbracket expected"; break;
+ case 47: s = "rbracket expected"; break;
+ case 48: s = "openparen expected"; break;
+ case 49: s = "closeparen expected"; break;
+ case 50: s = "openAngleBracket expected"; break;
+ case 51: s = "closeAngleBracket expected"; break;
+ case 52: s = "eq expected"; break;
+ case 53: s = "neq expected"; break;
+ case 54: s = "neqAlt expected"; break;
+ case 55: s = "star expected"; break;
+ case 56: s = "notIn expected"; break;
+ case 57: s = "ellipsis expected"; break;
+ case 58: s = "\"include\" expected"; break;
+ case 59: s = "\"abstract\" expected"; break;
+ case 60: s = "\"module\" expected"; break;
+ case 61: s = "\"refines\" expected"; break;
+ case 62: s = "\"import\" expected"; break;
+ case 63: s = "\"opened\" expected"; break;
+ case 64: s = "\"=\" expected"; break;
+ case 65: s = "\"as\" expected"; break;
+ case 66: s = "\"default\" expected"; break;
+ case 67: s = "\"class\" expected"; break;
+ case 68: s = "\"extends\" expected"; break;
+ case 69: s = "\"trait\" expected"; break;
+ case 70: s = "\"ghost\" expected"; break;
+ case 71: s = "\"static\" expected"; break;
+ case 72: s = "\"protected\" expected"; break;
+ case 73: s = "\"datatype\" expected"; break;
+ case 74: s = "\"codatatype\" expected"; break;
+ case 75: s = "\"var\" expected"; break;
+ case 76: s = "\"newtype\" expected"; break;
+ case 77: s = "\"type\" expected"; break;
+ case 78: s = "\"iterator\" expected"; break;
+ case 79: s = "\"yields\" expected"; break;
+ case 80: s = "\"returns\" expected"; break;
+ case 81: s = "\"method\" expected"; break;
+ case 82: s = "\"colemma\" expected"; break;
+ case 83: s = "\"comethod\" expected"; break;
+ case 84: s = "\"constructor\" expected"; break;
+ case 85: s = "\"free\" expected"; break;
+ case 86: s = "\"ensures\" expected"; break;
+ case 87: s = "\"yield\" expected"; break;
+ case 88: s = "\"`\" expected"; break;
+ case 89: s = "\"label\" expected"; break;
+ case 90: s = "\"break\" expected"; break;
+ case 91: s = "\"where\" expected"; break;
+ case 92: s = "\":=\" expected"; break;
+ case 93: s = "\"return\" expected"; break;
+ case 94: s = "\":|\" expected"; break;
+ case 95: s = "\"new\" expected"; break;
+ case 96: s = "\"if\" expected"; break;
+ case 97: s = "\"while\" expected"; break;
+ case 98: s = "\"match\" expected"; break;
+ case 99: s = "\"assert\" expected"; break;
+ case 100: s = "\"print\" expected"; break;
+ case 101: s = "\"forall\" expected"; break;
+ case 102: s = "\"parallel\" expected"; break;
+ case 103: s = "\"modify\" expected"; break;
+ case 104: s = "\"#\" expected"; break;
+ case 105: s = "\"<=\" expected"; break;
+ case 106: s = "\">=\" expected"; break;
+ case 107: s = "\"\\u2264\" expected"; break;
+ case 108: s = "\"\\u2265\" expected"; break;
+ case 109: s = "\"<==>\" expected"; break;
+ case 110: s = "\"\\u21d4\" expected"; break;
+ case 111: s = "\"==>\" expected"; break;
+ case 112: s = "\"\\u21d2\" expected"; break;
+ case 113: s = "\"<==\" expected"; break;
+ case 114: s = "\"\\u21d0\" expected"; break;
+ case 115: s = "\"&&\" expected"; break;
+ case 116: s = "\"\\u2227\" expected"; break;
+ case 117: s = "\"||\" expected"; break;
+ case 118: s = "\"\\u2228\" expected"; break;
+ case 119: s = "\"!\" expected"; break;
+ case 120: s = "\"\\u00ac\" expected"; break;
+ case 121: s = "\"\\u2200\" expected"; break;
+ case 122: s = "\"exists\" expected"; break;
+ case 123: s = "\"\\u2203\" expected"; break;
+ case 124: s = "\"in\" expected"; break;
+ case 125: s = "\"+\" expected"; break;
+ case 126: s = "\"-\" expected"; break;
+ case 127: s = "\"/\" expected"; break;
+ case 128: s = "\"%\" expected"; break;
+ case 129: s = "\"false\" expected"; break;
+ case 130: s = "\"true\" expected"; break;
+ case 131: s = "\"null\" expected"; break;
+ case 132: s = "\"this\" expected"; break;
+ case 133: s = "\"fresh\" expected"; break;
+ case 134: s = "\"old\" expected"; break;
+ case 135: s = "\"..\" expected"; break;
+ case 136: s = "??? expected"; break;
+ case 137: s = "this symbol not expected in SubModuleDecl"; break;
+ case 138: s = "invalid SubModuleDecl"; break;
+ case 139: s = "this symbol not expected in ClassDecl"; break;
+ case 140: s = "this symbol not expected in DatatypeDecl"; break;
+ case 141: s = "invalid DatatypeDecl"; break;
+ case 142: s = "this symbol not expected in DatatypeDecl"; break;
+ case 143: s = "invalid NewtypeDecl"; break;
+ case 144: s = "invalid OtherTypeDecl"; break;
+ case 145: s = "this symbol not expected in OtherTypeDecl"; break;
+ case 146: s = "this symbol not expected in IteratorDecl"; break;
+ case 147: s = "invalid IteratorDecl"; break;
+ case 148: s = "this symbol not expected in TraitDecl"; break;
+ case 149: s = "invalid ClassMemberDecl"; break;
+ case 150: s = "this symbol not expected in FieldDecl"; break;
case 151: s = "invalid FunctionDecl"; break;
case 152: s = "invalid FunctionDecl"; break;
case 153: s = "invalid FunctionDecl"; break;
- case 154: s = "this symbol not expected in MethodDecl"; break;
- case 155: s = "invalid MethodDecl"; break;
- case 156: s = "invalid MethodDecl"; break;
- case 157: s = "invalid FIdentType"; break;
- case 158: s = "this symbol not expected in OldSemi"; break;
- case 159: s = "invalid TypeIdentOptional"; break;
- case 160: s = "invalid TypeAndToken"; break;
- case 161: s = "this symbol not expected in IteratorSpec"; break;
- case 162: s = "invalid IteratorSpec"; break;
- case 163: s = "invalid IteratorSpec"; break;
- case 164: s = "this symbol not expected in MethodSpec"; break;
- case 165: s = "invalid MethodSpec"; break;
- case 166: s = "invalid MethodSpec"; break;
- case 167: s = "invalid FrameExpression"; break;
- case 168: s = "this symbol not expected in FunctionSpec"; break;
- case 169: s = "invalid FunctionSpec"; break;
- case 170: s = "invalid PossiblyWildFrameExpression"; break;
- case 171: s = "invalid PossiblyWildExpression"; break;
- case 172: s = "this symbol not expected in OneStmt"; break;
- case 173: s = "invalid OneStmt"; break;
+ case 154: s = "invalid FunctionDecl"; break;
+ case 155: s = "invalid FunctionDecl"; break;
+ case 156: s = "this symbol not expected in MethodDecl"; break;
+ case 157: s = "invalid MethodDecl"; break;
+ case 158: s = "invalid MethodDecl"; break;
+ case 159: s = "invalid FIdentType"; break;
+ case 160: s = "this symbol not expected in OldSemi"; break;
+ case 161: s = "invalid TypeIdentOptional"; break;
+ case 162: s = "invalid TypeAndToken"; break;
+ case 163: s = "this symbol not expected in IteratorSpec"; break;
+ case 164: s = "invalid IteratorSpec"; break;
+ case 165: s = "invalid IteratorSpec"; break;
+ case 166: s = "this symbol not expected in MethodSpec"; break;
+ case 167: s = "invalid MethodSpec"; break;
+ case 168: s = "invalid MethodSpec"; break;
+ case 169: s = "invalid FrameExpression"; break;
+ case 170: s = "this symbol not expected in FunctionSpec"; break;
+ case 171: s = "invalid FunctionSpec"; break;
+ case 172: s = "invalid PossiblyWildFrameExpression"; break;
+ case 173: s = "invalid PossiblyWildExpression"; break;
case 174: s = "this symbol not expected in OneStmt"; break;
case 175: s = "invalid OneStmt"; break;
- case 176: s = "invalid AssertStmt"; break;
- case 177: s = "invalid AssumeStmt"; break;
- case 178: s = "invalid UpdateStmt"; break;
- case 179: s = "invalid UpdateStmt"; break;
- case 180: s = "this symbol not expected in VarDeclStatement"; break;
- case 181: s = "invalid IfStmt"; break;
- case 182: s = "invalid IfStmt"; break;
- case 183: s = "invalid WhileStmt"; break;
- case 184: s = "invalid WhileStmt"; break;
- case 185: s = "invalid MatchStmt"; break;
- case 186: s = "invalid ForallStmt"; break;
- case 187: s = "invalid ForallStmt"; break;
- case 188: s = "invalid CalcStmt"; break;
- case 189: s = "invalid ModifyStmt"; break;
- case 190: s = "this symbol not expected in ModifyStmt"; break;
+ case 176: s = "this symbol not expected in OneStmt"; break;
+ case 177: s = "invalid OneStmt"; break;
+ case 178: s = "invalid AssertStmt"; break;
+ case 179: s = "invalid AssumeStmt"; break;
+ case 180: s = "invalid UpdateStmt"; break;
+ case 181: s = "invalid UpdateStmt"; break;
+ case 182: s = "this symbol not expected in VarDeclStatement"; break;
+ case 183: s = "invalid IfStmt"; break;
+ case 184: s = "invalid IfStmt"; break;
+ case 185: s = "invalid WhileStmt"; break;
+ case 186: s = "invalid WhileStmt"; break;
+ case 187: s = "invalid MatchStmt"; break;
+ case 188: s = "invalid ForallStmt"; break;
+ case 189: s = "invalid ForallStmt"; break;
+ case 190: s = "invalid CalcStmt"; break;
case 191: s = "invalid ModifyStmt"; break;
- case 192: s = "invalid ReturnStmt"; break;
- case 193: s = "invalid Rhs"; break;
- case 194: s = "invalid Lhs"; break;
- case 195: s = "invalid Guard"; break;
- case 196: s = "this symbol not expected in LoopSpec"; break;
- case 197: s = "this symbol not expected in LoopSpec"; break;
+ case 192: s = "this symbol not expected in ModifyStmt"; break;
+ case 193: s = "invalid ModifyStmt"; break;
+ case 194: s = "invalid ReturnStmt"; break;
+ case 195: s = "invalid Rhs"; break;
+ case 196: s = "invalid Lhs"; break;
+ case 197: s = "invalid Guard"; break;
case 198: s = "this symbol not expected in LoopSpec"; break;
- case 199: s = "invalid LoopSpec"; break;
- case 200: s = "this symbol not expected in CaseStatement"; break;
- case 201: s = "this symbol not expected in CaseStatement"; break;
- case 202: s = "invalid CalcOp"; break;
- case 203: s = "invalid EquivOp"; break;
- case 204: s = "invalid ImpliesOp"; break;
- case 205: s = "invalid ExpliesOp"; break;
- case 206: s = "invalid AndOp"; break;
- case 207: s = "invalid OrOp"; break;
- case 208: s = "invalid NegOp"; break;
- case 209: s = "invalid Forall"; break;
- case 210: s = "invalid Exists"; break;
- case 211: s = "invalid QSep"; break;
- case 212: s = "invalid ImpliesExpliesExpression"; break;
- case 213: s = "invalid LogicalExpression"; break;
- case 214: s = "invalid RelOp"; break;
- case 215: s = "invalid AddOp"; break;
- case 216: s = "invalid UnaryExpression"; break;
- case 217: s = "invalid MulOp"; break;
- case 218: s = "invalid Suffix"; break;
- case 219: s = "invalid Suffix"; break;
- case 220: s = "invalid Suffix"; break;
- case 221: s = "invalid Suffix"; break;
- case 222: s = "invalid LambdaExpression"; break;
- case 223: s = "invalid EndlessExpression"; break;
- case 224: s = "invalid NameSegment"; break;
- case 225: s = "invalid DisplayExpr"; break;
- case 226: s = "invalid MultiSetExpr"; break;
- case 227: s = "invalid ConstAtomExpression"; break;
- case 228: s = "invalid Nat"; break;
- case 229: s = "invalid LambdaArrow"; break;
- case 230: s = "invalid MatchExpression"; break;
- case 231: s = "invalid QuantifierGuts"; break;
- case 232: s = "invalid StmtInExpr"; break;
- case 233: s = "invalid LetExpr"; break;
- case 234: s = "invalid CasePattern"; break;
- case 235: s = "invalid DotSuffix"; break;
+ case 199: s = "this symbol not expected in LoopSpec"; break;
+ case 200: s = "this symbol not expected in LoopSpec"; break;
+ case 201: s = "invalid LoopSpec"; break;
+ case 202: s = "invalid CaseStatement"; break;
+ case 203: s = "this symbol not expected in CaseStatement"; break;
+ case 204: s = "this symbol not expected in CaseStatement"; break;
+ case 205: s = "invalid CasePattern"; break;
+ case 206: s = "invalid CalcOp"; break;
+ case 207: s = "invalid EquivOp"; break;
+ case 208: s = "invalid ImpliesOp"; break;
+ case 209: s = "invalid ExpliesOp"; break;
+ case 210: s = "invalid AndOp"; break;
+ case 211: s = "invalid OrOp"; break;
+ case 212: s = "invalid NegOp"; break;
+ case 213: s = "invalid Forall"; break;
+ case 214: s = "invalid Exists"; break;
+ case 215: s = "invalid QSep"; break;
+ case 216: s = "invalid ImpliesExpliesExpression"; break;
+ case 217: s = "invalid LogicalExpression"; break;
+ case 218: s = "invalid RelOp"; break;
+ case 219: s = "invalid AddOp"; break;
+ case 220: s = "invalid UnaryExpression"; break;
+ case 221: s = "invalid MulOp"; break;
+ case 222: s = "invalid Suffix"; break;
+ case 223: s = "invalid Suffix"; break;
+ case 224: s = "invalid Suffix"; break;
+ case 225: s = "invalid Suffix"; break;
+ case 226: s = "invalid LambdaExpression"; break;
+ case 227: s = "invalid EndlessExpression"; break;
+ case 228: s = "invalid NameSegment"; break;
+ case 229: s = "invalid DisplayExpr"; break;
+ case 230: s = "invalid MultiSetExpr"; break;
+ case 231: s = "invalid ConstAtomExpression"; break;
+ case 232: s = "invalid Nat"; break;
+ case 233: s = "invalid LambdaArrow"; break;
+ case 234: s = "invalid MatchExpression"; break;
+ case 235: s = "invalid QuantifierGuts"; break;
+ case 236: s = "invalid StmtInExpr"; break;
+ case 237: s = "invalid LetExpr"; break;
+ case 238: s = "invalid CaseExpression"; break;
+ case 239: s = "invalid DotSuffix"; break;
default: s = "error " + n; break;
}
diff --git a/Source/Dafny/Printer.cs b/Source/Dafny/Printer.cs index 56c9b281..0259f12c 100644 --- a/Source/Dafny/Printer.cs +++ b/Source/Dafny/Printer.cs @@ -345,7 +345,7 @@ namespace Microsoft.Dafny { if (m is Method) {
if (state != 0) { wr.WriteLine(); }
PrintMethod((Method)m, indent, false);
- var com = m as CoLemma;
+ var com = m as FixpointLemma;
if (com != null && com.PrefixLemma != null) {
Indent(indent); wr.WriteLine("/***");
PrintMethod(com.PrefixLemma, indent, false);
@@ -359,10 +359,10 @@ namespace Microsoft.Dafny { } else if (m is Function) {
if (state != 0) { wr.WriteLine(); }
PrintFunction((Function)m, indent, false);
- var cop = m as CoPredicate;
- if (cop != null && cop.PrefixPredicate != null) {
+ var fixp = m as FixpointPredicate;
+ if (fixp != null && fixp.PrefixPredicate != null) {
Indent(indent); wr.WriteLine("/***");
- PrintFunction(cop.PrefixPredicate, indent, false);
+ PrintFunction(fixp.PrefixPredicate, indent, false);
Indent(indent); wr.WriteLine("***/");
}
state = 2;
@@ -476,7 +476,7 @@ namespace Microsoft.Dafny { if (PrintModeSkipFunctionOrMethod(f.IsGhost, f.Attributes, f.Name)) { return; }
var isPredicate = f is Predicate || f is PrefixPredicate;
Indent(indent);
- string k = isPredicate ? "predicate" : f is CoPredicate ? "copredicate" : "function";
+ string k = isPredicate ? "predicate" : f is InductivePredicate ? "inductive predicate" : f is CoPredicate ? "copredicate" : "function";
if (f.IsProtected) { k = "protected " + k; }
if (f.HasStaticKeyword) { k = "static " + k; }
if (!f.IsGhost) { k += " method"; }
@@ -546,9 +546,13 @@ namespace Microsoft.Dafny { if (PrintModeSkipFunctionOrMethod(method.IsGhost, method.Attributes, method.Name)) { return; }
Indent(indent);
- string k = method is Constructor ? "constructor" : method is CoLemma ? "colemma" : method is Lemma ? "lemma" : "method";
+ string k = method is Constructor ? "constructor" :
+ method is InductiveLemma ? "inductive lemma" :
+ method is CoLemma ? "colemma" :
+ method is Lemma ? "lemma" :
+ "method";
if (method.HasStaticKeyword) { k = "static " + k; }
- if (method.IsGhost && !(method is Lemma) && !(method is CoLemma)) { k = "ghost " + k; }
+ if (method.IsGhost && !(method is Lemma) && !(method is FixpointLemma)) { k = "ghost " + k; }
string nm = method is Constructor && !((Constructor)method).HasName ? "" : method.Name;
PrintClassMethodHelper(k, method.Attributes, nm, method.TypeArgs);
if (method.SignatureIsOmitted) {
@@ -897,17 +901,7 @@ namespace Microsoft.Dafny { wr.WriteLine();
Indent(caseInd);
wr.Write("case {0}", mc.Id);
- if (mc.Arguments.Count != 0) {
- string sep = "(";
- foreach (BoundVar bv in mc.Arguments) {
- wr.Write("{0}{1}", sep, bv.DisplayName);
- if (bv.Type is NonProxyType) {
- wr.Write(": {0}", bv.Type);
- }
- sep = ", ";
- }
- wr.Write(")");
- }
+ PrintMatchCaseArgument(mc);
wr.Write(" =>");
foreach (Statement bs in mc.Body) {
wr.WriteLine();
@@ -1195,17 +1189,7 @@ namespace Microsoft.Dafny { bool isLastCase = i == e.Cases.Count - 1;
Indent(ind);
wr.Write("case {0}", mc.Id);
- if (mc.Arguments.Count != 0) {
- string sep = "(";
- foreach (BoundVar bv in mc.Arguments) {
- wr.Write("{0}{1}", sep, bv.DisplayName);
- if (bv.Type is NonProxyType) {
- wr.Write(": {0}", bv.Type);
- }
- sep = ", ";
- }
- wr.Write(")");
- }
+ PrintMatchCaseArgument(mc);
wr.WriteLine(" =>");
PrintExtendedExpr(mc.Body, ind + IndentAmount, isLastCase, isLastCase && (parensNeeded || endWithCloseParen));
i++;
@@ -1242,6 +1226,33 @@ namespace Microsoft.Dafny { }
}
+ public void PrintMatchCaseArgument(MatchCase mc) {
+ if (mc.Arguments != null) {
+ if (mc.Arguments.Count != 0) {
+ string sep = "(";
+ foreach (BoundVar bv in mc.Arguments) {
+ wr.Write("{0}{1}", sep, bv.DisplayName);
+ if (bv.Type is NonProxyType) {
+ wr.Write(": {0}", bv.Type);
+ }
+ sep = ", ";
+ }
+ wr.Write(")");
+ }
+ } else {
+ Contract.Assert(mc.CasePatterns != null);
+ if (mc.CasePatterns.Count != 0) {
+ string sep = "(";
+ foreach (var cp in mc.CasePatterns) {
+ wr.Write(sep);
+ PrintCasePattern(cp);
+ sep = ", ";
+ }
+ wr.Write(")");
+ }
+ }
+ }
+
public void PrintExpression(Expression expr, bool isFollowedBySemicolon) {
Contract.Requires(expr != null);
PrintExpr(expr, 0, false, true, isFollowedBySemicolon, -1);
@@ -1855,14 +1866,7 @@ namespace Microsoft.Dafny { foreach (var mc in e.Cases) {
bool isLastCase = i == e.Cases.Count - 1;
wr.Write(" case {0}", mc.Id);
- if (mc.Arguments.Count != 0) {
- string sep = "(";
- foreach (BoundVar bv in mc.Arguments) {
- wr.Write("{0}{1}", sep, bv.DisplayName);
- sep = ", ";
- }
- wr.Write(")");
- }
+ PrintMatchCaseArgument(mc);
wr.Write(" => ");
PrintExpression(mc.Body, isRightmost && isLastCase, !parensNeeded && isFollowedBySemicolon);
i++;
diff --git a/Source/Dafny/RefinementTransformer.cs b/Source/Dafny/RefinementTransformer.cs index 9cad2bb1..d819652d 100644 --- a/Source/Dafny/RefinementTransformer.cs +++ b/Source/Dafny/RefinementTransformer.cs @@ -378,11 +378,11 @@ namespace Microsoft.Dafny CheckAgreement_TypeParameters(nw.tok, f.TypeArgs, nw.TypeArgs, nw.Name, "predicate", false);
CheckAgreementResolvedParameters(nw.tok, f.Formals, nw.Formals, nw.Name, "predicate", "parameter");
}
- } else if (f is CoPredicate) {
- reporter.Error(nw, "refinement of co-predicates is not supported");
+ } else if (f is FixpointPredicate) {
+ reporter.Error(nw, "refinement of {0}s is not supported", f.WhatKind);
} else {
// f is a plain Function
- if (nw is Predicate || nw is CoPredicate) {
+ if (nw is Predicate || nw is FixpointPredicate) {
reporter.Error(nw, "a {0} declaration ({1}) can only be refined by a function or function method", nw.IsGhost ? "function" : "function method", nw.Name);
} else {
CheckAgreement_TypeParameters(nw.tok, f.TypeArgs, nw.TypeArgs, nw.Name, "function", false);
@@ -545,6 +545,9 @@ namespace Microsoft.Dafny if (f is Predicate) {
return new Predicate(tok, f.Name, f.HasStaticKeyword, f.IsProtected, isGhost, tps, formals,
req, reads, ens, decreases, body, bodyOrigin, refinementCloner.MergeAttributes(f.Attributes, moreAttributes), null);
+ } else if (f is InductivePredicate) {
+ return new InductivePredicate(tok, f.Name, f.HasStaticKeyword, f.IsProtected, tps, formals,
+ req, reads, ens, body, refinementCloner.MergeAttributes(f.Attributes, moreAttributes), null);
} else if (f is CoPredicate) {
return new CoPredicate(tok, f.Name, f.HasStaticKeyword, f.IsProtected, tps, formals,
req, reads, ens, body, refinementCloner.MergeAttributes(f.Attributes, moreAttributes), null);
@@ -576,6 +579,9 @@ namespace Microsoft.Dafny if (m is Constructor) {
return new Constructor(new RefinementToken(m.tok, moduleUnderConstruction), m.Name, tps, ins,
req, mod, ens, decreases, body, refinementCloner.MergeAttributes(m.Attributes, moreAttributes), null);
+ } else if (m is InductiveLemma) {
+ return new InductiveLemma(new RefinementToken(m.tok, moduleUnderConstruction), m.Name, m.HasStaticKeyword, tps, ins, m.Outs.ConvertAll(refinementCloner.CloneFormal),
+ req, mod, ens, decreases, body, refinementCloner.MergeAttributes(m.Attributes, moreAttributes), null);
} else if (m is CoLemma) {
return new CoLemma(new RefinementToken(m.tok, moduleUnderConstruction), m.Name, m.HasStaticKeyword, tps, ins, m.Outs.ConvertAll(refinementCloner.CloneFormal),
req, mod, ens, decreases, body, refinementCloner.MergeAttributes(m.Attributes, moreAttributes), null);
@@ -687,8 +693,12 @@ namespace Microsoft.Dafny } else if (nwMember is Function) {
var f = (Function)nwMember;
bool isPredicate = f is Predicate;
+ bool isIndPredicate = f is InductivePredicate;
bool isCoPredicate = f is CoPredicate;
- if (!(member is Function) || (isPredicate && !(member is Predicate)) || (isCoPredicate && !(member is CoPredicate))) {
+ if (!(member is Function) ||
+ (isPredicate && !(member is Predicate)) ||
+ (isIndPredicate && !(member is InductivePredicate)) ||
+ (isCoPredicate && !(member is CoPredicate))) {
reporter.Error(nwMember, "a {0} declaration ({1}) can only refine a {0}", f.WhatKind, nwMember.Name);
} else if (f.IsProtected != ((Function)member).IsProtected) {
reporter.Error(f, "a {0} in a refinement module must be declared 'protected' if and only if the refined {0} is", f.WhatKind);
diff --git a/Source/Dafny/Resolver.cs b/Source/Dafny/Resolver.cs index 027d43f9..033f5230 100644 --- a/Source/Dafny/Resolver.cs +++ b/Source/Dafny/Resolver.cs @@ -397,9 +397,9 @@ namespace Microsoft.Dafny fn.IsRecursive = true;
}
}
- if (fn.IsRecursive && fn is CoPredicate) {
+ if (fn.IsRecursive && fn is FixpointPredicate) {
// this means the corresponding prefix predicate is also recursive
- var prefixPred = ((CoPredicate)fn).PrefixPredicate;
+ var prefixPred = ((FixpointPredicate)fn).PrefixPredicate;
if (prefixPred != null) {
prefixPred.IsRecursive = true;
}
@@ -465,8 +465,8 @@ namespace Microsoft.Dafny foreach (var clbl in ModuleDefinition.AllCallables(module.TopLevelDecls)) {
ICallable m;
string s;
- if (clbl is CoLemma) {
- var prefixLemma = ((CoLemma)clbl).PrefixLemma;
+ if (clbl is FixpointLemma) {
+ var prefixLemma = ((FixpointLemma)clbl).PrefixLemma;
m = prefixLemma;
s = prefixLemma.Name + " ";
} else {
@@ -495,7 +495,6 @@ namespace Microsoft.Dafny sep = ", ";
}
}
- s += ";"; // always terminate with a semi-colon, even in the case of an empty decreases clause
// Note, in the following line, we use the location information for "clbl", not "m". These
// are the same, except in the case where "clbl" is a CoLemma and "m" is a prefix lemma.
ReportAdditionalInformation(clbl.Tok, s, clbl.Tok.val.Length);
@@ -513,8 +512,8 @@ namespace Microsoft.Dafny bool FillInDefaultDecreases(ICallable clbl, bool addPrefixInCoClusters) {
Contract.Requires(clbl != null);
- if (clbl is CoPredicate) {
- // copredicates don't have decreases clauses
+ if (clbl is FixpointPredicate) {
+ // fixpoint-predicates don't have decreases clauses
return false;
}
var anyChangeToDecreases = false;
@@ -1056,15 +1055,15 @@ namespace Microsoft.Dafny } else {
cl.HasConstructor = true;
}
- } else if (m is CoPredicate || m is CoLemma) {
+ } else if (m is FixpointPredicate || m is FixpointLemma) {
var extraName = m.Name + "#";
MemberDecl extraMember;
var cloner = new Cloner();
var formals = new List<Formal>();
var k = new ImplicitFormal(m.tok, "_k", new NatType(), true, false);
formals.Add(k);
- if (m is CoPredicate) {
- var cop = (CoPredicate)m;
+ if (m is FixpointPredicate) {
+ var cop = (FixpointPredicate)m;
formals.AddRange(cop.Formals.ConvertAll(cloner.CloneFormal));
List<TypeParameter> tyvars = cop.TypeArgs.ConvertAll(cloner.CloneTypeParam);
@@ -1083,7 +1082,7 @@ namespace Microsoft.Dafny // In the call graph, add an edge from P# to P, since this will have the desired effect of detecting unwanted cycles.
moduleDef.CallGraph.AddEdge(cop.PrefixPredicate, cop);
} else {
- var com = (CoLemma)m;
+ var com = (FixpointLemma)m;
// _k has already been added to 'formals', so append the original formals
formals.AddRange(com.Ins.ConvertAll(cloner.CloneFormal));
// prepend _k to the given decreases clause
@@ -1091,10 +1090,13 @@ namespace Microsoft.Dafny decr.Add(new IdentifierExpr(com.tok, k.Name));
decr.AddRange(com.Decreases.Expressions.ConvertAll(cloner.CloneExpr));
// Create prefix lemma. Note that the body is not cloned, but simply shared.
+ // For a colemma, the postconditions are filled in after the colemma's postconditions have been resolved.
+ // For an inductive lemma, the preconditions are filled in after the inductive lemma's preconditions have been resolved.
+ var req = com is CoLemma ? com.Req.ConvertAll(cloner.CloneMayBeFreeExpr) : new List<MaybeFreeExpression>();
+ var ens = com is CoLemma ? new List<MaybeFreeExpression>() : com.Ens.ConvertAll(cloner.CloneMayBeFreeExpr);
com.PrefixLemma = new PrefixLemma(com.tok, extraName, com.HasStaticKeyword,
com.TypeArgs.ConvertAll(cloner.CloneTypeParam), k, formals, com.Outs.ConvertAll(cloner.CloneFormal),
- com.Req.ConvertAll(cloner.CloneMayBeFreeExpr), cloner.CloneSpecFrameExpr(com.Mod),
- new List<MaybeFreeExpression>(), // Note, the postconditions are filled in after the colemma's postconditions have been resolved
+ req, cloner.CloneSpecFrameExpr(com.Mod), ens,
new Specification<Expression>(decr, null),
null, // Note, the body for the prefix method will be created once the call graph has been computed and the SCC for the colemma is known
cloner.CloneAttributes(com.Attributes), com);
@@ -1541,25 +1543,38 @@ namespace Microsoft.Dafny if (ErrorCount == prevErrorCount) {
// fill in the postconditions and bodies of prefix lemmas
- foreach (var com in ModuleDefinition.AllCoLemmas(declarations)) {
+ foreach (var com in ModuleDefinition.AllFixpointLemmas(declarations)) {
var prefixLemma = com.PrefixLemma;
if (prefixLemma == null) {
- continue; // something went wrong during registration of the prefix lemma (probably a duplicated colemma name)
+ continue; // something went wrong during registration of the prefix lemma (probably a duplicated fixpoint-lemma name)
}
- Contract.Assume(prefixLemma.Ens.Count == 0 && prefixLemma.Body == null); // these are not supposed to have been filled in before
- // compute the postconditions of the prefix lemma
var k = prefixLemma.Ins[0];
- foreach (var p in com.Ens) {
- var coConclusions = new HashSet<Expression>();
- CheckCoLemmaConclusions(p.E, true, coConclusions);
- var subst = new CoLemmaPostconditionSubstituter(coConclusions, new IdentifierExpr(k.tok, k.Name), this);
- var post = subst.CloneExpr(p.E);
- prefixLemma.Ens.Add(new MaybeFreeExpression(post, p.IsFree));
+ if (com is CoLemma) {
+ // compute the postconditions of the prefix lemma
+ Contract.Assume(prefixLemma.Ens.Count == 0); // these are not supposed to have been filled in before
+ foreach (var p in com.Ens) {
+ var coConclusions = new HashSet<Expression>();
+ CollectFriendlyCallsInFixpointLemmaSpecification(p.E, true, coConclusions, true);
+ var subst = new FixpointLemmaSpecificationSubstituter(coConclusions, new IdentifierExpr(k.tok, k.Name), this, true);
+ var post = subst.CloneExpr(p.E);
+ prefixLemma.Ens.Add(new MaybeFreeExpression(post, p.IsFree));
+ }
+ } else {
+ // compute the preconditions of the prefix lemma
+ Contract.Assume(prefixLemma.Req.Count == 0); // these are not supposed to have been filled in before
+ foreach (var p in com.Req) {
+ var antecedents = new HashSet<Expression>();
+ CollectFriendlyCallsInFixpointLemmaSpecification(p.E, true, antecedents, false);
+ var subst = new FixpointLemmaSpecificationSubstituter(antecedents, new IdentifierExpr(k.tok, k.Name), this, false);
+ var pre = subst.CloneExpr(p.E);
+ prefixLemma.Req.Add(new MaybeFreeExpression(pre, p.IsFree));
+ }
}
// Compute the statement body of the prefix lemma
+ Contract.Assume(prefixLemma.Body == null); // this is not supposed to have been filled in before
if (com.Body != null) {
var kMinusOne = new BinaryExpr(com.tok, BinaryExpr.Opcode.Sub, new IdentifierExpr(k.tok, k.Name), new LiteralExpr(com.tok, 1));
- var subst = new CoLemmaBodyCloner(com, kMinusOne, this);
+ var subst = new FixpointLemmaBodyCloner(com, kMinusOne, this);
var mainBody = subst.CloneBlockStmt(com.Body);
var kPositive = new BinaryExpr(com.tok, BinaryExpr.Opcode.Lt, new LiteralExpr(com.tok, 0), new IdentifierExpr(k.tok, k.Name));
var condBody = new IfStmt(com.BodyStartTok, mainBody.EndTok, kPositive, mainBody, null);
@@ -1811,30 +1826,31 @@ namespace Microsoft.Dafny }
}
}
- // Check that copredicates are not recursive with non-copredicate functions, and
+ // Check that fixpoint-predicates are not recursive with non-fixpoint-predicate functions (and only
+ // with fixpoint-predicates of the same polarity), and
// check that colemmas are not recursive with non-colemma methods.
// Also, check that newtypes sit in their own SSC.
foreach (var d in declarations) {
if (d is ClassDecl) {
foreach (var member in ((ClassDecl)d).Members) {
- if (member is CoPredicate) {
- var fn = (CoPredicate)member;
+ if (member is FixpointPredicate) {
+ var fn = (FixpointPredicate)member;
// Check here for the presence of any 'ensures' clauses, which are not allowed (because we're not sure
// of their soundness)
if (fn.Ens.Count != 0) {
- Error(fn.Ens[0].tok, "a copredicate is not allowed to declare any ensures clause");
+ Error(fn.Ens[0].tok, "a {0} is not allowed to declare any ensures clause", member.WhatKind);
}
// Also check for 'reads' clauses
if (fn.Reads.Count != 0) {
- Error(fn.Reads[0].tok, "a copredicate is not allowed to declare any reads clause"); // (why?)
+ Error(fn.Reads[0].tok, "a {0} is not allowed to declare any reads clause", member.WhatKind); // (why?)
}
if (fn.Body != null) {
- CoPredicateChecks(fn.Body, fn, CallingPosition.Positive);
+ FixpointPredicateChecks(fn.Body, fn, CallingPosition.Positive);
}
- } else if (member is CoLemma) {
- var m = (CoLemma)member;
+ } else if (member is FixpointLemma) {
+ var m = (FixpointLemma)member;
if (m.Body != null) {
- CoLemmaChecks(m.Body, m);
+ FixpointLemmaChecks(m.Body, m);
}
}
}
@@ -1953,8 +1969,8 @@ namespace Microsoft.Dafny Error(f.tok, "sorry, tail-call functions are not supported");
}
}
- if (errorCount == ErrorCount && f is CoPredicate) {
- var cop = (CoPredicate)f;
+ if (errorCount == ErrorCount && f is FixpointPredicate) {
+ var cop = (FixpointPredicate)f;
CheckTypeInference_Member(cop.PrefixPredicate);
}
}
@@ -2320,9 +2336,9 @@ namespace Microsoft.Dafny #endregion CheckTailRecursive
// ------------------------------------------------------------------------------------------------------
- // ----- CoPredicateChecks ------------------------------------------------------------------------------
+ // ----- FixpointPredicateChecks ------------------------------------------------------------------------
// ------------------------------------------------------------------------------------------------------
- #region CoPredicateChecks
+ #region FixpointPredicateChecks
enum CallingPosition { Positive, Negative, Neither }
static CallingPosition Invert(CallingPosition cp) {
switch (cp) {
@@ -2332,40 +2348,18 @@ namespace Microsoft.Dafny }
}
- class CoPredicateChecks_Visitor : ResolverTopDownVisitor<CallingPosition>
+ class FindFriendlyCalls_Visitor : ResolverTopDownVisitor<CallingPosition>
{
- public readonly CoPredicate context;
- public CoPredicateChecks_Visitor(Resolver resolver, CoPredicate context)
+ public readonly bool IsCoContext;
+ public FindFriendlyCalls_Visitor(Resolver resolver, bool co)
: base(resolver)
{
Contract.Requires(resolver != null);
- Contract.Requires(context != null);
- this.context = context;
+ this.IsCoContext = co;
}
protected override bool VisitOneExpr(Expression expr, ref CallingPosition cp) {
- if (expr is FunctionCallExpr) {
- var e = (FunctionCallExpr)expr;
- if (ModuleDefinition.InSameSCC(context, e.Function)) {
- // we're looking at a recursive call
- if (!(e.Function is CoPredicate)) {
- Error(e, "a recursive call from a copredicate can go only to other copredicates");
- } else if (cp != CallingPosition.Positive) {
- var msg = "a copredicate can be called recursively only in positive positions";
- if (cp == CallingPosition.Neither) {
- // this may be inside an existential quantifier
- msg += " and cannot sit inside an unbounded existential quantifier";
- } else {
- // the co-call is not inside an existential quantifier, so don't bother mentioning the part of existentials in the error message
- }
- Error(e, msg);
- } else {
- e.CoCall = FunctionCallExpr.CoCallResolution.Yes;
- ReportAdditionalInformation(e.tok, e.Function.Name + "#[_k - 1]", e.Function.Name.Length);
- }
- }
- // fall through to do the subexpressions (with cp := Neither)
- } else if (expr is UnaryOpExpr) {
+ if (expr is UnaryOpExpr) {
var e = (UnaryOpExpr)expr;
if (e.Op == UnaryOpExpr.Opcode.Not) {
// for the sub-parts, use Invert(cp)
@@ -2402,14 +2396,24 @@ namespace Microsoft.Dafny foreach (var rhs in e.RHSs) {
Visit(rhs, CallingPosition.Neither);
}
- // note, a let-such-that expression introduces an existential that may depend on the _k in a copredicate, so we disallow recursive copredicate calls in the body of the let-such-that
- Visit(e.Body, e.Exact ? cp : CallingPosition.Neither);
+ var cpBody = cp;
+ if (!e.Exact) {
+ // a let-such-that expression introduces an existential that may depend on the _k in an inductive/co predicate, so we disallow recursive calls in the body of the let-such-that
+ if (IsCoContext && cp == CallingPosition.Positive) {
+ cpBody = CallingPosition.Neither;
+ } else if (!IsCoContext && cp == CallingPosition.Negative) {
+ cpBody = CallingPosition.Neither;
+ }
+ }
+ Visit(e.Body, cpBody);
return false;
} else if (expr is QuantifierExpr) {
var e = (QuantifierExpr)expr;
- if ((cp == CallingPosition.Positive && e is ExistsExpr) || (cp == CallingPosition.Negative && e is ForallExpr)) {
+ var cpos = IsCoContext ? cp : Invert(cp);
+ if ((cpos == CallingPosition.Positive && e is ExistsExpr) || (cpos == CallingPosition.Negative && e is ForallExpr)) {
if (e.MissingBounds != null && e.MissingBounds.Count != 0) {
- // Don't allow any co-recursive calls under an existential with an unbounded range, because that can be unsound.
+ // To ensure continuity of fixpoint predicates, don't allow calls under an existential (resp. universal) quantifier
+ // for co-predicates (resp. inductive predicates).
cp = CallingPosition.Neither;
}
}
@@ -2428,13 +2432,52 @@ namespace Microsoft.Dafny cp = CallingPosition.Neither;
return true;
}
+ }
+ class FixpointPredicateChecks_Visitor : FindFriendlyCalls_Visitor
+ {
+ readonly FixpointPredicate context;
+ public FixpointPredicateChecks_Visitor(Resolver resolver, FixpointPredicate context)
+ : base(resolver, context is CoPredicate) {
+ Contract.Requires(resolver != null);
+ Contract.Requires(context != null);
+ this.context = context;
+ }
+ protected override bool VisitOneExpr(Expression expr, ref CallingPosition cp) {
+ if (expr is FunctionCallExpr) {
+ var e = (FunctionCallExpr)expr;
+ if (ModuleDefinition.InSameSCC(context, e.Function)) {
+ var article = context is InductivePredicate ? "an" : "a";
+ // we're looking at a recursive call
+ if (!(context is InductivePredicate ? e.Function is InductivePredicate : e.Function is CoPredicate)) {
+ Error(e, "a recursive call from {0} {1} can go only to other {1}s", article, context.WhatKind);
+ } else if (cp != CallingPosition.Positive) {
+ var msg = string.Format("{0} {1} can be called recursively only in positive positions", article, context.WhatKind);
+ if (cp == CallingPosition.Neither) {
+ // this may be inside an non-friendly quantifier
+ msg += string.Format(" and cannot sit inside an unbounded {0} quantifier", context is InductivePredicate ? "universal" : "existential");
+ } else {
+ // the fixpoint-call is not inside an quantifier, so don't bother mentioning the part of existentials/universals in the error message
+ }
+ Error(e, msg);
+ } else {
+ e.CoCall = FunctionCallExpr.CoCallResolution.Yes;
+ ReportAdditionalInformation(e.tok, e.Function.Name + "#[_k - 1]", e.Function.Name.Length);
+ }
+ }
+ // do the sub-parts with cp := Neither
+ cp = CallingPosition.Neither;
+ return true;
+ }
+ return base.VisitOneExpr(expr, ref cp);
+ }
protected override bool VisitOneStmt(Statement stmt, ref CallingPosition st) {
if (stmt is CallStmt) {
var s = (CallStmt)stmt;
if (ModuleDefinition.InSameSCC(context, s.Method)) {
// we're looking at a recursive call
- Error(stmt.Tok, "a recursive call from a copredicate can go only to other copredicates");
+ var article = context is InductivePredicate ? "an" : "a";
+ Error(stmt.Tok, "a recursive call from {0} {1} can go only to other {1}s", article, context.WhatKind);
}
// do the sub-parts with the same "cp"
return true;
@@ -2444,22 +2487,22 @@ namespace Microsoft.Dafny }
}
- void CoPredicateChecks(Expression expr, CoPredicate context, CallingPosition cp) {
+ void FixpointPredicateChecks(Expression expr, FixpointPredicate context, CallingPosition cp) {
Contract.Requires(expr != null);
Contract.Requires(context != null);
- var v = new CoPredicateChecks_Visitor(this, context);
+ var v = new FixpointPredicateChecks_Visitor(this, context);
v.Visit(expr, cp);
}
- #endregion CoPredicateChecks
+ #endregion FixpointPredicateChecks
// ------------------------------------------------------------------------------------------------------
- // ----- CoLemmaChecks ----------------------------------------------------------------------------------
+ // ----- FixpointLemmaChecks ----------------------------------------------------------------------------
// ------------------------------------------------------------------------------------------------------
- #region CoLemmaChecks
- class CoLemmaChecks_Visitor : ResolverBottomUpVisitor
+ #region FixpointLemmaChecks
+ class FixpointLemmaChecks_Visitor : ResolverBottomUpVisitor
{
- CoLemma context;
- public CoLemmaChecks_Visitor(Resolver resolver, CoLemma context)
+ FixpointLemma context;
+ public FixpointLemmaChecks_Visitor(Resolver resolver, FixpointLemma context)
: base(resolver) {
Contract.Requires(resolver != null);
Contract.Requires(context != null);
@@ -2468,13 +2511,14 @@ namespace Microsoft.Dafny protected override void VisitOneStmt(Statement stmt) {
if (stmt is CallStmt) {
var s = (CallStmt)stmt;
- if (s.Method is CoLemma || s.Method is PrefixLemma) {
+ if (s.Method is FixpointLemma || s.Method is PrefixLemma) {
// all is cool
} else {
- // the call goes from a colemma context to a non-colemma callee
+ // the call goes from a fixpoint-lemma context to a non-fixpoint-lemma callee
if (ModuleDefinition.InSameSCC(context, s.Method)) {
- // we're looking at a recursive call (to a non-colemma)
- Error(s.Tok, "a recursive call from a colemma can go only to other colemmas and prefix lemmas");
+ // we're looking at a recursive call (to a non-fixpoint-lemma)
+ var article = context is InductiveLemma ? "an" : "a";
+ Error(s.Tok, "a recursive call from {0} {1} can go only to other {1}s and prefix lemmas", article, context.WhatKind);
}
}
}
@@ -2491,13 +2535,13 @@ namespace Microsoft.Dafny }
}
}
- void CoLemmaChecks(Statement stmt, CoLemma context) {
+ void FixpointLemmaChecks(Statement stmt, FixpointLemma context) {
Contract.Requires(stmt != null);
Contract.Requires(context != null);
- var v = new CoLemmaChecks_Visitor(this, context);
+ var v = new FixpointLemmaChecks_Visitor(this, context);
v.Visit(stmt);
}
- #endregion CoLemmaChecks
+ #endregion FixpointLemmaChecks
// ------------------------------------------------------------------------------------------------------
// ----- CheckEqualityTypes -----------------------------------------------------------------------------
@@ -2949,8 +2993,8 @@ namespace Microsoft.Dafny ResolveTypeParameters(f.TypeArgs, true, f);
ResolveFunctionSignature(f);
allTypeParameters.PopMarker();
- if (f is CoPredicate && ec == ErrorCount) {
- var ff = ((CoPredicate)f).PrefixPredicate;
+ if (f is FixpointPredicate && ec == ErrorCount) {
+ var ff = ((FixpointPredicate)f).PrefixPredicate;
ff.EnclosingClass = cl;
allTypeParameters.PushMarker();
ResolveTypeParameters(ff.TypeArgs, true, ff);
@@ -2965,7 +3009,7 @@ namespace Microsoft.Dafny ResolveTypeParameters(m.TypeArgs, true, m);
ResolveMethodSignature(m);
allTypeParameters.PopMarker();
- var com = m as CoLemma;
+ var com = m as FixpointLemma;
if (com != null && com.PrefixLemma != null && ec == ErrorCount) {
var mm = com.PrefixLemma;
// resolve signature of the prefix lemma
@@ -3097,8 +3141,8 @@ namespace Microsoft.Dafny ResolveTypeParameters(f.TypeArgs, false, f);
ResolveFunction(f);
allTypeParameters.PopMarker();
- if (f is CoPredicate && ec == ErrorCount) {
- var ff = ((CoPredicate)f).PrefixPredicate;
+ if (f is FixpointPredicate && ec == ErrorCount) {
+ var ff = ((FixpointPredicate)f).PrefixPredicate;
allTypeParameters.PushMarker();
ResolveTypeParameters(ff.TypeArgs, false, ff);
ResolveFunction(ff);
@@ -3586,10 +3630,8 @@ namespace Microsoft.Dafny ResolveAttributes(m.Mod.Attributes, new ResolveOpts(m, false, true));
foreach (FrameExpression fe in m.Mod.Expressions) {
ResolveFrameExpression(fe, false, m.IsGhost, m);
- if (m is Lemma) {
- Error(fe.tok, "lemmas are not allowed to have modifies clauses");
- } else if (m is CoLemma) {
- Error(fe.tok, "colemmas are not allowed to have modifies clauses");
+ if (m is Lemma || m is FixpointLemma) {
+ Error(fe.tok, "{0}s are not allowed to have modifies clauses", m.WhatKind);
}
}
ResolveAttributes(m.Decreases.Attributes, new ResolveOpts(m, false, true));
@@ -3604,8 +3646,8 @@ namespace Microsoft.Dafny // Add out-parameters to a new scope that will also include the outermost-level locals of the body
// Don't care about any duplication errors among the out-parameters, since they have already been reported
scope.PushMarker();
- if (m is CoLemma && m.Outs.Count != 0) {
- Error(m.Outs[0].tok, "colemmas are not allowed to have out-parameters");
+ if (m is FixpointLemma && m.Outs.Count != 0) {
+ Error(m.Outs[0].tok, "{0}s are not allowed to have out-parameters", m.WhatKind);
} else {
foreach (Formal p in m.Outs) {
scope.Push(p.Name, p);
@@ -3624,7 +3666,7 @@ namespace Microsoft.Dafny // Resolve body
if (m.Body != null) {
- var com = m as CoLemma;
+ var com = m as FixpointLemma;
if (com != null && com.PrefixLemma != null) {
// The body may mentioned the implicitly declared parameter _k. Throw it into the
// scope before resolving the body.
@@ -5141,106 +5183,381 @@ namespace Microsoft.Dafny Contract.Assert(prevErrorCount != ErrorCount || s.Steps.Count == s.Hints.Count);
} else if (stmt is MatchStmt) {
- MatchStmt s = (MatchStmt)stmt;
- bool bodyIsSpecOnly = specContextOnly;
- int prevErrorCount = ErrorCount;
- ResolveExpression(s.Source, new ResolveOpts(codeContext, true, specContextOnly));
- Contract.Assert(s.Source.Type != null); // follows from postcondition of ResolveExpression
- bool successfullyResolved = ErrorCount == prevErrorCount;
- if (!specContextOnly && successfullyResolved) {
- bodyIsSpecOnly = UsesSpecFeatures(s.Source);
- }
- UserDefinedType sourceType = null;
- DatatypeDecl dtd = null;
- if (s.Source.Type.IsDatatype) {
- sourceType = (UserDefinedType)s.Source.Type.NormalizeExpand();
- dtd = cce.NonNull((DatatypeDecl)sourceType.ResolvedClass);
+ ResolveMatchStmt(stmt, specContextOnly, codeContext);
+ } else if (stmt is SkeletonStatement) {
+ var s = (SkeletonStatement)stmt;
+ Error(s.Tok, "skeleton statements are allowed only in refining methods");
+ // nevertheless, resolve the underlying statement; hey, why not
+ if (s.S != null) {
+ ResolveStatement(s.S, specContextOnly, codeContext);
}
- var subst = new Dictionary<TypeParameter, Type>();
- Dictionary<string, DatatypeCtor> ctors;
- if (dtd == null) {
- Error(s.Source, "the type of the match source expression must be a datatype (instead found {0})", s.Source.Type);
- ctors = null;
- } else {
- Contract.Assert(sourceType != null); // dtd and sourceType are set together above
- ctors = datatypeCtors[dtd];
- Contract.Assert(ctors != null); // dtd should have been inserted into datatypeCtors during a previous resolution stage
+ } else {
+ Contract.Assert(false); throw new cce.UnreachableException();
+ }
+ }
- // build the type-parameter substitution map for this use of the datatype
- for (int i = 0; i < dtd.TypeArgs.Count; i++) {
- subst.Add(dtd.TypeArgs[i], sourceType.TypeArgs[i]);
- }
+ void ResolveMatchStmt(Statement stmt, bool specContextOnly, ICodeContext codeContext) {
+ MatchStmt s = (MatchStmt)stmt;
+ DesugarMatchStmtWithTupleExpression(s);
+
+ bool bodyIsSpecOnly = specContextOnly;
+ int prevErrorCount = ErrorCount;
+ ResolveExpression(s.Source, new ResolveOpts(codeContext, true, specContextOnly));
+ Contract.Assert(s.Source.Type != null); // follows from postcondition of ResolveExpression
+ bool successfullyResolved = ErrorCount == prevErrorCount;
+ if (!specContextOnly && successfullyResolved) {
+ bodyIsSpecOnly = UsesSpecFeatures(s.Source);
+ }
+ UserDefinedType sourceType = null;
+ DatatypeDecl dtd = null;
+ if (s.Source.Type.IsDatatype) {
+ sourceType = (UserDefinedType)s.Source.Type.NormalizeExpand();
+ dtd = cce.NonNull((DatatypeDecl)sourceType.ResolvedClass);
+ }
+ var subst = new Dictionary<TypeParameter, Type>();
+ Dictionary<string, DatatypeCtor> ctors;
+ if (dtd == null) {
+ Error(s.Source, "the type of the match source expression must be a datatype (instead found {0})", s.Source.Type);
+ ctors = null;
+ } else {
+ Contract.Assert(sourceType != null); // dtd and sourceType are set together above
+ ctors = datatypeCtors[dtd];
+ Contract.Assert(ctors != null); // dtd should have been inserted into datatypeCtors during a previous resolution stage
+
+ // build the type-parameter substitution map for this use of the datatype
+ for (int i = 0; i < dtd.TypeArgs.Count; i++) {
+ subst.Add(dtd.TypeArgs[i], sourceType.TypeArgs[i]);
}
- s.IsGhost = bodyIsSpecOnly;
+ }
+ s.IsGhost = bodyIsSpecOnly;
- ISet<string> memberNamesUsed = new HashSet<string>();
- foreach (MatchCaseStmt mc in s.Cases) {
- DatatypeCtor ctor = null;
- if (ctors != null) {
- Contract.Assert(dtd != null);
- if (!ctors.TryGetValue(mc.Id, out ctor)) {
- Error(mc.tok, "member {0} does not exist in datatype {1}", mc.Id, dtd.Name);
+ // convert CasePattern in MatchCaseExpr to BoundVar and flatten the MatchCaseExpr.
+ Type type = new InferredTypeProxy();
+ string name = FreshTempVarName("_mc#", codeContext);
+ BoundVar bv = new BoundVar(s.Tok, name, type);
+ List<CasePattern> patternSubst = new List<CasePattern>();
+ DesugarMatchCaseStmt(s, dtd, bv, patternSubst);
+
+ ISet<string> memberNamesUsed = new HashSet<string>();
+ foreach (MatchCaseStmt mc in s.Cases) {
+ DatatypeCtor ctor = null;
+ if (ctors != null) {
+ Contract.Assert(dtd != null);
+ if (!ctors.TryGetValue(mc.Id, out ctor)) {
+ Error(mc.tok, "member {0} does not exist in datatype {1}", mc.Id, dtd.Name);
+ } else {
+ Contract.Assert(ctor != null); // follows from postcondition of TryGetValue
+ mc.Ctor = ctor;
+ if (ctor.Formals.Count != mc.Arguments.Count) {
+ Error(mc.tok, "member {0} has wrong number of formals (found {1}, expected {2})", mc.Id, mc.Arguments.Count, ctor.Formals.Count);
+ }
+ if (memberNamesUsed.Contains(mc.Id)) {
+ Error(mc.tok, "member {0} appears in more than one case", mc.Id);
} else {
- Contract.Assert(ctor != null); // follows from postcondition of TryGetValue
- mc.Ctor = ctor;
- if (ctor.Formals.Count != mc.Arguments.Count) {
- Error(mc.tok, "member {0} has wrong number of formals (found {1}, expected {2})", mc.Id, mc.Arguments.Count, ctor.Formals.Count);
- }
- if (memberNamesUsed.Contains(mc.Id)) {
- Error(mc.tok, "member {0} appears in more than one case", mc.Id);
- } else {
- memberNamesUsed.Add(mc.Id); // add mc.Id to the set of names used
- }
+ memberNamesUsed.Add(mc.Id); // add mc.Id to the set of names used
}
}
- scope.PushMarker();
- int i = 0;
- foreach (BoundVar v in mc.Arguments) {
- if (!scope.Push(v.Name, v)) {
- Error(v, "Duplicate parameter name: {0}", v.Name);
- }
- ResolveType(v.tok, v.Type, codeContext, ResolveTypeOptionEnum.InferTypeProxies, null);
- if (ctor != null && i < ctor.Formals.Count) {
- Formal formal = ctor.Formals[i];
- Type st = SubstType(formal.Type, subst);
- if (!UnifyTypes(v.Type, st)) {
- Error(stmt, "the declared type of the formal ({0}) does not agree with the corresponding type in the constructor's signature ({1})", v.Type, st);
- }
- v.IsGhost = formal.IsGhost;
+ }
+ scope.PushMarker();
+ int i = 0;
+ foreach (BoundVar v in mc.Arguments) {
+ if (!scope.Push(v.Name, v)) {
+ Error(v, "Duplicate parameter name: {0}", v.Name);
+ }
+ ResolveType(v.tok, v.Type, codeContext, ResolveTypeOptionEnum.InferTypeProxies, null);
+ if (ctor != null && i < ctor.Formals.Count) {
+ Formal formal = ctor.Formals[i];
+ Type st = SubstType(formal.Type, subst);
+ if (!UnifyTypes(v.Type, st)) {
+ Error(stmt, "the declared type of the formal ({0}) does not agree with the corresponding type in the constructor's signature ({1})", v.Type, st);
}
- i++;
+ v.IsGhost = formal.IsGhost;
}
+ i++;
+ }
+ foreach (Statement ss in mc.Body) {
+ ResolveStatement(ss, bodyIsSpecOnly, codeContext);
+ }
+ // substitute body to replace the case pat with v. This needs to happen
+ // after the body is resolved so we can scope the bv correctly.
+ if (patternSubst.Count > 0) {
+ MatchCaseExprSubstituteCloner cloner = new MatchCaseExprSubstituteCloner(patternSubst, bv);
+ List<Statement> list = new List<Statement>();
foreach (Statement ss in mc.Body) {
- ResolveStatement(ss, bodyIsSpecOnly, codeContext);
+ Statement clone = cloner.CloneStmt(ss);
+ // resolve it again since we just cloned it.
+ ResolveStatement(clone, bodyIsSpecOnly, codeContext);
+ list.Add(clone);
+ }
+ mc.UpdateBody(list);
+ }
+
+ scope.PopMarker();
+ }
+ if (dtd != null && memberNamesUsed.Count != dtd.Ctors.Count) {
+ // We could complain about the syntactic omission of constructors:
+ // Error(stmt, "match statement does not cover all constructors");
+ // but instead we let the verifier do a semantic check.
+ // So, for now, record the missing constructors:
+ foreach (var ctr in dtd.Ctors) {
+ if (!memberNamesUsed.Contains(ctr.Name)) {
+ s.MissingCases.Add(ctr);
+ }
+ }
+ Contract.Assert(memberNamesUsed.Count + s.MissingCases.Count == dtd.Ctors.Count);
+ }
+ if (!s.IsGhost) {
+ s.IsGhost = s.Cases.All(cs => cs.Body.All(ss => ss.IsGhost));
+ }
+ }
+
+ /*
+ * Convert
+ * match (x, y)
+ * case (Zero, _) => Zero
+ * case (Suc(_), Zero) => x
+ * case (Suc(a), Suc(b)) => minus(a, b)
+ * To:
+ * match x
+ * case Zero => match y
+ * case _ => zero
+ * case Suc(_) => match y
+ * case Zero => x
+ * case Suc(a) => match y
+ * case (b) => minus(a,b)
+ */
+ void DesugarMatchStmtWithTupleExpression(MatchStmt me) {
+ // (x, y) is treated as a 2-tuple constructor
+ if (me.Source is DatatypeValue) {
+ var e = (DatatypeValue)me.Source;
+ Contract.Assert(e.Arguments.Count >= 1);
+ Expression source = e.Arguments[0];
+ List<MatchCaseStmt> cases = new List<MatchCaseStmt>();
+ foreach (MatchCaseStmt mc in me.Cases) {
+ Contract.Assert(mc.CasePatterns != null);
+ Contract.Assert(mc.CasePatterns.Count == e.Arguments.Count);
+ CasePattern cp = mc.CasePatterns[0];
+ List<CasePattern> patterns;
+ if (cp.Arguments != null) {
+ patterns = cp.Arguments;
+ } else {
+ patterns = new List<CasePattern>();
+ }
+
+ List<Statement> body = mc.Body;
+ for (int i = e.Arguments.Count; 1 <= --i; ) {
+ // others go into the body
+ body = CreateMatchCaseStmtBody(mc.tok, e.Arguments[i], mc.CasePatterns[i], body);
+ }
+ cases.Add(new MatchCaseStmt(cp.tok, cp.Id, patterns, body));
+ }
+ me.UpdateSource(source);
+ me.UpdateCases(cases);
+ }
+ }
+
+ List<Statement> CreateMatchCaseStmtBody(Boogie.IToken tok, Expression source, CasePattern cp, List<Statement> body) {
+ List<MatchCaseStmt> cases = new List<MatchCaseStmt>();
+ List<CasePattern> patterns;
+ if (cp.Var != null) {
+ var bv = cp.Var;
+ if (LocalVariable.HasWildcardName(bv)) {
+ return body;
+ } else {
+ patterns = new List<CasePattern>();
+ }
+ } else {
+ patterns = cp.Arguments;
+ }
+ cases.Add(new MatchCaseStmt(cp.tok, cp.Id, patterns, body));
+ List<Statement> list = new List<Statement>();
+ // endTok??
+ list.Add(new MatchStmt(tok, tok, source, cases, false));
+ return list;
+ }
+
+
+ /*
+ * Convert
+ * match xs
+ * case Cons(y, Cons(z, zs)) => last(Cons(z, zs))
+ * case Cons(y, Nil) => y
+ * To
+ * match xs
+ * case Cons(y, ys) => match ys
+ * case Nil => y
+ * case Cons(z, zs) => last(ys)
+ */
+ void DesugarMatchCaseStmt(MatchStmt s, DatatypeDecl dtd, BoundVar sourceVar, List<CasePattern> patterns) {
+ Contract.Assert(dtd != null);
+ Dictionary<string, DatatypeCtor> ctors = datatypeCtors[dtd];
+ foreach (MatchCaseStmt mc in s.Cases) {
+ if (mc.Arguments != null) {
+ // already desugared. This happens during the second pass resolver after cloning.
+ Contract.Assert(mc.CasePatterns == null);
+ return;
+ }
+
+ Contract.Assert(mc.Arguments == null);
+ Contract.Assert(mc.CasePatterns != null);
+ DatatypeCtor ctor = null;
+ if (ctors != null) {
+ if (!ctors.TryGetValue(mc.Id, out ctor)) {
+ Error(mc.tok, "member {0} does not exist in datatype {1}", mc.Id, dtd.Name);
+ } else {
+ Contract.Assert(ctor != null); // follows from postcondition of TryGetValue
+ mc.Ctor = ctor;
+ if (ctor.Formals.Count != mc.CasePatterns.Count) {
+ Error(mc.tok, "member {0} has wrong number of formals (found {1}, expected {2})", mc.Id, mc.Arguments.Count, ctor.Formals.Count);
+ }
}
- scope.PopMarker();
}
- if (dtd != null && memberNamesUsed.Count != dtd.Ctors.Count) {
- // We could complain about the syntactic omission of constructors:
- // Error(stmt, "match statement does not cover all constructors");
- // but instead we let the verifier do a semantic check.
- // So, for now, record the missing constructors:
- foreach (var ctr in dtd.Ctors) {
- if (!memberNamesUsed.Contains(ctr.Name)) {
- s.MissingCases.Add(ctr);
+ scope.PushMarker();
+ List<BoundVar> arguments = new List<BoundVar>();
+ foreach (CasePattern pat in mc.CasePatterns) {
+ // Find the constructor in the given datatype
+ // If what was parsed was just an identifier, we will interpret it as a datatype constructor, if possible
+ ctor = null;
+ if (pat.Var == null || (pat.Var != null && pat.Var.Type is TypeProxy && dtd != null)) {
+ if (datatypeCtors[dtd].TryGetValue(pat.Id, out ctor)) {
+ pat.Ctor = ctor;
+ pat.Var = null;
+ }
+ }
+ if (pat.Var != null) {
+ BoundVar v = pat.Var;
+ arguments.Add(v);
+ if (!scope.Push(v.Name, v)) {
+ Error(v, "Duplicate name: {0}", v.Name);
}
+ } else {
+ DesugarMatchCasePattern(mc, pat, sourceVar);
+ patterns.Add(pat);
+ arguments.Add(sourceVar);
}
- Contract.Assert(memberNamesUsed.Count + s.MissingCases.Count == dtd.Ctors.Count);
}
- if (!s.IsGhost) {
- s.IsGhost = s.Cases.All(cs => cs.Body.All(ss => ss.IsGhost));
+ mc.Arguments = arguments;
+ mc.CasePatterns = null;
+ scope.PopMarker();
+ }
+
+ List<MatchCaseStmt> newCases = new List<MatchCaseStmt>();
+
+ // need to consolidate the cases.
+ // Convert
+ // match xs
+ // case Cons(y, #mc#0) => match #mc#0
+ // case Cons((z, zs) => body
+ // case Cons(y, #mc#0) => match #mc#0
+ // case Nil => y
+ // into
+ // match xs
+ // case Cons(y, #mc#0) => match #mc#0
+ // case Cons((z, zs) => body
+ // case Nil => y
+ bool thingsChanged = false;
+ Dictionary<string, MatchCaseStmt> caseMap = new Dictionary<string, MatchCaseStmt>();
+ List<MatchCaseStmt> mcWithWildCard = new List<MatchCaseStmt>();
+ foreach (MatchCaseStmt mc in s.Cases) {
+ // check each CasePattern to see if it has wildcard.
+ if (CaseExprHasWildCard(mc)) {
+ mcWithWildCard.Add(mc);
+ } else {
+ thingsChanged |= CombineMatchCaseStmt(mc, newCases, caseMap);
}
+ }
- } else if (stmt is SkeletonStatement) {
- var s = (SkeletonStatement)stmt;
- Error(s.Tok, "skeleton statements are allowed only in refining methods");
- // nevertheless, resolve the underlying statement; hey, why not
- if (s.S != null) {
- ResolveStatement(s.S, specContextOnly, codeContext);
+ foreach (MatchCaseStmt mc in mcWithWildCard) {
+ // now process with cases with wildcard
+ thingsChanged |= CombineMatchCaseStmt(mc, newCases, caseMap);
+ }
+
+ if (thingsChanged) {
+ s.UpdateCases(newCases);
+ }
+ }
+
+ void DesugarMatchCasePattern(MatchCaseStmt mc, CasePattern pat, BoundVar v) {
+ // convert
+ // case Cons(y, Cons(z, zs)) => body
+ // to
+ // case Cons(y, #mc#) => match #mc#
+ // case Cons(z, zs) => body
+
+ Expression source = new NameSegment(pat.tok, v.Name, null);
+ List<MatchCaseStmt> cases = new List<MatchCaseStmt>();
+ cases.Add(new MatchCaseStmt(pat.tok, pat.Id, pat.Arguments == null ? new List<CasePattern>() : pat.Arguments, mc.Body));
+ List<Statement> list = new List<Statement>();
+ // endTok??
+ list.Add(new MatchStmt(pat.tok, pat.tok, source, cases, false));
+ mc.UpdateBody(list);
+ }
+
+ bool CombineMatchCaseStmt(MatchCaseStmt mc, List<MatchCaseStmt> newCases, Dictionary<string, MatchCaseStmt> caseMap) {
+ bool thingsChanged = false;
+ MatchCaseStmt old_mc;
+ if (caseMap.TryGetValue(mc.Id, out old_mc)) {
+ // already has a case with the same ctor, try to consolidate the body.
+ List<Statement> oldBody = old_mc.Body;
+ List<Statement> body = mc.Body;
+ if ((oldBody.Count == 1) && (oldBody[0] is MatchStmt)
+ && (body.Count == 1) && (body[0] is MatchStmt)) {
+ // both only have on statement and the statement is MatchStmt
+ MatchStmt old = (MatchStmt) oldBody[0];
+ MatchStmt current = (MatchStmt) body[0];
+ if (SameMatchCase(old_mc, mc)) {
+ foreach (MatchCaseStmt c in current.Cases) {
+ old.Cases.Add(c);
+ }
+ thingsChanged = true;
+ }
+ } else {
+ // duplicate cases, do nothing for now. The error will be reported during resolving
}
} else {
- Contract.Assert(false); throw new cce.UnreachableException();
+ // it is a new case.
+ newCases.Add(mc);
+ caseMap.Add(mc.Id, mc);
+ }
+ return thingsChanged;
+ }
+
+ bool SameMatchCase(MatchCaseStmt one, MatchCaseStmt other) {
+ // this method is called after all the CasePattern in the match cases are converted
+ // into BoundVars.
+ Contract.Assert(one.CasePatterns == null && one.Arguments != null);
+ Contract.Assert(other.CasePatterns == null && other.Arguments != null);
+ // In order to combine the two match cases, the bodies need to be a MatchExpr and
+ // the arguments and the source of the body are the same.
+ // We do string equals since they should be in the same scope.
+ if (one.Arguments.Count != other.Arguments.Count) {
+ return false;
+ }
+ List<Statement> body1 = one.Body;
+ List<Statement> body2 = other.Body;
+ if ((body1.Count != 1) || (body2.Count != 1)) {
+ return false;
+ }
+ if (!(body1[0] is MatchStmt) || !(body2[0] is MatchStmt)) {
+ return false;
+ }
+ var source1 = ((MatchStmt)body1[0]).Source;
+ var source2 = ((MatchStmt)body2[0]).Source;
+ if (!(source1 is NameSegment) || !(source2 is NameSegment)) {
+ return false;
}
+ if (!((NameSegment)source1).Name.Equals(((NameSegment)source2).Name)) {
+ return false;
+ }
+ for (int i = 0; i < one.Arguments.Count; i++) {
+ BoundVar bv1 = one.Arguments[i];
+ BoundVar bv2 = other.Arguments[i];
+ if (!LocalVariable.HasWildcardName(bv1) && !LocalVariable.HasWildcardName(bv2) &&
+ !bv1.Name.Equals(bv2.Name)) {
+ return false;
+ }
+ }
+ return true;
}
void FillInDefaultLoopDecreases(LoopStmt loopStmt, Expression guard, List<Expression> theDecreases, ICallable enclosingMethod) {
@@ -7280,97 +7597,363 @@ namespace Microsoft.Dafny }
} else if (expr is MatchExpr) {
- var me = (MatchExpr)expr;
- ResolveExpression(me.Source, opts);
- Contract.Assert(me.Source.Type != null); // follows from postcondition of ResolveExpression
- UserDefinedType sourceType = null;
- DatatypeDecl dtd = null;
- if (me.Source.Type.IsDatatype) {
- sourceType = (UserDefinedType)me.Source.Type.NormalizeExpand();
- dtd = cce.NonNull((DatatypeDecl)sourceType.ResolvedClass);
- }
- var subst = new Dictionary<TypeParameter, Type>();
- Dictionary<string, DatatypeCtor> ctors;
- if (dtd == null) {
- Error(me.Source, "the type of the match source expression must be a datatype (instead found {0})", me.Source.Type);
- ctors = null;
- } else {
- Contract.Assert(sourceType != null); // dtd and sourceType are set together above
- ctors = datatypeCtors[dtd];
- Contract.Assert(ctors != null); // dtd should have been inserted into datatypeCtors during a previous resolution stage
+ ResolveMatchExpr(expr, opts);
+ } else {
+ Contract.Assert(false); throw new cce.UnreachableException(); // unexpected expression
+ }
- // build the type-parameter substitution map for this use of the datatype
- for (int i = 0; i < dtd.TypeArgs.Count; i++) {
- subst.Add(dtd.TypeArgs[i], sourceType.TypeArgs[i]);
- }
+ if (expr.Type == null) {
+ // some resolution error occurred
+ expr.Type = new InferredTypeProxy();
+ }
+ }
+
+ void ResolveMatchExpr(Expression expr, ResolveOpts opts) {
+ var me = (MatchExpr)expr;
+ DesugarMatchExprWithTupleExpression(me);
+
+ ResolveExpression(me.Source, opts);
+ Contract.Assert(me.Source.Type != null); // follows from postcondition of ResolveExpression
+ UserDefinedType sourceType = null;
+ DatatypeDecl dtd = null;
+ if (me.Source.Type.IsDatatype) {
+ sourceType = (UserDefinedType)me.Source.Type.NormalizeExpand();
+ dtd = cce.NonNull((DatatypeDecl)sourceType.ResolvedClass);
+ }
+ var subst = new Dictionary<TypeParameter, Type>();
+ Dictionary<string, DatatypeCtor> ctors;
+ if (dtd == null) {
+ Error(me.Source, "the type of the match source expression must be a datatype (instead found {0})", me.Source.Type);
+ ctors = null;
+ } else {
+ Contract.Assert(sourceType != null); // dtd and sourceType are set together above
+ ctors = datatypeCtors[dtd];
+ Contract.Assert(ctors != null); // dtd should have been inserted into datatypeCtors during a previous resolution stage
+
+ // build the type-parameter substitution map for this use of the datatype
+ for (int i = 0; i < dtd.TypeArgs.Count; i++) {
+ subst.Add(dtd.TypeArgs[i], sourceType.TypeArgs[i]);
}
+ }
- ISet<string> memberNamesUsed = new HashSet<string>();
- expr.Type = new InferredTypeProxy();
- foreach (MatchCaseExpr mc in me.Cases) {
- DatatypeCtor ctor = null;
- if (ctors != null) {
- Contract.Assert(dtd != null);
- if (!ctors.TryGetValue(mc.Id, out ctor)) {
- Error(mc.tok, "member {0} does not exist in datatype {1}", mc.Id, dtd.Name);
+ // convert CasePattern in MatchCaseExpr to BoundVar and flatten the MatchCaseExpr.
+ Type type = new InferredTypeProxy();
+ string name = FreshTempVarName("_mc#", opts.codeContext);
+ BoundVar bv = new BoundVar(me.tok, name, type);
+ List<CasePattern> patternSubst = new List<CasePattern>();
+ DesugarMatchCaseExpr(me, dtd, bv, patternSubst);
+
+ ISet<string> memberNamesUsed = new HashSet<string>();
+ expr.Type = new InferredTypeProxy();
+ foreach (MatchCaseExpr mc in me.Cases) {
+ DatatypeCtor ctor = null;
+ if (ctors != null) {
+ Contract.Assert(dtd != null);
+ if (!ctors.TryGetValue(mc.Id, out ctor)) {
+ Error(mc.tok, "member {0} does not exist in datatype {1}", mc.Id, dtd.Name);
+ } else {
+ Contract.Assert(ctor != null); // follows from postcondition of TryGetValue
+ mc.Ctor = ctor;
+ if (ctor.Formals.Count != mc.Arguments.Count) {
+ Error(mc.tok, "member {0} has wrong number of formals (found {1}, expected {2})", mc.Id, mc.Arguments.Count, ctor.Formals.Count);
+ }
+ if (memberNamesUsed.Contains(mc.Id)) {
+ Error(mc.tok, "member {0} appears in more than one case", mc.Id);
} else {
- Contract.Assert(ctor != null); // follows from postcondition of TryGetValue
- mc.Ctor = ctor;
- if (ctor.Formals.Count != mc.Arguments.Count) {
- Error(mc.tok, "member {0} has wrong number of formals (found {1}, expected {2})", mc.Id, mc.Arguments.Count, ctor.Formals.Count);
- }
- if (memberNamesUsed.Contains(mc.Id)) {
- Error(mc.tok, "member {0} appears in more than one case", mc.Id);
- } else {
- memberNamesUsed.Add(mc.Id); // add mc.Id to the set of names used
- }
+ memberNamesUsed.Add(mc.Id); // add mc.Id to the set of names used
}
}
- scope.PushMarker();
- int i = 0;
- foreach (BoundVar v in mc.Arguments) {
- if (!scope.Push(v.Name, v)) {
- Error(v, "Duplicate parameter name: {0}", v.Name);
- }
- ResolveType(v.tok, v.Type, opts.codeContext, ResolveTypeOptionEnum.InferTypeProxies, null);
- if (ctor != null && i < ctor.Formals.Count) {
- Formal formal = ctor.Formals[i];
- Type st = SubstType(formal.Type, subst);
- if (!UnifyTypes(v.Type, st)) {
- Error(expr, "the declared type of the formal ({0}) does not agree with the corresponding type in the constructor's signature ({1})", v.Type, st);
- }
- v.IsGhost = formal.IsGhost;
+ }
+ scope.PushMarker();
+ int i = 0;
+ foreach (BoundVar v in mc.Arguments) {
+ if (!scope.Push(v.Name, v)) {
+ Error(v, "Duplicate parameter name: {0}", v.Name);
+ }
+ ResolveType(v.tok, v.Type, opts.codeContext, ResolveTypeOptionEnum.InferTypeProxies, null);
+ if (ctor != null && i < ctor.Formals.Count) {
+ Formal formal = ctor.Formals[i];
+ Type st = SubstType(formal.Type, subst);
+ if (!UnifyTypes(v.Type, st)) {
+ Error(expr, "the declared type of the formal ({0}) does not agree with the corresponding type in the constructor's signature ({1})", v.Type, st);
}
- i++;
+ v.IsGhost = formal.IsGhost;
}
+ i++;
+ }
+ ResolveExpression(mc.Body, opts);
+ // substitute body to replace the case pat with v. This needs to happen
+ // after the body is resolved so we can scope the bv correctly.
+ if (patternSubst.Count > 0) {
+ MatchCaseExprSubstituteCloner cloner = new MatchCaseExprSubstituteCloner(patternSubst, bv);
+ mc.UpdateBody(cloner.CloneExpr(mc.Body));
+ // resolve it again since we just cloned it.
ResolveExpression(mc.Body, opts);
- Contract.Assert(mc.Body.Type != null); // follows from postcondition of ResolveExpression
- if (!UnifyTypes(expr.Type, mc.Body.Type)) {
- Error(mc.Body.tok, "type of case bodies do not agree (found {0}, previous types {1})", mc.Body.Type, expr.Type);
+ }
+
+ Contract.Assert(mc.Body.Type != null); // follows from postcondition of ResolveExpression
+ if (!UnifyTypes(expr.Type, mc.Body.Type)) {
+ Error(mc.Body.tok, "type of case bodies do not agree (found {0}, previous types {1})", mc.Body.Type, expr.Type);
+ }
+ scope.PopMarker();
+ }
+ if (dtd != null && memberNamesUsed.Count != dtd.Ctors.Count) {
+ // We could complain about the syntactic omission of constructors:
+ // Error(expr, "match expression does not cover all constructors");
+ // but instead we let the verifier do a semantic check.
+ // So, for now, record the missing constructors:
+ foreach (var ctr in dtd.Ctors) {
+ if (!memberNamesUsed.Contains(ctr.Name)) {
+ me.MissingCases.Add(ctr);
+ }
+ }
+ Contract.Assert(memberNamesUsed.Count + me.MissingCases.Count == dtd.Ctors.Count);
+ }
+ }
+
+ /*
+ * Convert
+ * match (x, y)
+ * case (Zero, _) => Zero
+ * case (Suc(_), Zero) => x
+ * case (Suc(a), Suc(b)) => minus(a, b)
+ * To:
+ * match x
+ * case Zero => match y
+ * case _ => zero
+ * case Suc(_) => match y
+ * case Zero => x
+ * case Suc(a) => match y
+ * case (b) => minus(a,b)
+ */
+ private void DesugarMatchExprWithTupleExpression(MatchExpr me) {
+ // (x, y) is treated as a 2-tuple constructor
+ if (me.Source is DatatypeValue) {
+ var e = (DatatypeValue)me.Source;
+ Contract.Assert(e.Arguments.Count >= 1);
+ Expression source = e.Arguments[0];
+ List<MatchCaseExpr> cases = new List<MatchCaseExpr>();
+ foreach (MatchCaseExpr mc in me.Cases) {
+ Contract.Assert(mc.CasePatterns != null);
+ Contract.Assert(mc.CasePatterns.Count == e.Arguments.Count);
+ CasePattern cp = mc.CasePatterns[0];
+ List<CasePattern> patterns;
+ if (cp.Arguments != null) {
+ patterns = cp.Arguments;
+ } else {
+ patterns = new List<CasePattern>();
+ }
+
+ Expression body = mc.Body;
+ for (int i = e.Arguments.Count; 1 <= --i; ) {
+ // others go into the body
+ body = CreateMatchCaseExprBody(mc.tok, e.Arguments[i], mc.CasePatterns[i], body);
}
- scope.PopMarker();
+ cases.Add(new MatchCaseExpr(cp.tok, cp.Id, patterns, body));
}
- if (dtd != null && memberNamesUsed.Count != dtd.Ctors.Count) {
- // We could complain about the syntactic omission of constructors:
- // Error(expr, "match expression does not cover all constructors");
- // but instead we let the verifier do a semantic check.
- // So, for now, record the missing constructors:
- foreach (var ctr in dtd.Ctors) {
- if (!memberNamesUsed.Contains(ctr.Name)) {
- me.MissingCases.Add(ctr);
+ me.UpdateSource(source);
+ me.UpdateCases(cases);
+ }
+ }
+
+ Expression CreateMatchCaseExprBody(Boogie.IToken tok, Expression source, CasePattern cp, Expression body) {
+ List<MatchCaseExpr> cases = new List<MatchCaseExpr>();
+ List<CasePattern> patterns;
+ if (cp.Var != null) {
+ var bv = cp.Var;
+ if (LocalVariable.HasWildcardName(bv)) {
+ return body;
+ } else {
+ patterns = new List<CasePattern>();
+ }
+ } else {
+ patterns = cp.Arguments;
+ }
+ cases.Add(new MatchCaseExpr(cp.tok, cp.Id, patterns, body));
+ return new MatchExpr(tok, source, cases, false);
+ }
+
+ /*
+ * Convert
+ * match xs
+ * case Cons(y, Cons(z, zs)) => last(Cons(z, zs))
+ * case Cons(y, Nil) => y
+ * To
+ * match xs
+ * case Cons(y, ys) => match ys
+ * case Nil => y
+ * case Cons(z, zs) => last(ys)
+ * */
+ void DesugarMatchCaseExpr(MatchExpr me, DatatypeDecl dtd, BoundVar sourceVar, List<CasePattern> patterns) {
+ Contract.Assert(dtd != null);
+ Dictionary<string, DatatypeCtor> ctors = datatypeCtors[dtd];
+ foreach (MatchCaseExpr mc in me.Cases) {
+ if (mc.Arguments != null) {
+ // already desugared. This happens during the second pass resolver after cloning.
+ Contract.Assert(mc.CasePatterns == null);
+ return;
+ }
+
+ Contract.Assert(mc.Arguments == null);
+ Contract.Assert(mc.CasePatterns != null);
+ DatatypeCtor ctor = null;
+ if (ctors != null) {
+ if (!ctors.TryGetValue(mc.Id, out ctor)) {
+ Error(mc.tok, "member {0} does not exist in datatype {1}", mc.Id, dtd.Name);
+ } else {
+ Contract.Assert(ctor != null); // follows from postcondition of TryGetValue
+ mc.Ctor = ctor;
+ if (ctor.Formals.Count != mc.CasePatterns.Count) {
+ Error(mc.tok, "member {0} has wrong number of formals (found {1}, expected {2})", mc.Id, mc.CasePatterns.Count, ctor.Formals.Count);
}
}
- Contract.Assert(memberNamesUsed.Count + me.MissingCases.Count == dtd.Ctors.Count);
+ }
+ scope.PushMarker();
+ List<BoundVar> arguments = new List<BoundVar>();
+ foreach (CasePattern pat in mc.CasePatterns) {
+ // Find the constructor in the given datatype
+ // If what was parsed was just an identifier, we will interpret it as a datatype constructor, if possible
+ ctor = null;
+ if (pat.Var == null || (pat.Var != null && pat.Var.Type is TypeProxy && dtd != null)) {
+ if (datatypeCtors[dtd].TryGetValue(pat.Id, out ctor)) {
+ pat.Ctor = ctor;
+ pat.Var = null;
+ }
+ }
+ if (pat.Var != null) {
+ BoundVar v = pat.Var;
+ arguments.Add(v);
+ if (!scope.Push(v.Name, v)) {
+ Error(v, "Duplicate name: {0}", v.Name);
+ }
+ } else {
+ DesugarMatchCasePattern(mc, pat, sourceVar);
+ patterns.Add(pat);
+ arguments.Add(sourceVar);
+ }
}
- } else {
- Contract.Assert(false); throw new cce.UnreachableException(); // unexpected expression
+ mc.Arguments = arguments;
+ mc.CasePatterns = null;
+ scope.PopMarker();
}
- if (expr.Type == null) {
- // some resolution error occurred
- expr.Type = new InferredTypeProxy();
+ List<MatchCaseExpr> newCases = new List<MatchCaseExpr>();
+
+ // need to consolidate the cases.
+ // Convert
+ // match xs
+ // case Cons(y, #mc#0) => match #mc#0
+ // case Cons((z, zs) => body
+ // case Cons(y, #mc#0) => match #mc#0
+ // case Nil => y
+ // into
+ // match xs
+ // case Cons(y, #mc#0) => match #mc#0
+ // case Cons((z, zs) => body
+ // case Nil => y
+ bool thingsChanged = false;
+ Dictionary<string, MatchCaseExpr> caseMap = new Dictionary<string, MatchCaseExpr>();
+ List<MatchCaseExpr> mcWithWildCard = new List<MatchCaseExpr>();
+ foreach (MatchCaseExpr mc in me.Cases) {
+ // check each CasePattern to see if it has wildcard.
+ if (CaseExprHasWildCard(mc)) {
+ mcWithWildCard.Add(mc);
+ } else {
+ thingsChanged |= CombineMatchCaseExpr(mc, newCases, caseMap);
+ }
+ }
+
+ foreach (MatchCaseExpr mc in mcWithWildCard) {
+ // now process with cases with wildcard
+ thingsChanged |= CombineMatchCaseExpr(mc, newCases, caseMap);
+ }
+
+ if (thingsChanged) {
+ me.UpdateCases(newCases);
+ }
+ }
+
+ void DesugarMatchCasePattern(MatchCaseExpr mc, CasePattern pat, BoundVar v) {
+ // convert
+ // case Cons(y, Cons(z, zs)) => body
+ // to
+ // case Cons(y, #mc#) => match #mc#
+ // case Cons(z, zs) => body
+
+ Expression source = new NameSegment(pat.tok, v.Name, null);
+ List<MatchCaseExpr> cases = new List<MatchCaseExpr>();
+ cases.Add(new MatchCaseExpr(pat.tok, pat.Id, pat.Arguments == null ? new List<CasePattern>() : pat.Arguments, mc.Body));
+ MatchExpr e = new MatchExpr(pat.tok, source, cases, false);
+ mc.UpdateBody(e);
+ }
+
+
+ bool CaseExprHasWildCard(MatchCase mc) {
+ foreach (BoundVar bv in mc.Arguments) {
+ if (LocalVariable.HasWildcardName(bv)) {
+ return true;
+ }
}
+ return false;
+ }
+
+ bool CombineMatchCaseExpr(MatchCaseExpr mc, List<MatchCaseExpr> newCases, Dictionary<string, MatchCaseExpr> caseMap) {
+ bool thingsChanged = false;
+ MatchCaseExpr old_mc;
+ if (caseMap.TryGetValue(mc.Id, out old_mc)) {
+ // already has a case with the same ctor, try to consolidate the body.
+ Expression oldBody = old_mc.Body;
+ Expression body = mc.Body;
+ if (SameMatchCase(old_mc, mc)) {
+ MatchExpr old = (MatchExpr)oldBody;
+ MatchExpr current = (MatchExpr)body;
+ foreach (MatchCaseExpr c in current.Cases) {
+ old.Cases.Add(c);
+ }
+ thingsChanged = true;
+ } else {
+ // duplicate cases, do nothing for now. The error will be reported during resolving
+ }
+ } else {
+ // it is a new case.
+ newCases.Add(mc);
+ caseMap.Add(mc.Id, mc);
+ }
+ return thingsChanged;
+ }
+
+ bool SameMatchCase(MatchCaseExpr one, MatchCaseExpr other) {
+ // this method is called after all the CasePattern in the match cases are converted
+ // into BoundVars.
+ Contract.Assert(one.CasePatterns == null && one.Arguments != null);
+ Contract.Assert(other.CasePatterns == null && other.Arguments != null);
+ // In order to combine the two match cases, the bodies need to be a MatchExpr and
+ // the arguments and the source of the body are the same.
+ // We do string equals since they should be in the same scope.
+ if (one.Arguments.Count != other.Arguments.Count) {
+ return false;
+ }
+ if (!(one.Body is MatchExpr) || !(other.Body is MatchExpr)) {
+ return false;
+ }
+ var source1 = ((MatchExpr)one.Body).Source;
+ var source2 = ((MatchExpr)other.Body).Source;
+ if (!(source1 is NameSegment) || !(source2 is NameSegment)) {
+ return false;
+ }
+ if (!((NameSegment)source1).Name.Equals(((NameSegment)source2).Name)) {
+ return false;
+ }
+ for (int i = 0; i < one.Arguments.Count; i++) {
+ BoundVar bv1 = one.Arguments[i];
+ BoundVar bv2 = other.Arguments[i];
+ if (!LocalVariable.HasWildcardName(bv1) && !LocalVariable.HasWildcardName(bv2) &&
+ !bv1.Name.Equals(bv2.Name)) {
+ return false;
+ }
+ }
+ return true;
}
void ResolveCasePattern(CasePattern pat, Type sourceType, ICodeContext context) {
@@ -7419,13 +8002,15 @@ namespace Microsoft.Dafny }
// recursively call ResolveCasePattern on each of the arguments
var j = 0;
- foreach (var arg in pat.Arguments) {
- if (j < ctor.Formals.Count) {
- var formal = ctor.Formals[j];
- Type st = SubstType(formal.Type, subst);
- ResolveCasePattern(arg, st, context);
+ if (pat.Arguments != null) {
+ foreach (var arg in pat.Arguments) {
+ if (j < ctor.Formals.Count) {
+ var formal = ctor.Formals[j];
+ Type st = SubstType(formal.Type, subst);
+ ResolveCasePattern(arg, st, context);
+ }
+ j++;
}
- j++;
}
if (j == ctor.Formals.Count) {
pat.AssembleExpr(udt.TypeArgs);
@@ -8156,8 +8741,8 @@ namespace Microsoft.Dafny }
rr.Type = SubstType(callee.ResultType, rr.TypeArgumentSubstitutions);
// further bookkeeping
- if (callee is CoPredicate) {
- ((CoPredicate)callee).Uses.Add(rr);
+ if (callee is FixpointPredicate) {
+ ((FixpointPredicate)callee).Uses.Add(rr);
}
AddCallGraphEdge(opts.codeContext, callee, rr);
r = rr;
@@ -8406,8 +8991,8 @@ namespace Microsoft.Dafny } else {
Function function = (Function)member;
e.Function = function;
- if (function is CoPredicate) {
- ((CoPredicate)function).Uses.Add(e);
+ if (function is FixpointPredicate) {
+ ((FixpointPredicate)function).Uses.Add(e);
}
if (e.Receiver is StaticReceiverExpr && !function.IsStatic) {
Error(e, "an instance function must be selected via an object, not just a class name");
@@ -8965,8 +9550,10 @@ namespace Microsoft.Dafny var s = FreeVariables(e.Source);
foreach (MatchCaseExpr mc in e.Cases) {
var t = FreeVariables(mc.Body);
- foreach (var bv in mc.Arguments) {
- t.Remove(bv);
+ foreach (var cp in mc.CasePatterns) {
+ foreach (var bv in cp.Vars) {
+ t.Remove(bv);
+ }
}
s.UnionWith(t);
}
@@ -9345,65 +9932,66 @@ namespace Microsoft.Dafny } else {
Contract.Assert(false); throw new cce.UnreachableException(); // unexpected expression
}
-}
+ }
/// <summary>
- /// This method adds to "coConclusions" all copredicate calls and codatatype equalities that occur
- /// in positive positions and not under existential quantification. If "expr" is the postcondition
- /// of a colemma, then the "coConclusions" are the subexpressions that need to be replaced in order
- /// to create the postcondition of the corresponding prefix lemma.
+ /// This method adds to "friendlyCalls" all
+ /// inductive calls if !co
+ /// copredicate calls and codatatype equalities if co
+ /// that occur in positive positions and not under
+ /// universal quantification if !co
+ /// existential quantification. if co
+ /// If "expr" is the
+ /// precondition of an inductive lemma if !co
+ /// postcondition of a colemma, if co
+ /// then the "friendlyCalls" are the subexpressions that need to be replaced in order
+ /// to create the
+ /// precondition if !co
+ /// postcondition if co
+ /// of the corresponding prefix lemma.
/// </summary>
- void CheckCoLemmaConclusions(Expression expr, bool position, ISet<Expression> coConclusions) {
+ void CollectFriendlyCallsInFixpointLemmaSpecification(Expression expr, bool position, ISet<Expression> friendlyCalls, bool co) {
Contract.Requires(expr != null);
- if (expr is ConcreteSyntaxExpression) {
- var e = (ConcreteSyntaxExpression)expr;
- CheckCoLemmaConclusions(e.ResolvedExpression, position, coConclusions);
-
- } else if (expr is LetExpr) {
- var e = (LetExpr)expr;
- // For simplicity, only look in the body of the let expression, that is, ignoring the RHS of the
- // binding and ignoring what that binding would expand to in the body.
- CheckCoLemmaConclusions(e.Body, position, coConclusions);
-
- } else if (expr is UnaryExpr) {
- var e = (UnaryOpExpr)expr;
- if (e.Op == UnaryOpExpr.Opcode.Not) {
- CheckCoLemmaConclusions(e.E, !position, coConclusions);
- }
+ Contract.Requires(friendlyCalls != null);
+ var visitor = new CollectFriendlyCallsInSpec_Visitor(this, friendlyCalls, co);
+ visitor.Visit(expr, position ? CallingPosition.Positive : CallingPosition.Negative);
+ }
- } else if (expr is BinaryExpr) {
- var bin = (BinaryExpr)expr;
- if (bin.ResolvedOp == BinaryExpr.ResolvedOpcode.And || bin.ResolvedOp == BinaryExpr.ResolvedOpcode.Or) {
- CheckCoLemmaConclusions(bin.E0, position, coConclusions);
- CheckCoLemmaConclusions(bin.E1, position, coConclusions);
- } else if (bin.ResolvedOp == BinaryExpr.ResolvedOpcode.Imp) {
- CheckCoLemmaConclusions(bin.E0, !position, coConclusions);
- CheckCoLemmaConclusions(bin.E1, position, coConclusions);
- } else if (position && bin.ResolvedOp == BinaryExpr.ResolvedOpcode.EqCommon && bin.E0.Type.IsCoDatatype) {
- coConclusions.Add(bin);
- } else if (!position && bin.ResolvedOp == BinaryExpr.ResolvedOpcode.NeqCommon && bin.E0.Type.IsCoDatatype) {
- coConclusions.Add(bin);
+ class CollectFriendlyCallsInSpec_Visitor : FindFriendlyCalls_Visitor
+ {
+ readonly ISet<Expression> friendlyCalls;
+ public CollectFriendlyCallsInSpec_Visitor(Resolver resolver, ISet<Expression> friendlyCalls, bool co)
+ : base(resolver, co)
+ {
+ Contract.Requires(resolver != null);
+ Contract.Requires(friendlyCalls != null);
+ this.friendlyCalls = friendlyCalls;
+ }
+ protected override bool VisitOneExpr(Expression expr, ref CallingPosition cp) {
+ if (cp == CallingPosition.Neither) {
+ // no friendly calls in "expr"
+ return false; // don't recurse into subexpressions
}
-
- } else if (expr is ITEExpr) {
- var ite = (ITEExpr)expr;
- CheckCoLemmaConclusions(ite.Thn, position, coConclusions);
- CheckCoLemmaConclusions(ite.Els, position, coConclusions);
-
- } else if (expr is StmtExpr) {
- var e = (StmtExpr)expr;
- CheckCoLemmaConclusions(e.E, position, coConclusions);
-
- } else if (expr is OldExpr) {
- var e = (OldExpr)expr;
- CheckCoLemmaConclusions(e.E, position, coConclusions);
-
- } else if (expr is FunctionCallExpr && position) {
- var fexp = (FunctionCallExpr)expr;
- if (fexp.Function is CoPredicate) {
- coConclusions.Add(fexp);
+ if (expr is FunctionCallExpr) {
+ if (cp == CallingPosition.Positive) {
+ var fexp = (FunctionCallExpr)expr;
+ if (IsCoContext ? fexp.Function is CoPredicate : fexp.Function is InductivePredicate) {
+ friendlyCalls.Add(fexp);
+ }
+ }
+ return false; // don't explore subexpressions any further
+ } else if (expr is BinaryExpr && IsCoContext) {
+ var bin = (BinaryExpr)expr;
+ if (cp == CallingPosition.Positive && bin.ResolvedOp == BinaryExpr.ResolvedOpcode.EqCommon && bin.E0.Type.IsCoDatatype) {
+ friendlyCalls.Add(bin);
+ return false; // don't explore subexpressions any further
+ } else if (cp == CallingPosition.Negative && bin.ResolvedOp == BinaryExpr.ResolvedOpcode.NeqCommon && bin.E0.Type.IsCoDatatype) {
+ friendlyCalls.Add(bin);
+ return false; // don't explore subexpressions any further
+ }
}
+ return base.VisitOneExpr(expr, ref cp);
}
}
}
diff --git a/Source/Dafny/Rewriter.cs b/Source/Dafny/Rewriter.cs index 72649b5f..1361ad85 100644 --- a/Source/Dafny/Rewriter.cs +++ b/Source/Dafny/Rewriter.cs @@ -1118,6 +1118,58 @@ namespace Microsoft.Dafny }
}
+
+
+ class MatchCaseExprSubstituteCloner : Cloner
+ {
+ private List<CasePattern> patternSubst;
+ private BoundVar var;
+
+ // the cloner is called after resolving the body of matchexpr, trying
+ // to replace casepattern in the body that has been replaced by bv
+ public MatchCaseExprSubstituteCloner(List<CasePattern> subst, BoundVar var) {
+ this.patternSubst = subst;
+ this.var = var;
+ }
+
+ public override Expression CloneApplySuffix(ApplySuffix e) {
+ // if the ApplySuffix matches the CasePattern, then replace it with the BoundVar.
+ if (FindMatchingPattern(e)) {
+ return new NameSegment(e.tok, this.var.Name, null);
+ } else {
+ return new ApplySuffix(Tok(e.tok), CloneExpr(e.Lhs), e.Args.ConvertAll(CloneExpr));
+ }
+ }
+
+ private bool FindMatchingPattern(ApplySuffix e) {
+ Expression lhs = e.Lhs;
+ if (!(lhs is NameSegment)) {
+ return false;
+ }
+ string applyName = ((NameSegment)lhs).Name;
+ foreach (CasePattern cp in patternSubst) {
+ string ctorName = cp.Id;
+ if (!(applyName.Equals(ctorName)) || (e.Args.Count != cp.Arguments.Count)) {
+ continue;
+ }
+ bool found = true;
+ for (int i = 0; i < e.Args.Count; i++) {
+ var arg1 = e.Args[i];
+ var arg2 = cp.Arguments[i];
+ if (arg1.Resolved is IdentifierExpr) {
+ var bv1 = ((IdentifierExpr)arg1.Resolved).Var;
+ if (bv1 != arg2.Var) {
+ found = false;
+ }
+ }
+ }
+ if (found) {
+ return true;
+ }
+ }
+ return false;
+ }
+ }
}
diff --git a/Source/Dafny/Scanner.cs b/Source/Dafny/Scanner.cs index cbe8e6e5..3427477b 100644 --- a/Source/Dafny/Scanner.cs +++ b/Source/Dafny/Scanner.cs @@ -211,13 +211,13 @@ public class UTF8Buffer: Buffer { public class Scanner {
const char EOL = '\n';
const int eofSym = 0; /* pdt */
- const int maxT = 135;
- const int noSym = 135;
+ const int maxT = 136;
+ const int noSym = 136;
[ContractInvariantMethod]
void objectInvariant(){
- Contract.Invariant(this._buffer != null);
+ Contract.Invariant(buffer!=null);
Contract.Invariant(t != null);
Contract.Invariant(start != null);
Contract.Invariant(tokens != null);
@@ -227,18 +227,7 @@ public class Scanner { Contract.Invariant(errorHandler != null);
}
- private Buffer/*!*/ _buffer; // scanner buffer
-
- public Buffer/*!*/ buffer {
- get {
- Contract.Ensures(Contract.Result<Buffer>() != null);
- return this._buffer;
- }
- set {
- Contract.Requires(value != null);
- this._buffer = value;
- }
- }
+ public Buffer/*!*/ buffer; // scanner buffer
Token/*!*/ t; // current token
int ch; // current input character
@@ -318,7 +307,7 @@ public class Scanner { t = new Token(); // dummy because t is a non-null field
try {
Stream stream = new FileStream(fileName, FileMode.Open, FileAccess.Read, FileShare.Read);
- this._buffer = new Buffer(stream, false);
+ buffer = new Buffer(stream, false);
Filename = useBaseName? GetBaseName(fileName): fileName;
Init();
} catch (IOException) {
@@ -333,7 +322,7 @@ public class Scanner { Contract.Requires(fileName != null);
pt = tokens = new Token(); // first token is a dummy
t = new Token(); // dummy because t is a non-null field
- this._buffer = new Buffer(s, true);
+ buffer = new Buffer(s, true);
this.errorHandler = errorHandler;
this.Filename = useBaseName? GetBaseName(fileName) : fileName;
Init();
@@ -525,63 +514,64 @@ public class Scanner { case "else": t.kind = 33; break;
case "decreases": t.kind = 34; break;
case "invariant": t.kind = 35; break;
- case "modifies": t.kind = 36; break;
- case "reads": t.kind = 37; break;
- case "requires": t.kind = 38; break;
- case "include": t.kind = 53; break;
- case "abstract": t.kind = 54; break;
- case "module": t.kind = 55; break;
- case "refines": t.kind = 56; break;
- case "import": t.kind = 57; break;
- case "opened": t.kind = 58; break;
- case "as": t.kind = 60; break;
- case "default": t.kind = 61; break;
- case "class": t.kind = 62; break;
- case "extends": t.kind = 63; break;
- case "trait": t.kind = 64; break;
- case "ghost": t.kind = 65; break;
- case "static": t.kind = 66; break;
- case "protected": t.kind = 67; break;
- case "datatype": t.kind = 68; break;
- case "codatatype": t.kind = 69; break;
- case "var": t.kind = 70; break;
- case "newtype": t.kind = 71; break;
- case "type": t.kind = 72; break;
- case "iterator": t.kind = 73; break;
- case "yields": t.kind = 74; break;
- case "returns": t.kind = 75; break;
- case "method": t.kind = 76; break;
- case "lemma": t.kind = 77; break;
- case "colemma": t.kind = 78; break;
- case "comethod": t.kind = 79; break;
- case "constructor": t.kind = 80; break;
- case "free": t.kind = 81; break;
- case "ensures": t.kind = 82; break;
- case "yield": t.kind = 83; break;
- case "function": t.kind = 84; break;
- case "predicate": t.kind = 85; break;
- case "copredicate": t.kind = 86; break;
- case "label": t.kind = 88; break;
- case "break": t.kind = 89; break;
- case "where": t.kind = 90; break;
- case "return": t.kind = 92; break;
- case "new": t.kind = 94; break;
- case "if": t.kind = 95; break;
- case "while": t.kind = 96; break;
- case "match": t.kind = 97; break;
- case "assert": t.kind = 98; break;
- case "print": t.kind = 99; break;
- case "forall": t.kind = 100; break;
- case "parallel": t.kind = 101; break;
- case "modify": t.kind = 102; break;
- case "exists": t.kind = 121; break;
- case "in": t.kind = 123; break;
- case "false": t.kind = 128; break;
- case "true": t.kind = 129; break;
- case "null": t.kind = 130; break;
- case "this": t.kind = 131; break;
- case "fresh": t.kind = 132; break;
- case "old": t.kind = 133; break;
+ case "function": t.kind = 36; break;
+ case "predicate": t.kind = 37; break;
+ case "inductive": t.kind = 38; break;
+ case "lemma": t.kind = 39; break;
+ case "copredicate": t.kind = 40; break;
+ case "modifies": t.kind = 41; break;
+ case "reads": t.kind = 42; break;
+ case "requires": t.kind = 43; break;
+ case "include": t.kind = 58; break;
+ case "abstract": t.kind = 59; break;
+ case "module": t.kind = 60; break;
+ case "refines": t.kind = 61; break;
+ case "import": t.kind = 62; break;
+ case "opened": t.kind = 63; break;
+ case "as": t.kind = 65; break;
+ case "default": t.kind = 66; break;
+ case "class": t.kind = 67; break;
+ case "extends": t.kind = 68; break;
+ case "trait": t.kind = 69; break;
+ case "ghost": t.kind = 70; break;
+ case "static": t.kind = 71; break;
+ case "protected": t.kind = 72; break;
+ case "datatype": t.kind = 73; break;
+ case "codatatype": t.kind = 74; break;
+ case "var": t.kind = 75; break;
+ case "newtype": t.kind = 76; break;
+ case "type": t.kind = 77; break;
+ case "iterator": t.kind = 78; break;
+ case "yields": t.kind = 79; break;
+ case "returns": t.kind = 80; break;
+ case "method": t.kind = 81; break;
+ case "colemma": t.kind = 82; break;
+ case "comethod": t.kind = 83; break;
+ case "constructor": t.kind = 84; break;
+ case "free": t.kind = 85; break;
+ case "ensures": t.kind = 86; break;
+ case "yield": t.kind = 87; break;
+ case "label": t.kind = 89; break;
+ case "break": t.kind = 90; break;
+ case "where": t.kind = 91; break;
+ case "return": t.kind = 93; break;
+ case "new": t.kind = 95; break;
+ case "if": t.kind = 96; break;
+ case "while": t.kind = 97; break;
+ case "match": t.kind = 98; break;
+ case "assert": t.kind = 99; break;
+ case "print": t.kind = 100; break;
+ case "forall": t.kind = 101; break;
+ case "parallel": t.kind = 102; break;
+ case "modify": t.kind = 103; break;
+ case "exists": t.kind = 122; break;
+ case "in": t.kind = 124; break;
+ case "false": t.kind = 129; break;
+ case "true": t.kind = 130; break;
+ case "null": t.kind = 131; break;
+ case "this": t.kind = 132; break;
+ case "fresh": t.kind = 133; break;
+ case "old": t.kind = 134; break;
default: break;
}
}
@@ -724,23 +714,23 @@ public class Scanner { case 34:
{t.kind = 28; break;}
case 35:
- {t.kind = 39; break;}
+ {t.kind = 44; break;}
case 36:
- {t.kind = 40; break;}
+ {t.kind = 45; break;}
case 37:
- {t.kind = 41; break;}
+ {t.kind = 46; break;}
case 38:
- {t.kind = 42; break;}
+ {t.kind = 47; break;}
case 39:
- {t.kind = 43; break;}
+ {t.kind = 48; break;}
case 40:
- {t.kind = 44; break;}
+ {t.kind = 49; break;}
case 41:
- {t.kind = 48; break;}
+ {t.kind = 53; break;}
case 42:
- {t.kind = 49; break;}
+ {t.kind = 54; break;}
case 43:
- {t.kind = 50; break;}
+ {t.kind = 55; break;}
case 44:
if (ch == 'n') {AddCh(); goto case 45;}
else {goto case 0;}
@@ -751,9 +741,9 @@ public class Scanner { {
tlen -= apx;
SetScannerBehindT();
- t.kind = 51; break;}
+ t.kind = 56; break;}
case 47:
- {t.kind = 52; break;}
+ {t.kind = 57; break;}
case 48:
recEnd = pos; recKind = 2;
if (ch >= '0' && ch <= '9') {AddCh(); goto case 48;}
@@ -842,52 +832,52 @@ public class Scanner { else if (ch >= '0' && ch <= '9') {AddCh(); goto case 65;}
else {t.kind = 5; break;}
case 66:
- {t.kind = 87; break;}
+ {t.kind = 88; break;}
case 67:
- {t.kind = 91; break;}
+ {t.kind = 92; break;}
case 68:
- {t.kind = 93; break;}
+ {t.kind = 94; break;}
case 69:
- {t.kind = 103; break;}
+ {t.kind = 104; break;}
case 70:
- {t.kind = 105; break;}
- case 71:
{t.kind = 106; break;}
- case 72:
+ case 71:
{t.kind = 107; break;}
- case 73:
+ case 72:
{t.kind = 108; break;}
- case 74:
+ case 73:
{t.kind = 109; break;}
- case 75:
+ case 74:
{t.kind = 110; break;}
- case 76:
+ case 75:
{t.kind = 111; break;}
+ case 76:
+ {t.kind = 112; break;}
case 77:
- {t.kind = 113; break;}
+ {t.kind = 114; break;}
case 78:
if (ch == '&') {AddCh(); goto case 79;}
else {goto case 0;}
case 79:
- {t.kind = 114; break;}
- case 80:
{t.kind = 115; break;}
- case 81:
+ case 80:
{t.kind = 116; break;}
- case 82:
+ case 81:
{t.kind = 117; break;}
+ case 82:
+ {t.kind = 118; break;}
case 83:
- {t.kind = 119; break;}
- case 84:
{t.kind = 120; break;}
+ case 84:
+ {t.kind = 121; break;}
case 85:
- {t.kind = 122; break;}
+ {t.kind = 123; break;}
case 86:
- {t.kind = 124; break;}
+ {t.kind = 125; break;}
case 87:
- {t.kind = 126; break;}
- case 88:
{t.kind = 127; break;}
+ case 88:
+ {t.kind = 128; break;}
case 89:
recEnd = pos; recKind = 20;
if (ch == ':') {AddCh(); goto case 30;}
@@ -903,43 +893,43 @@ public class Scanner { if (ch == '.') {AddCh(); goto case 97;}
else {t.kind = 25; break;}
case 92:
- recEnd = pos; recKind = 59;
+ recEnd = pos; recKind = 64;
if (ch == '>') {AddCh(); goto case 33;}
else if (ch == '=') {AddCh(); goto case 98;}
- else {t.kind = 59; break;}
+ else {t.kind = 64; break;}
case 93:
- recEnd = pos; recKind = 125;
+ recEnd = pos; recKind = 126;
if (ch == '>') {AddCh(); goto case 34;}
- else {t.kind = 125; break;}
+ else {t.kind = 126; break;}
case 94:
- recEnd = pos; recKind = 45;
+ recEnd = pos; recKind = 50;
if (ch == '=') {AddCh(); goto case 99;}
- else {t.kind = 45; break;}
+ else {t.kind = 50; break;}
case 95:
- recEnd = pos; recKind = 46;
+ recEnd = pos; recKind = 51;
if (ch == '=') {AddCh(); goto case 70;}
- else {t.kind = 46; break;}
+ else {t.kind = 51; break;}
case 96:
- recEnd = pos; recKind = 118;
+ recEnd = pos; recKind = 119;
if (ch == '=') {AddCh(); goto case 41;}
else if (ch == 'i') {AddCh(); goto case 44;}
- else {t.kind = 118; break;}
+ else {t.kind = 119; break;}
case 97:
- recEnd = pos; recKind = 134;
+ recEnd = pos; recKind = 135;
if (ch == '.') {AddCh(); goto case 47;}
- else {t.kind = 134; break;}
+ else {t.kind = 135; break;}
case 98:
- recEnd = pos; recKind = 47;
+ recEnd = pos; recKind = 52;
if (ch == '>') {AddCh(); goto case 75;}
- else {t.kind = 47; break;}
+ else {t.kind = 52; break;}
case 99:
- recEnd = pos; recKind = 104;
+ recEnd = pos; recKind = 105;
if (ch == '=') {AddCh(); goto case 100;}
- else {t.kind = 104; break;}
+ else {t.kind = 105; break;}
case 100:
- recEnd = pos; recKind = 112;
+ recEnd = pos; recKind = 113;
if (ch == '>') {AddCh(); goto case 73;}
- else {t.kind = 112; break;}
+ else {t.kind = 113; break;}
}
t.val = new String(tval, 0, tlen);
diff --git a/Source/Dafny/Translator.cs b/Source/Dafny/Translator.cs index 856c46a8..7664118e 100644 --- a/Source/Dafny/Translator.cs +++ b/Source/Dafny/Translator.cs @@ -1385,10 +1385,10 @@ namespace Microsoft.Dafny { AddFunctionOverrideCheckImpl(f);
}
}
- var cop = f as CoPredicate;
+ var cop = f as FixpointPredicate;
if (cop != null) {
AddClassMember_Function(cop.PrefixPredicate);
- // skip the well-formedness check, because it has already been done for the copredicate
+ // skip the well-formedness check, because it has already been done for the fixpoint-predicate
}
} else if (member is Method) {
@@ -1413,10 +1413,10 @@ namespace Microsoft.Dafny { // the method spec itself
sink.AddTopLevelDeclaration(AddMethod(m, MethodTranslationKind.InterModuleCall));
sink.AddTopLevelDeclaration(AddMethod(m, MethodTranslationKind.IntraModuleCall));
- if (m is CoLemma) {
+ if (m is FixpointLemma) {
// Let the CoCall and Impl forms to use m.PrefixLemma signature and specification (and
// note that m.PrefixLemma.Body == m.Body.
- m = ((CoLemma)m).PrefixLemma;
+ m = ((FixpointLemma)m).PrefixLemma;
sink.AddTopLevelDeclaration(AddMethod(m, MethodTranslationKind.CoCall));
}
if (m.Body != null && !(m.tok is IncludeToken)) {
@@ -1475,9 +1475,9 @@ namespace Microsoft.Dafny { var b = FunctionAxiom(f, FunctionAxiomVisibility.ForeignModuleOnly, null, null);
Contract.Assert(b == null);
}
- // supply the connection between co-predicates and prefix predicates
- if (f is CoPredicate) {
- AddPrefixPredicateAxioms(((CoPredicate)f).PrefixPredicate);
+ // supply the connection between inductive/coinductive predicates and prefix predicates
+ if (f is FixpointPredicate) {
+ AddPrefixPredicateAxioms(((FixpointPredicate)f).PrefixPredicate);
}
Reset();
@@ -1875,7 +1875,7 @@ namespace Microsoft.Dafny { // TODO(namin) Is checking f.Reads.Count==0 excluding Valid() of BinaryTree in the right way?
// I don't see how this in the decreasing clause would help there.
// danr: Let's create the literal function axioms if there is an arrow type in the signature
- if (!(f is CoPredicate) && (f.Reads.Count == 0 || f.Formals.Exists(a => a.Type.IsArrowType))) {
+ if (!(f is FixpointPredicate) && (f.Reads.Count == 0 || f.Formals.Exists(a => a.Type.IsArrowType))) {
var FVs = new HashSet<IVariable>();
foreach (var e in f.Decreases.Expressions) {
ComputeFreeVariables(e, FVs);
@@ -2269,26 +2269,27 @@ namespace Microsoft.Dafny { }
/// <summary>
- /// For a copredicate P, "pp" is the prefix predicate for P (such that P = pp.Co) and
+ /// For a fixpoint-predicate P, "pp" is the prefix predicate for P (such that P = pp.FixpointPred) and
/// "body" is the body of P. Return what would be the body of the prefix predicate pp.
/// In particular, return
- /// 0 LESS _k IMPLIES body'
+ /// 0 LESS _k IMPLIES body' // for co-inductive predicates
+ /// 0 LESS _k AND body' // for inductive predicates
/// where body' is body with the formals of P replaced by the corresponding
- /// formals of pp and with corecursive calls P(s) replaced by recursive calls to
+ /// formals of pp and with self-calls P(s) replaced by recursive calls to
/// pp(_k - 1, s).
/// </summary>
Expression PrefixSubstitution(PrefixPredicate pp, Expression body) {
Contract.Requires(pp != null);
- var typeMap = Util.Dict<TypeParameter,Type>(pp.Co.TypeArgs, Map(pp.TypeArgs, x => new UserDefinedType(x)));
+ var typeMap = Util.Dict<TypeParameter,Type>(pp.FixpointPred.TypeArgs, Map(pp.TypeArgs, x => new UserDefinedType(x)));
var paramMap = new Dictionary<IVariable, Expression>();
- for (int i = 0; i < pp.Co.Formals.Count; i++) {
+ for (int i = 0; i < pp.FixpointPred.Formals.Count; i++) {
var replacement = pp.Formals[i + 1]; // the +1 is to skip pp's _k parameter
var param = new IdentifierExpr(replacement.tok, replacement.Name);
param.Var = replacement; // resolve here
param.Type = replacement.Type; // resolve here
- paramMap.Add(pp.Co.Formals[i], param);
+ paramMap.Add(pp.FixpointPred.Formals[i], param);
}
var k = new IdentifierExpr(pp.tok, pp.K.Name);
@@ -2296,12 +2297,17 @@ namespace Microsoft.Dafny { k.Type = pp.K.Type; // resolve here
var kMinusOne = Expression.CreateSubtract(k, Expression.CreateIntLiteral(pp.tok, 1));
- var s = new PrefixCallSubstituter(null, paramMap, typeMap, pp.Co, kMinusOne, this);
+ var s = new PrefixCallSubstituter(null, paramMap, typeMap, pp.FixpointPred, kMinusOne, this);
body = s.Substitute(body);
- // add antecedent "0 < _k ==>"
var kIsPositive = Expression.CreateLess(Expression.CreateIntLiteral(pp.tok, 0), k);
- return Expression.CreateImplies(kIsPositive, body);
+ if (pp.FixpointPred is CoPredicate) {
+ // add antecedent "0 < _k ==>"
+ return Expression.CreateImplies(kIsPositive, body);
+ } else {
+ // add initial conjunct "0 < _k &&"
+ return Expression.CreateAnd(kIsPositive, body);
+ }
}
void AddSynonymAxiom(Function f) {
@@ -2357,25 +2363,28 @@ namespace Microsoft.Dafny { }
/// <summary>
+ /// In the following,
+ /// if "pp" is a co-predicate, then QQQ and NNN and HHH stand for "forall" and "" and "==>, and
+ /// if "pp" is an inductive predicate, then QQQ and NNN and HHH stand for "exists" and "!" and "&&".
+ /// ========== For co-predicates:
/// Add the axioms:
- /// forall args :: P(args) ==> forall k: nat :: P#[k](args)
- /// forall args :: (forall k: nat :: P#[k](args)) ==> P(args)
- /// forall args,k :: k == 0 ==> P#[k](args)
+ /// forall args :: P(args) ==> QQQ k: nat :: P#[k](args)
+ /// forall args :: (QQQ k: nat :: P#[k](args)) ==> P(args)
+ /// forall args,k :: k == 0 ==> NNN P#[k](args)
/// where "args" is "heap, formals". In more details:
- /// AXIOM_ACTIVATION ==> forall args :: { P(args) } args-have-appropriate-values && P(args) ==> forall k { P#[k](args) } :: 0 ATMOST k ==> P#[k](args)
- /// AXIOM_ACTIVATION ==> forall args :: { P(args) } args-have-appropriate-values && (forall k :: 0 ATMOST k ==> P#[k](args)) ==> P(args)
- /// AXIOM_ACTIVATION ==> forall args,k :: args-have-appropriate-values && k == 0 ==> P#0#[k](args)
+ /// AXIOM_ACTIVATION ==> forall args :: { P(args) } args-have-appropriate-values && P(args) ==> QQQ k { P#[k](args) } :: 0 ATMOST k HHH P#[k](args)
+ /// AXIOM_ACTIVATION ==> forall args :: { P(args) } args-have-appropriate-values && (QQQ k :: 0 ATMOST k HHH P#[k](args)) ==> P(args)
+ /// AXIOM_ACTIVATION ==> forall args,k :: args-have-appropriate-values && k == 0 ==> NNN P#0#[k](args)
/// where
/// AXIOM_ACTIVATION
/// means:
/// mh LESS ModuleContextHeight ||
/// (mh == ModuleContextHeight && fh ATMOST FunctionContextHeight)
-
/// </summary>
void AddPrefixPredicateAxioms(PrefixPredicate pp) {
Contract.Requires(pp != null);
Contract.Requires(predef != null);
- var co = pp.Co;
+ var co = pp.FixpointPred;
var tok = pp.tok;
var etran = new ExpressionTranslator(this, predef, tok);
@@ -2418,7 +2427,6 @@ namespace Microsoft.Dafny { ante = Bpl.Expr.And(ante, wh);
}
-
Bpl.Expr kWhere = null, kId = null;
Bpl.Variable k = null;
@@ -2455,26 +2463,31 @@ namespace Microsoft.Dafny { var activation = AxiomActivation(pp, true, true, etran);
- // forall args :: { P(args) } args-have-appropriate-values && P(args) ==> forall k { P#[k](args) } :: 0 ATMOST k ==> P#[k](args)
+ // forall args :: { P(args) } args-have-appropriate-values && P(args) ==> QQQ k { P#[k](args) } :: 0 ATMOST k ==> P#[k](args)
var tr = new Bpl.Trigger(tok, true, new List<Bpl.Expr> { prefixAppl });
- var allK = new Bpl.ForallExpr(tok, new List<Variable> { k }, tr, BplImp(kWhere, prefixAppl));
+ var qqqK = pp.FixpointPred is CoPredicate ?
+ (Bpl.Expr)new Bpl.ForallExpr(tok, new List<Variable> { k }, tr, BplImp(kWhere, prefixAppl)) :
+ (Bpl.Expr)new Bpl.ExistsExpr(tok, new List<Variable> { k }, tr, BplAnd(kWhere, prefixAppl));
tr = new Bpl.Trigger(tok, true, new List<Bpl.Expr> { coAppl });
- var allS = new Bpl.ForallExpr(tok, bvs, tr, BplImp(BplAnd(ante, coAppl), allK));
+ var allS = new Bpl.ForallExpr(tok, bvs, tr, BplImp(BplAnd(ante, coAppl), qqqK));
sink.AddTopLevelDeclaration(new Bpl.Axiom(tok, Bpl.Expr.Imp(activation, allS),
"1st prefix predicate axiom for " + pp.FullSanitizedName));
- // forall args :: { P(args) } args-have-appropriate-values && (forall k :: 0 ATMOST k ==> P#[k](args)) ==> P(args)
- allS = new Bpl.ForallExpr(tok, bvs, tr, BplImp(BplAnd(ante, allK), coAppl));
+ // forall args :: { P(args) } args-have-appropriate-values && (QQQ k :: 0 ATMOST k ==> P#[k](args)) ==> P(args)
+ allS = new Bpl.ForallExpr(tok, bvs, tr, BplImp(BplAnd(ante, qqqK), coAppl));
sink.AddTopLevelDeclaration(new Bpl.Axiom(tok, Bpl.Expr.Imp(activation, allS),
"2nd prefix predicate axiom"));
- // forall args,k :: args-have-appropriate-values && k == 0 ==> P#0#[k](args)
+ // forall args,k :: args-have-appropriate-values && k == 0 ==> NNN P#0#[k](args)
var moreBvs = new List<Variable>();
moreBvs.AddRange(bvs);
moreBvs.Add(k);
var z = Bpl.Expr.Eq(kId, Bpl.Expr.Literal(0));
funcID = new Bpl.IdentifierExpr(tok, pp.FullSanitizedName, TrType(pp.ResultType));
- var prefixLimited = new Bpl.NAryExpr(tok, new Bpl.FunctionCall(funcID), prefixArgsLimited);
+ Bpl.Expr prefixLimited = new Bpl.NAryExpr(tok, new Bpl.FunctionCall(funcID), prefixArgsLimited);
+ if (pp.FixpointPred is InductivePredicate) {
+ prefixLimited = Bpl.Expr.Not(prefixLimited);
+ }
var trueAtZero = new Bpl.ForallExpr(tok, moreBvs, BplImp(BplAnd(ante, z), prefixLimited));
sink.AddTopLevelDeclaration(new Bpl.Axiom(tok, Bpl.Expr.Imp(activation, trueAtZero),
"3rd prefix predicate axiom"));
@@ -2717,7 +2730,7 @@ namespace Microsoft.Dafny { Bpl.StmtList stmts;
if (!wellformednessProc) {
- if (3 <= DafnyOptions.O.Induction && m.IsGhost && m.Mod.Expressions.Count == 0 && m.Outs.Count == 0 && !(m is CoLemma)) {
+ if (3 <= DafnyOptions.O.Induction && m.IsGhost && m.Mod.Expressions.Count == 0 && m.Outs.Count == 0 && !(m is FixpointLemma)) {
var posts = new List<Expression>();
m.Ens.ForEach(mfe => posts.Add(mfe.E));
var allIns = new List<Formal>();
@@ -3875,8 +3888,8 @@ namespace Microsoft.Dafny { #endif
}
- Bpl.Expr/*!*/ InRWClause(IToken tok, Bpl.Expr o, Bpl.Expr f, List<FrameExpression> rw, ExpressionTranslator etran,
- Expression receiverReplacement, Dictionary<IVariable,Expression> substMap) {
+ Bpl.Expr InRWClause(IToken tok, Bpl.Expr o, Bpl.Expr f, List<FrameExpression> rw, ExpressionTranslator etran,
+ Expression receiverReplacement, Dictionary<IVariable, Expression> substMap) {
Contract.Requires(tok != null);
Contract.Requires(o != null);
// Contract.Requires(f != null); // f == null means approximate
@@ -3886,6 +3899,26 @@ namespace Microsoft.Dafny { Contract.Requires(predef != null);
Contract.Requires((receiverReplacement == null) == (substMap == null));
Contract.Ensures(Contract.Result<Bpl.Expr>() != null);
+ var boxO = FunctionCall(tok, BuiltinFunction.Box, null, o);
+ return InRWClause_Aux(tok, o, boxO, f, rw, etran, receiverReplacement, substMap);
+ }
+
+ /// <summary>
+ /// By taking both an "o" and a "boxO" parameter, the caller has a choice of passing in either
+ /// "o, Box(o)" for some "o" or "Unbox(bx), bx" for some "bx".
+ /// </summary>
+ Bpl.Expr InRWClause_Aux(IToken tok, Bpl.Expr o, Bpl.Expr boxO, Bpl.Expr f, List<FrameExpression> rw, ExpressionTranslator etran,
+ Expression receiverReplacement, Dictionary<IVariable, Expression> substMap) {
+ Contract.Requires(tok != null);
+ Contract.Requires(o != null);
+ Contract.Requires(boxO != null);
+ // Contract.Requires(f != null); // f == null means approximate
+ Contract.Requires(etran != null);
+ Contract.Requires(cce.NonNullElements(rw));
+ Contract.Requires(substMap == null || cce.NonNullDictionaryAndValues(substMap));
+ Contract.Requires(predef != null);
+ Contract.Requires((receiverReplacement == null) == (substMap == null));
+ Contract.Ensures(Contract.Result<Bpl.Expr>() != null);
// requires o to denote an expression of type RefType
// "rw" is is allowed to contain a WildcardExpr
@@ -3905,11 +3938,10 @@ namespace Microsoft.Dafny { if (e is WildcardExpr) {
disjunct = Bpl.Expr.True;
} else if (eType is SetType) {
- // old(e)[Box(o)]
- disjunct = etran.TrInSet(tok, o, e, ((SetType)eType).Arg);
+ // e[Box(o)]
+ disjunct = etran.TrInSet_Aux(tok, o, boxO, e);
} else if (eType is SeqType) {
- // (exists i: int :: 0 <= i && i < Seq#Length(old(e)) && Seq#Index(old(e),i) == Box(o))
- Bpl.Expr boxO = FunctionCall(tok, BuiltinFunction.Box, null, o);
+ // (exists i: int :: 0 <= i && i < Seq#Length(e) && Seq#Index(e,i) == Box(o))
Bpl.Variable iVar = new Bpl.BoundVariable(tok, new Bpl.TypedIdent(tok, "$i", Bpl.Type.Int));
Bpl.Expr i = new Bpl.IdentifierExpr(tok, iVar);
Bpl.Expr iBounds = InSeqRange(tok, i, etran.TrExpr(e), true, null, false);
@@ -3917,7 +3949,7 @@ namespace Microsoft.Dafny { // TODO: the equality in the next line should be changed to one that understands extensionality
disjunct = new Bpl.ExistsExpr(tok, new List<Variable> { iVar }, Bpl.Expr.And(iBounds, Bpl.Expr.Eq(XsubI, boxO)));
} else {
- // o == old(e)
+ // o == e
disjunct = Bpl.Expr.Eq(o, etran.TrExpr(e));
}
if (rwComponent.Field != null && f != null) {
@@ -4911,7 +4943,7 @@ namespace Microsoft.Dafny { }
Bpl.Expr allowance = null;
- if (codeContext != null && e.CoCall != FunctionCallExpr.CoCallResolution.Yes && !(e.Function is CoPredicate)) {
+ if (codeContext != null && e.CoCall != FunctionCallExpr.CoCallResolution.Yes && !(e.Function is FixpointPredicate)) {
// check that the decreases measure goes down
if (ModuleDefinition.InSameSCC(e.Function, codeContext)) {
List<Expression> contextDecreases = codeContext.Decreases.Expressions;
@@ -4951,8 +4983,8 @@ namespace Microsoft.Dafny { Contract.Assert(false); // unexpected CoCallResolution
goto case FunctionCallExpr.CoCallResolution.No; // please the compiler
}
- CheckCallTermination(expr.tok, contextDecreases, calleeDecreases, allowance, e.Receiver, substMap, etran, etran, builder,
- codeContext.InferredDecreases, hint);
+ CheckCallTermination(expr.tok, contextDecreases, calleeDecreases, allowance, e.Receiver, substMap, e.TypeArgumentSubstitutions,
+ etran, etran, builder, codeContext.InferredDecreases, hint);
}
}
@@ -5494,13 +5526,14 @@ namespace Microsoft.Dafny { var fhandle = FunctionCall(f.tok, name, predef.HandleType, SnocSelf(args));
var lhs = FunctionCall(f.tok, Requires(arity), Bpl.Type.Bool, Concat(tyargs, Cons(fhandle, Cons(h, lhs_args))));
- var rhs = BplOr(
- FunctionCall(f.tok, RequiresName(f), Bpl.Type.Bool, Concat(SnocSelf(Snoc(args, h)), rhs_args)),
- MakeScrambler(f.tok, f.FullSanitizedName + "#lessReq", Concat(vars, bvars)));
-
- // In case this is the /requires/ or /reads/ function, then there is no precondition
+ Bpl.Expr rhs;
if (fromArrowType) {
+ // In case this is the /requires/ or /reads/ function, then there is no precondition
rhs = Bpl.Expr.True;
+ } else {
+ rhs = BplOr(
+ FunctionCall(f.tok, RequiresName(f), Bpl.Type.Bool, Concat(SnocSelf(Snoc(args, h)), rhs_args)),
+ MakeScrambler(f.tok, f.FullSanitizedName + "#lessReq", Concat(vars, bvars)));
}
sink.AddTopLevelDeclaration(new Axiom(f.tok,
@@ -5508,22 +5541,21 @@ namespace Microsoft.Dafny { }
{
- // Reads(Ty.., F#Handle( Ty1, ..., TyN, Layer, self), Heap, arg1, ..., argN)[Box(o)]
- // = $Frame_F(args...)[o]
- // // && Scramble(...)
+ // Reads(Ty.., F#Handle( Ty1, ..., TyN, Layer, self), Heap, arg1, ..., argN)
+ // = $Frame_F(args...)
var fhandle = FunctionCall(f.tok, name, predef.HandleType, SnocSelf(args));
- Bpl.Expr o; var oVar = BplBoundVar("o", predef.RefType, out o);
- Bpl.Expr lhs_inner = FunctionCall(f.tok, Reads(arity), Bpl.Type.Bool, Concat(tyargs, Cons(fhandle, Cons(h, lhs_args))));
- Bpl.Expr lhs = new Bpl.NAryExpr(f.tok, new Bpl.MapSelect(f.tok, 1),
- new List<Bpl.Expr> { lhs_inner, FunctionCall(f.tok, BuiltinFunction.Box, null, o) });
+ Bpl.Expr lhs_inner = FunctionCall(f.tok, Reads(arity), TrType(new SetType(new ObjectType())), Concat(tyargs, Cons(fhandle, Cons(h, lhs_args))));
+
+ Bpl.Expr bx; var bxVar = BplBoundVar("$bx", predef.BoxType, out bx);
+ Bpl.Expr unboxBx = FunctionCall(f.tok, BuiltinFunction.Unbox, predef.RefType, bx);
+ Bpl.Expr lhs = Bpl.Expr.SelectTok(f.tok, lhs_inner, bx);
var et = new ExpressionTranslator(this, predef, h);
- var rhs = InRWClause(f.tok, o, null, f.Reads, et, selfExpr, rhs_dict);
- // MakeScrambler(f.tok, f.FullSanitizedName + "#extraReads", Cons(oVar, Concat(vars, bvars))));
+ var rhs = InRWClause_Aux(f.tok, unboxBx, bx, null, f.Reads, et, selfExpr, rhs_dict);
sink.AddTopLevelDeclaration(new Axiom(f.tok,
- BplForall(Cons(oVar, Concat(vars, bvars)), BplTrigger(lhs), Bpl.Expr.Eq(lhs, rhs))));
+ BplForall(Cons(bxVar, Concat(vars, bvars)), BplTrigger(lhs), Bpl.Expr.Eq(lhs, rhs))));
}
}
return name;
@@ -5616,8 +5648,8 @@ namespace Microsoft.Dafny { Func<Bpl.Expr, Bpl.Expr, Bpl.Expr> op = Bpl.Expr.Eq;
if (selectorVar == "rd") {
var bx = BplBoundVar("bx", predef.BoxType, bvars);
- lhs = new Bpl.NAryExpr(tok, new Bpl.MapSelect(tok, 1), new List<Bpl.Expr> { lhs, bx });
- rhs = new Bpl.NAryExpr(tok, new Bpl.MapSelect(tok, 1), new List<Bpl.Expr> { rhs, bx });
+ lhs = Bpl.Expr.SelectTok(tok, lhs, bx);
+ rhs = Bpl.Expr.SelectTok(tok, rhs, bx);
// op = Bpl.Expr.Imp;
}
if (selectorVar == "r") {
@@ -8573,7 +8605,7 @@ namespace Microsoft.Dafny { // Note, prefix lemmas are not recorded in the call graph, but their corresponding colemmas are.
// Similarly, an iterator is not recorded in the call graph, but its MoveNext method is.
ICallable cllr =
- codeContext is PrefixLemma ? ((PrefixLemma)codeContext).Co :
+ codeContext is PrefixLemma ? ((PrefixLemma)codeContext).FixpointLemma :
codeContext is IteratorDecl ? ((IteratorDecl)codeContext).Member_MoveNext :
codeContext;
if (ModuleDefinition.InSameSCC(method, cllr)) {
@@ -8583,9 +8615,9 @@ namespace Microsoft.Dafny { MethodTranslationKind kind;
var callee = method;
- if (method is CoLemma && isRecursiveCall) {
+ if (method is FixpointLemma && isRecursiveCall) {
kind = MethodTranslationKind.CoCall;
- callee = ((CoLemma)method).PrefixLemma;
+ callee = ((FixpointLemma)method).PrefixLemma;
} else if (method is PrefixLemma) {
// an explicit call to a prefix lemma is allowed only inside the SCC of the corresponding colemma,
// so we consider this to be a co-call
@@ -8626,13 +8658,13 @@ namespace Microsoft.Dafny { var param = (Bpl.IdentifierExpr)etran.TrExpr(ie); // TODO: is this cast always justified?
Bpl.Expr bActual;
- if (i == 0 && method is CoLemma && isRecursiveCall) {
+ if (i == 0 && method is FixpointLemma && isRecursiveCall) {
// Treat this call to M(args) as a call to the corresponding prefix lemma M#(_k - 1, args), so insert an argument here.
var k = ((PrefixLemma)codeContext).K;
bActual = Bpl.Expr.Sub(new Bpl.IdentifierExpr(k.tok, k.AssignUniqueName(currentDeclaration.IdGenerator), Bpl.Type.Int), Bpl.Expr.Literal(1));
} else {
Expression actual;
- if (method is CoLemma && isRecursiveCall) {
+ if (method is FixpointLemma && isRecursiveCall) {
actual = Args[i - 1];
} else {
actual = Args[i];
@@ -8659,7 +8691,7 @@ namespace Microsoft.Dafny { Contract.Assert(codeContext != null);
List<Expression> contextDecreases = codeContext.Decreases.Expressions;
List<Expression> calleeDecreases = callee.Decreases.Expressions;
- CheckCallTermination(tok, contextDecreases, calleeDecreases, null, receiver, substMap, etran, etran.Old, builder, codeContext.InferredDecreases, null);
+ CheckCallTermination(tok, contextDecreases, calleeDecreases, null, receiver, substMap, tySubst, etran, etran.Old, builder, codeContext.InferredDecreases, null);
}
// Create variables to hold the output parameters of the call, so that appropriate unboxes can be introduced.
@@ -8770,6 +8802,7 @@ namespace Microsoft.Dafny { void CheckCallTermination(IToken tok, List<Expression> contextDecreases, List<Expression> calleeDecreases,
Bpl.Expr allowance,
Expression receiverReplacement, Dictionary<IVariable,Expression> substMap,
+ Dictionary<TypeParameter, Type> typeMap,
ExpressionTranslator etranCurrent, ExpressionTranslator etranInitial, Bpl.StmtListBuilder builder, bool inferredDecreases, string hint) {
Contract.Requires(tok != null);
Contract.Requires(cce.NonNullElements(contextDecreases));
@@ -8801,7 +8834,7 @@ namespace Microsoft.Dafny { tok = new ForceCheckToken(tok);
}
for (int i = 0; i < N; i++) {
- Expression e0 = Substitute(calleeDecreases[i], receiverReplacement, substMap);
+ Expression e0 = Substitute(calleeDecreases[i], receiverReplacement, substMap, typeMap);
Expression e1 = contextDecreases[i];
if (!CompatibleDecreasesTypes(e0.Type, e1.Type)) {
N = i;
@@ -11513,18 +11546,32 @@ namespace Microsoft.Dafny { Contract.Requires(elmt != null);
Contract.Requires(s != null);
Contract.Requires(elmtType != null);
+ Contract.Ensures(Contract.Result<Bpl.Expr>() != null);
+ var elmtBox = BoxIfNecessary(tok, elmt, elmtType);
+ return TrInSet_Aux(tok, elmt, elmtBox, s);
+ }
+ /// <summary>
+ /// The worker routine for TrInSet. This method takes both "elmt" and "elmtBox" as parameters,
+ /// using the former when the unboxed form is needed and the latter when the boxed form is needed.
+ /// This gives the caller the flexibility to pass in either "o, Box(o)" or "Unbox(bx), bx".
+ /// </summary>
+ public Bpl.Expr TrInSet_Aux(IToken tok, Bpl.Expr elmt, Bpl.Expr elmtBox, Expression s) {
+ Contract.Requires(tok != null);
+ Contract.Requires(elmt != null);
+ Contract.Requires(elmtBox != null);
+ Contract.Requires(s != null);
Contract.Ensures(Contract.Result<Bpl.Expr>() != null);
if (s is BinaryExpr) {
BinaryExpr bin = (BinaryExpr)s;
switch (bin.ResolvedOp) {
case BinaryExpr.ResolvedOpcode.Union:
- return Bpl.Expr.Or(TrInSet(tok, elmt, bin.E0, elmtType), TrInSet(tok, elmt, bin.E1, elmtType));
+ return Bpl.Expr.Or(TrInSet_Aux(tok, elmt, elmtBox, bin.E0), TrInSet_Aux(tok, elmt, elmtBox, bin.E1));
case BinaryExpr.ResolvedOpcode.Intersection:
- return Bpl.Expr.And(TrInSet(tok, elmt, bin.E0, elmtType), TrInSet(tok, elmt, bin.E1, elmtType));
+ return Bpl.Expr.And(TrInSet_Aux(tok, elmt, elmtBox, bin.E0), TrInSet_Aux(tok, elmt, elmtBox, bin.E1));
case BinaryExpr.ResolvedOpcode.SetDifference:
- return Bpl.Expr.And(TrInSet(tok, elmt, bin.E0, elmtType), Bpl.Expr.Not(TrInSet(tok, elmt, bin.E1, elmtType)));
+ return Bpl.Expr.And(TrInSet_Aux(tok, elmt, elmtBox, bin.E0), Bpl.Expr.Not(TrInSet_Aux(tok, elmt, elmtBox, bin.E1)));
default:
break;
}
@@ -11545,7 +11592,7 @@ namespace Microsoft.Dafny { return disjunction;
}
}
- return Bpl.Expr.SelectTok(tok, TrExpr(s), BoxIfNecessary(tok, elmt, elmtType));
+ return Bpl.Expr.SelectTok(tok, TrExpr(s), elmtBox);
}
/// <summary>
@@ -13151,23 +13198,23 @@ namespace Microsoft.Dafny { }
public class PrefixCallSubstituter : Substituter
{
- readonly CoPredicate coPred;
- readonly Expression coDepth;
+ readonly FixpointPredicate fixpointPred;
+ readonly Expression unrollDepth;
readonly ModuleDefinition module;
- public PrefixCallSubstituter(Expression receiverReplacement, Dictionary<IVariable, Expression/*!*/>/*!*/ substMap, Dictionary<TypeParameter, Type> tySubstMap, CoPredicate copred, Expression depth, Translator translator)
+ public PrefixCallSubstituter(Expression receiverReplacement, Dictionary<IVariable, Expression/*!*/>/*!*/ substMap, Dictionary<TypeParameter, Type> tySubstMap, FixpointPredicate fixpointpred, Expression depth, Translator translator)
: base(receiverReplacement, substMap, tySubstMap, translator) {
- Contract.Requires(copred != null);
+ Contract.Requires(fixpointpred != null);
Contract.Requires(depth != null);
- coPred = copred;
- coDepth = depth;
- module = copred.EnclosingClass.Module;
+ fixpointPred = fixpointpred;
+ unrollDepth = depth;
+ module = fixpointpred.EnclosingClass.Module;
}
public override Expression Substitute(Expression expr) {
if (expr is FunctionCallExpr) {
var e = (FunctionCallExpr)expr;
- var cof = e.Function as CoPredicate;
- if (cof != null && ModuleDefinition.InSameSCC(cof, coPred)) {
- expr = cof.CreatePrefixPredicateCall(e, coDepth);
+ var cof = e.Function as FixpointPredicate;
+ if (cof != null && ModuleDefinition.InSameSCC(cof, fixpointPred)) {
+ expr = cof.CreatePrefixPredicateCall(e, unrollDepth);
}
}
return base.Substitute(expr);
diff --git a/Source/DafnyExtension/DafnyDriver.cs b/Source/DafnyExtension/DafnyDriver.cs index 5b8cc943..7f39fe34 100644 --- a/Source/DafnyExtension/DafnyDriver.cs +++ b/Source/DafnyExtension/DafnyDriver.cs @@ -239,6 +239,11 @@ namespace DafnyLanguage return Dafny.DafnyOptions.Clo.VerifySnapshots;
}
+ public static void SetDiagnoseTimeouts(bool v)
+ {
+ Dafny.DafnyOptions.Clo.RunDiagnosticsOnTimeout = v;
+ }
+
public static int ChangeIncrementalVerification(int mode)
{
var old = Dafny.DafnyOptions.Clo.VerifySnapshots;
diff --git a/Source/DafnyExtension/MenuProxy.cs b/Source/DafnyExtension/MenuProxy.cs index 11e1287f..9ddc8344 100644 --- a/Source/DafnyExtension/MenuProxy.cs +++ b/Source/DafnyExtension/MenuProxy.cs @@ -67,6 +67,15 @@ namespace DafnyLanguage }
}
+ public void DiagnoseTimeouts(IWpfTextView activeTextView)
+ {
+ DafnyLanguage.ProgressTagger tagger;
+ if (activeTextView != null && DafnyLanguage.ProgressTagger.ProgressTaggers.TryGetValue(activeTextView.TextBuffer, out tagger))
+ {
+ tagger.StartVerification(false, true);
+ }
+ }
+
public bool MenuEnabled(IWpfTextView activeTextView)
{
return activeTextView != null && activeTextView.TextBuffer.ContentType.DisplayName == "dafny";
@@ -80,6 +89,14 @@ namespace DafnyLanguage && resolver.Program != null;
}
+ public bool DiagnoseTimeoutsCommandEnabled(IWpfTextView activeTextView)
+ {
+ ResolverTagger resolver;
+ return activeTextView != null
+ && DafnyLanguage.ResolverTagger.ResolverTaggers.TryGetValue(activeTextView.TextBuffer, out resolver)
+ && resolver.VerificationErrors.Any(err => err.Message.Contains("timed out"));
+ }
+
public void Compile(IWpfTextView activeTextView)
{
ResolverTagger resolver;
diff --git a/Source/DafnyExtension/OutliningTagger.cs b/Source/DafnyExtension/OutliningTagger.cs index c4b88f98..85771e94 100644 --- a/Source/DafnyExtension/OutliningTagger.cs +++ b/Source/DafnyExtension/OutliningTagger.cs @@ -160,6 +160,7 @@ namespace DafnyLanguage }
if (m is Dafny.Function && ((Dafny.Function)m).Body != null) {
var nm =
+ m is Dafny.InductivePredicate ? "inductive predicate" :
m is Dafny.CoPredicate ? "copredicate" :
// m is Dafny.PrefixPredicate ? "prefix predicate" : // this won't ever occur here
m is Dafny.Predicate ? "predicate" :
diff --git a/Source/DafnyExtension/ProgressMargin.cs b/Source/DafnyExtension/ProgressMargin.cs index b4e58d3d..c3f56259 100644 --- a/Source/DafnyExtension/ProgressMargin.cs +++ b/Source/DafnyExtension/ProgressMargin.cs @@ -197,6 +197,7 @@ namespace DafnyLanguage bool verificationInProgress; // this field is protected by "this". Invariant: !verificationInProgress ==> bufferChangesPreVerificationStart.Count == 0
System.Threading.Tasks.Task verificationTask;
public bool VerificationDisabled { get; private set; }
+ bool isDiagnosingTimeouts;
string lastRequestId;
public static readonly IDictionary<ITextBuffer, ProgressTagger> ProgressTaggers = new ConcurrentDictionary<ITextBuffer, ProgressTagger>();
@@ -227,14 +228,21 @@ namespace DafnyLanguage if (prog == null || VerificationDisabled) return;
// We have a successfully resolved program to verify
- var resolvedVersion = snap.Version.VersionNumber;
- if (bufferChangesPostVerificationStart.Count == 0) {
- // Nothing new to verify. No reason to start a new verification.
- return;
- } else if (!bufferChangesPostVerificationStart.TrueForAll(span => span.Snapshot.Version.VersionNumber <= resolvedVersion)) {
- // There have been buffer changes since the program that was resolved. Do nothing here,
- // and instead just await the next resolved program.
- return;
+ var dt = isDiagnosingTimeouts;
+ if (!dt)
+ {
+ var resolvedVersion = snap.Version.VersionNumber;
+ if (bufferChangesPostVerificationStart.Count == 0)
+ {
+ // Nothing new to verify. No reason to start a new verification.
+ return;
+ }
+ else if (!bufferChangesPostVerificationStart.TrueForAll(span => span.Snapshot.Version.VersionNumber <= resolvedVersion))
+ {
+ // There have been buffer changes since the program that was resolved. Do nothing here,
+ // and instead just await the next resolved program.
+ return;
+ }
}
// at this time, we're committed to running the verifier
@@ -254,10 +262,14 @@ namespace DafnyLanguage }
verificationTask = System.Threading.Tasks.Task.Factory.StartNew(
- () => RunVerifier(prog, snap, lastRequestId, resolver),
+ () => RunVerifier(prog, snap, lastRequestId, resolver, dt),
TaskCreationOptions.LongRunning);
verificationInProgress = true;
+ if (dt)
+ {
+ isDiagnosingTimeouts = false;
+ }
// Change orange progress markers into yellow ones
Contract.Assert(bufferChangesPreVerificationStart.Count == 0); // follows from monitor invariant
@@ -293,7 +305,7 @@ namespace DafnyLanguage }
}
- public void StartVerification()
+ public void StartVerification(bool clearCache = true, bool diagnoseTimeouts = false)
{
lock (this)
{
@@ -301,7 +313,11 @@ namespace DafnyLanguage bufferChangesPostVerificationStart.Clear();
bufferChangesPostVerificationStart.Add(new SnapshotSpan(_buffer.CurrentSnapshot, 0, _buffer.CurrentSnapshot.Length));
VerificationDisabled = false;
- ClearCachedVerificationResults();
+ isDiagnosingTimeouts = diagnoseTimeouts;
+ if (clearCache)
+ {
+ ClearCachedVerificationResults();
+ }
NotifyAboutChangedTags(_buffer.CurrentSnapshot);
}
}
@@ -314,7 +330,7 @@ namespace DafnyLanguage }
}
- void RunVerifier(Dafny.Program program, ITextSnapshot snapshot, string requestId, ResolverTagger errorListHolder) {
+ void RunVerifier(Dafny.Program program, ITextSnapshot snapshot, string requestId, ResolverTagger errorListHolder, bool diagnoseTimeouts) {
Contract.Requires(program != null);
Contract.Requires(snapshot != null);
Contract.Requires(requestId != null);
@@ -332,6 +348,8 @@ namespace DafnyLanguage _version++;
}
+ DafnyDriver.SetDiagnoseTimeouts(diagnoseTimeouts);
+
try
{
bool success = DafnyDriver.Verify(program, errorListHolder, GetHashCode().ToString(), requestId, errorInfo =>
@@ -369,6 +387,10 @@ namespace DafnyLanguage {
errorListHolder.AddError(new DafnyError("$$program$$", 0, 0, ErrorCategory.InternalError, "Verification process error: " + e.Message, snapshot, false), "$$program$$", requestId);
}
+ finally
+ {
+ DafnyDriver.SetDiagnoseTimeouts(!diagnoseTimeouts);
+ }
lock (this) {
bufferChangesPreVerificationStart.Clear();
diff --git a/Source/DafnyExtension/TokenTagger.cs b/Source/DafnyExtension/TokenTagger.cs index 0019ce81..af141ad7 100644 --- a/Source/DafnyExtension/TokenTagger.cs +++ b/Source/DafnyExtension/TokenTagger.cs @@ -308,6 +308,7 @@ namespace DafnyLanguage case "import":
case "in":
case "include":
+ case "inductive":
case "int":
case "invariant":
case "iterator":
diff --git a/Source/DafnyMenu/DafnyMenu.vsct b/Source/DafnyMenu/DafnyMenu.vsct index 4c4b1403..4c9a4913 100644 --- a/Source/DafnyMenu/DafnyMenu.vsct +++ b/Source/DafnyMenu/DafnyMenu.vsct @@ -122,6 +122,16 @@ </Strings>
</Button>
+ <Button guid="guidDafnyMenuCmdSet" id="cmdidDiagnoseTimeouts" priority="0x0106" type="Button">
+ <Parent guid="guidDafnyMenuCmdSet" id="DafnyMenuGroup" />
+ <CommandFlag>DynamicVisibility</CommandFlag>
+ <CommandFlag>DefaultInvisible</CommandFlag>
+ <CommandFlag>TextChanges</CommandFlag>
+ <Strings>
+ <ButtonText>Re-verify to diagnose timeouts</ButtonText>
+ </Strings>
+ </Button>
+
</Buttons>
<!--The bitmaps section is used to define the bitmaps that are used for the commands.-->
@@ -154,6 +164,7 @@ <IDSymbol name="cmdidToggleSnapshotVerification" value="0x0103" />
<IDSymbol name="cmdidToggleBVD" value="0x0104" />
<IDSymbol name="cmdidToggleMoreAdvancedSnapshotVerification" value="0x0105" />
+ <IDSymbol name="cmdidDiagnoseTimeouts" value="0x0106" />
</GuidSymbol>
<!--
diff --git a/Source/DafnyMenu/DafnyMenuPackage.cs b/Source/DafnyMenu/DafnyMenuPackage.cs index 0acf3554..58c8f0ab 100644 --- a/Source/DafnyMenu/DafnyMenuPackage.cs +++ b/Source/DafnyMenu/DafnyMenuPackage.cs @@ -53,6 +53,12 @@ namespace DafnyLanguage.DafnyMenu void ShowErrorModel(IWpfTextView activeTextView);
+
+
+ bool DiagnoseTimeoutsCommandEnabled(IWpfTextView activeTextView);
+
+
+ void DiagnoseTimeouts(IWpfTextView activeTextView);
}
@@ -88,6 +94,7 @@ namespace DafnyLanguage.DafnyMenu private OleMenuCommand toggleSnapshotVerificationCommand;
private OleMenuCommand toggleMoreAdvancedSnapshotVerificationCommand;
private OleMenuCommand toggleBVDCommand;
+ private OleMenuCommand diagnoseTimeoutsCommand;
bool BVDDisabled;
@@ -157,6 +164,12 @@ namespace DafnyLanguage.DafnyMenu toggleBVDCommand.BeforeQueryStatus += showErrorModelCommand_BeforeQueryStatus;
mcs.AddCommand(toggleBVDCommand);
+ var diagnoseTimeoutsCommandID = new CommandID(GuidList.guidDafnyMenuCmdSet, (int)PkgCmdIDList.cmdidDiagnoseTimeouts);
+ diagnoseTimeoutsCommand = new OleMenuCommand(DiagnoseTimeoutsCallback, diagnoseTimeoutsCommandID);
+ diagnoseTimeoutsCommand.Enabled = true;
+ diagnoseTimeoutsCommand.BeforeQueryStatus += diagnoseTimeoutsCommand_BeforeQueryStatus;
+ mcs.AddCommand(diagnoseTimeoutsCommand);
+
var menuCommandID = new CommandID(GuidList.guidDafnyMenuPkgSet, (int)PkgCmdIDList.cmdidMenu);
menuCommand = new OleMenuCommand(new EventHandler((sender, e) => { }), menuCommandID);
menuCommand.BeforeQueryStatus += menuCommand_BeforeQueryStatus;
@@ -301,6 +314,16 @@ namespace DafnyLanguage.DafnyMenu }
}
+ void diagnoseTimeoutsCommand_BeforeQueryStatus(object sender, EventArgs e)
+ {
+ var atv = ActiveTextView;
+ if (MenuProxy != null && atv != null)
+ {
+ var visible = MenuProxy.DiagnoseTimeoutsCommandEnabled(atv);
+ diagnoseTimeoutsCommand.Visible = visible;
+ }
+ }
+
private void toggleMoreAdvancedSnapshotVerificationCommand_BeforeQueryStatus(object sender, EventArgs e)
{
var atv = ActiveTextView;
@@ -317,6 +340,15 @@ namespace DafnyLanguage.DafnyMenu toggleBVDCommand.Text = (BVDDisabled ? "Enable" : "Disable") + " BVD";
}
+ void DiagnoseTimeoutsCallback(object sender, EventArgs e)
+ {
+ var atv = ActiveTextView;
+ if (MenuProxy != null && atv != null)
+ {
+ MenuProxy.DiagnoseTimeouts(atv);
+ }
+ }
+
public void ExecuteAsCompiling(Action action, TextWriter outputWriter)
{
IVsStatusbar statusBar = (IVsStatusbar)GetGlobalService(typeof(SVsStatusbar));
diff --git a/Source/DafnyMenu/PkgCmdID.cs b/Source/DafnyMenu/PkgCmdID.cs index b6f30145..427dd888 100644 --- a/Source/DafnyMenu/PkgCmdID.cs +++ b/Source/DafnyMenu/PkgCmdID.cs @@ -13,5 +13,6 @@ namespace DafnyLanguage.DafnyMenu public static uint cmdidToggleSnapshotVerification = 0x103;
public const uint cmdidToggleBVD = 0x104;
public static uint cmdidToggleMoreAdvancedSnapshotVerification = 0x105;
+ public static uint cmdidDiagnoseTimeouts = 0x106;
};
}
\ No newline at end of file diff --git a/Source/version.cs b/Source/version.cs index e2cf3c47..1234a75b 100644 --- a/Source/version.cs +++ b/Source/version.cs @@ -1,4 +1,4 @@ using System.Reflection;
-// Version 1.9.4, year 2013+2 month 04 day 06
-[assembly: AssemblyVersion("1.9.3.20406")]
-[assembly: AssemblyFileVersion("1.9.3.20406")]
+// Version 1.9.5, year 2013+2 month 05 day 11
+[assembly: AssemblyVersion("1.9.5.20511")]
+[assembly: AssemblyFileVersion("1.9.5.20511")]
diff --git a/Test/VerifyThis2015/Problem2.dfy b/Test/VerifyThis2015/Problem2.dfy index 84fa924d..1c7deffd 100644 --- a/Test/VerifyThis2015/Problem2.dfy +++ b/Test/VerifyThis2015/Problem2.dfy @@ -2,7 +2,7 @@ // RUN: %diff "%s.expect" "%t"
// Rustan Leino
-// 13 April 2015
+// 13 April 2015, and many subsequent enhancements and revisions
// VerifyThis 2015
// Problem 2 -- Parallel GCD
@@ -109,7 +109,6 @@ method ParallelGcd_WithoutTermination(A: int, B: int) returns (gcd: int) method ParallelGcd(A: int, B: int) returns (gcd: int)
requires A > 0 && B > 0
ensures gcd == Gcd(A, B)
- decreases *
{
var a, b := A, B;
var pc0, pc1 := 0, 0; // program counter for the two processes
@@ -127,12 +126,13 @@ method ParallelGcd(A: int, B: int) returns (gcd: int) invariant pc0 == 2 ==> b <= b0 && (b0 <= a0 ==> b0 == b)
invariant pc1 == 2 ==> a <= a1 && (a1 <= b1 ==> a1 == a)
invariant (pc0 == 3 ==> a == b) && (pc1 == 3 ==> a == b)
- invariant 0 <= budget0 && 0 <= budget1 && 1 <= budget0 + budget1
+ invariant 0 <= budget0 && 0 <= budget1 && (pc0 == 3 || pc1 == 3 || 1 <= budget0 + budget1)
// With the budgets, the program is guaranteed to terminate, as is proved by the following termination
- // metric (which is a lexicographic triple):
- decreases *, a + b,
-// if a == b then 0 else if a < b then budget0 else budget1,
- (if a0 < b0 then budget0 else 0) + (if b1 < a1 then budget1 else 0),
+ // metric (which is a lexicographic tuple):
+ decreases a + b,
+ FinalStretch(pc0, pc1, a0, b0, b) + FinalStretch(pc1, pc0, b1, a1, a),
+ (if pc0 == 2 && a0 < b0 && !(a < b) then 1 else 0) + (if pc1 == 2 && b1 < a1 && !(b < a) then 1 else 0),
+ (if a < b then budget0 else 0) + (if b < a then budget1 else 0),
8 - pc0 - pc1
{
if {
@@ -166,15 +166,26 @@ method ParallelGcd(A: int, B: int) returns (gcd: int) gcd := a;
}
+function FinalStretch(pcThis: int, pcThat: int, a0: int, b0: int, b: int): int
+{
+ if pcThat != 3 then 10 // we're not yet in the final stretch
+ else if pcThis == 3 then 0
+ else if pcThis == 2 && a0 == b0 then 1
+ else if pcThis == 1 && a0 == b then 2
+ else if pcThis == 0 then 3
+ else if pcThis == 2 && a0 < b0 then 4
+ else 5
+}
+
method BudgetUpdate(inThis: int, inThat: int, pcThat: int) returns (outThis: int, outThat: int)
requires pcThat == 3 || 0 < inThis
- ensures pcThat == 3 ==> outThis == inThis && outThat == inThat
- ensures pcThat != 3 ==> outThis == inThis - 1 && outThat > 0
+ ensures outThis == if 0 < inThis then inThis - 1 else inThis
+ ensures if pcThat == 3 then outThat == inThat else outThat > 0
{
+ outThis := if 0 < inThis then inThis - 1 else inThis;
if pcThat == 3 {
- outThis, outThat := inThis, inThat;
+ outThat := inThat;
} else {
- outThis := inThis - 1;
outThat :| outThat > 0;
}
}
@@ -295,11 +306,7 @@ lemma Symmetry(a: int, b: int) assert DividesBoth(k, a, b) && forall m :: DividesBoth(m, a, b) ==> m <= k;
assert DividesBoth(l, b, a) && forall m :: DividesBoth(m, b, a) ==> m <= l;
assert DividesBoth(l, a, b);
- forall m | DividesBoth(m, b, a)
- ensures m <= l && DividesBoth(m, a, b)
- {
- }
- assert forall m :: DividesBoth(m, a, b) ==> m <= l;
+ assert forall m :: DividesBoth(m, b, a) ==> m <= l && DividesBoth(m, a, b);
assert k == l;
}
diff --git a/Test/VerifyThis2015/Problem2.dfy.expect b/Test/VerifyThis2015/Problem2.dfy.expect index ad540132..f5e3b3dc 100644 --- a/Test/VerifyThis2015/Problem2.dfy.expect +++ b/Test/VerifyThis2015/Problem2.dfy.expect @@ -1,2 +1,2 @@ -Dafny program verifier finished with 35 verified, 0 errors
+Dafny program verifier finished with 36 verified, 0 errors
diff --git a/Test/VerifyThis2015/Problem3.dfy b/Test/VerifyThis2015/Problem3.dfy index fb95637d..4205035d 100644 --- a/Test/VerifyThis2015/Problem3.dfy +++ b/Test/VerifyThis2015/Problem3.dfy @@ -123,3 +123,23 @@ class DoublyLinkedList { Nodes := Nodes[..k] + [x] + Nodes[k..];
}
}
+
+// --------------------------------------------------------
+// If it were not required to build a data structure (like the class above) that supports the
+// Remove and PutBack operations, the operations can easily be verified to compose into the
+// identity transformation. The following method shows that the two operations, under a suitable
+// precondition, have no net effect on any .L or .R field.
+
+method Alt(x: Node)
+ requires x != null && x.L != null && x.R != null
+ requires x.L.R == x && x.R.L == x // links are mirrored
+ modifies x, x.L, x.R
+ ensures forall y: Node :: y != null ==> y.L == old(y.L) && y.R == old(y.R)
+{
+ // remove
+ x.R.L := x.L;
+ x.L.R := x.R;
+ // put back
+ x.R.L := x;
+ x.L.R := x;
+}
diff --git a/Test/VerifyThis2015/Problem3.dfy.expect b/Test/VerifyThis2015/Problem3.dfy.expect index 9559b9a6..4035605c 100644 --- a/Test/VerifyThis2015/Problem3.dfy.expect +++ b/Test/VerifyThis2015/Problem3.dfy.expect @@ -1,5 +1,5 @@ -Dafny program verifier finished with 13 verified, 0 errors
+Dafny program verifier finished with 15 verified, 0 errors
Program compiled successfully
Running...
diff --git a/Test/dafny0/Coinductive.dfy b/Test/dafny0/Coinductive.dfy index 99b263a5..d1b04b1d 100644 --- a/Test/dafny0/Coinductive.dfy +++ b/Test/dafny0/Coinductive.dfy @@ -129,7 +129,7 @@ module CoPredicateResolutionErrors { }
ghost method Lemma(n: int)
- ensures Even(Doubles(n));
+ ensures Even(Doubles(n))
{
}
@@ -184,3 +184,106 @@ module UnfruitfulCoLemmaConclusions { {
}
}
+
+// --------------- Inductive Predicates --------------------------
+
+module InductivePredicateResolutionErrors {
+
+ datatype List<T> = Nil | Cons(head: T, tail: List)
+ codatatype IList<T> = INil | ICons(head: T, tail: IList)
+
+ inductive predicate Pos(s: List<int>)
+ {
+ s.Cons? && 0 < s.head && Pos(s.tail) && Even(s)
+ }
+
+ inductive predicate Even(s: List<int>)
+ {
+ s.Cons? && s.head % 2 == 0 && Even(s.tail)
+ && (s.head == 17 ==> Pos(s))
+ && (Pos(s) ==> s.head == 17) // error: cannot make recursive inductive-predicate call in negative position
+ && !Even(s) // error: cannot make recursive inductive-predicate call in negative position
+ && (Even(s) <==> Even(s)) // error (x2): recursive inductive-predicate calls allowed only in positive positions
+ }
+
+ inductive predicate LetSuchThat(s: List<int>)
+ {
+ if s != Nil then true else
+ var h :| h == s.head;
+ h < 0 && LetSuchThat(s.tail) // this is fine for an inductive predicate
+ }
+ copredicate CoLetSuchThat(s: IList<int>)
+ {
+ if s != INil then true else
+ var h :| h == s.head;
+ h < 0 && CoLetSuchThat(s.tail) // error: recursive call to copredicate in body of let-such-that
+ }
+
+ inductive predicate NegatedLetSuchThat(s: List<int>)
+ {
+ if s != Nil then true else
+ !var h :| h == s.head;
+ h < 0 && !NegatedLetSuchThat(s.tail) // error: recursive call to inductive predicate in body of let-such-that
+ }
+ copredicate NegatedCoLetSuchThat(s: IList<int>)
+ {
+ if s != INil then true else
+ !var h :| h == s.head;
+ h < 0 && !NegatedCoLetSuchThat(s.tail) // this is fine for a coinductive predicate
+ }
+
+ inductive predicate CP(i: int)
+ {
+ CP(i) &&
+ !CP(i) && // error: not in a positive position
+ (exists j :: CP(j)) &&
+ (forall k :: 0 <= k < i*i ==> CP(k)) &&
+ (forall k :: 0 <= k ==> CP(k)) && // error: unbounded range
+ (forall k :: k < i*i ==> CP(k)) && // error: unbounded range
+ (forall l :: CP(l)) // error: unbounded range
+ }
+
+ inductive predicate CQ(i: int, j: int)
+ {
+ forall i :: i == 6 ==> if j % 2 == 0 then CQ(i, i) else CQ(j, j)
+ }
+
+ inductive predicate CR(i: int, j: int)
+ {
+ i == if CR(i, j) then 6 else j // error: not allowed to call CR recursively here
+ }
+
+ inductive predicate CS(i: int, j: int)
+ {
+ forall i ::
+ i <= (if CS(i, j) then 6 else j) && // error: not allowed to call CS recursively here
+ (if CS(i, j) then 6 else j) <= i // error: not allowed to call CS recursively here
+ }
+
+ inductive predicate Another(s: List<int>)
+ {
+ !Even(s) // here, negation is fine
+ }
+
+ inductive predicate IndStmtExpr_Good(s: List<int>)
+ {
+ s.head > 0 && (MyLemma(s.head); IndStmtExpr_Good(s.tail))
+ }
+
+ lemma MyLemma(x: int)
+ {
+ }
+
+ inductive predicate IndStmtExpr_Bad(s: List<int>)
+ {
+ s.Cons? && s.head > 0 &&
+ (MyRecursiveLemma(s.head); // error: cannot call method recursively from inductive predicate
+ IndStmtExpr_Bad(s.tail))
+ }
+
+ lemma MyRecursiveLemma(x: int)
+ {
+ var p := IndStmtExpr_Bad(Cons(x, Nil));
+ }
+}
+
diff --git a/Test/dafny0/Coinductive.dfy.expect b/Test/dafny0/Coinductive.dfy.expect index 26fec211..4821a0e3 100644 --- a/Test/dafny0/Coinductive.dfy.expect +++ b/Test/dafny0/Coinductive.dfy.expect @@ -14,4 +14,18 @@ Coinductive.dfy(116,24): Error: a copredicate can be called recursively only in Coinductive.dfy(122,15): Error: a copredicate can be called recursively only in positive positions and cannot sit inside an unbounded existential quantifier
Coinductive.dfy(123,10): Error: a copredicate can be called recursively only in positive positions and cannot sit inside an unbounded existential quantifier
Coinductive.dfy(148,21): Error: a recursive call from a copredicate can go only to other copredicates
-16 resolution/type errors detected in Coinductive.dfy
+Coinductive.dfy(204,8): Error: an inductive predicate can be called recursively only in positive positions
+Coinductive.dfy(205,8): Error: an inductive predicate can be called recursively only in positive positions
+Coinductive.dfy(206,8): Error: an inductive predicate can be called recursively only in positive positions and cannot sit inside an unbounded universal quantifier
+Coinductive.dfy(206,21): Error: an inductive predicate can be called recursively only in positive positions and cannot sit inside an unbounded universal quantifier
+Coinductive.dfy(219,15): Error: a copredicate can be called recursively only in positive positions and cannot sit inside an unbounded existential quantifier
+Coinductive.dfy(226,16): Error: an inductive predicate can be called recursively only in positive positions and cannot sit inside an unbounded universal quantifier
+Coinductive.dfy(238,5): Error: an inductive predicate can be called recursively only in positive positions
+Coinductive.dfy(241,28): Error: an inductive predicate can be called recursively only in positive positions and cannot sit inside an unbounded universal quantifier
+Coinductive.dfy(242,29): Error: an inductive predicate can be called recursively only in positive positions and cannot sit inside an unbounded universal quantifier
+Coinductive.dfy(243,17): Error: an inductive predicate can be called recursively only in positive positions and cannot sit inside an unbounded universal quantifier
+Coinductive.dfy(253,12): Error: an inductive predicate can be called recursively only in positive positions and cannot sit inside an unbounded universal quantifier
+Coinductive.dfy(259,15): Error: an inductive predicate can be called recursively only in positive positions and cannot sit inside an unbounded universal quantifier
+Coinductive.dfy(260,10): Error: an inductive predicate can be called recursively only in positive positions and cannot sit inside an unbounded universal quantifier
+Coinductive.dfy(280,21): Error: a recursive call from an inductive predicate can go only to other inductive predicates
+30 resolution/type errors detected in Coinductive.dfy
diff --git a/Test/dafny0/InductivePredicates.dfy b/Test/dafny0/InductivePredicates.dfy new file mode 100644 index 00000000..424118e7 --- /dev/null +++ b/Test/dafny0/InductivePredicates.dfy @@ -0,0 +1,175 @@ +// RUN: %dafny /compile:0 /print:"%t.print" /dprint:"%t.dprint" "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+
+datatype natinf = N(n: nat) | Inf
+
+inductive predicate Even(x: natinf)
+{
+ (x.N? && x.n == 0) ||
+ (x.N? && 2 <= x.n && Even(N(x.n - 2)))
+}
+
+lemma M(x: natinf)
+ requires Even(x)
+ ensures x.N? && x.n % 2 == 0
+{
+ var k: nat :| Even#[k](x);
+ M'(k, x);
+}
+
+// yay! my first proof involving an inductive predicate :)
+lemma M'(k: nat, x: natinf)
+ requires Even#[k](x)
+ ensures x.N? && x.n % 2 == 0
+{
+ if 0 < k {
+ if {
+ case x.N? && x.n == 0 =>
+ // trivial
+ case x.N? && 2 <= x.n && Even#[k-1](N(x.n - 2)) =>
+ M'(k-1, N(x.n - 2));
+ }
+ }
+}
+
+// Here is the same proof as in M / M', but packaged into a single "inductive lemma":
+inductive lemma IL(x: natinf)
+ requires Even(x)
+ ensures x.N? && x.n % 2 == 0
+{
+ if {
+ case x.N? && x.n == 0 =>
+ // trivial
+ case x.N? && 2 <= x.n && Even#[_k-1](N(x.n - 2)) =>
+ IL(N(x.n - 2));
+ }
+}
+
+inductive lemma IL_EvenBetter(x: natinf)
+ requires Even(x)
+ ensures x.N? && x.n % 2 == 0
+{
+ if {
+ case x.N? && x.n == 0 =>
+ // trivial
+ case x.N? && 2 <= x.n && Even(N(x.n - 2)) =>
+ IL_EvenBetter(N(x.n - 2));
+ }
+}
+
+inductive lemma IL_Bad(x: natinf)
+ requires Even(x)
+ ensures x.N? && x.n % 2 == 0
+{
+ assert false; // error: one shouldn't be able to prove just anything
+}
+
+lemma InfNotEven()
+ ensures !Even(Inf)
+{
+}
+
+lemma Test()
+{
+ assert !Even(N(1)); // Dafny can prove this
+ assert !Even(N(5));
+ assert !Even(N(17)); // error: this holds, but Dafny can't prove it directly (but see lemma below)
+}
+
+lemma SeventeenIsNotEven()
+ ensures !Even(N(17))
+{
+ assert Even(N(17))
+ == Even(N(15))
+ == Even(N(13))
+ == Even(N(11))
+ == Even(N(9))
+ == Even(N(7))
+ == Even(N(5))
+ == Even(N(3))
+ == Even(N(1))
+ == false;
+}
+
+lemma OneMore(x: natinf) returns (y: natinf)
+ requires Even(x)
+ ensures Even(y)
+{
+ y := N(x.n + 2);
+}
+
+// ----------------------- Here's another version of Even, using the S function
+
+module Alt {
+ datatype natinf = N(n: nat) | Inf
+
+ function S(x: natinf): natinf
+ {
+ match x
+ case N(n) => N(n+1)
+ case Inf => Inf
+ }
+
+ inductive predicate Even(x: natinf)
+ {
+ (x.N? && x.n == 0) ||
+ exists y :: x == S(S(y)) && Even(y)
+ }
+
+ inductive lemma MyLemma_NotSoNice(x: natinf)
+ requires Even(x)
+ ensures x.N? && x.n % 2 == 0
+ {
+ if {
+ case x.N? && x.n == 0 =>
+ // trivial
+ case exists y :: x == S(S(y)) && Even#[_k-1](y) =>
+ var y :| x == S(S(y)) && Even#[_k-1](y);
+ MyLemma_NotSoNice(y);
+ assert x.n == y.n + 2;
+ }
+ }
+
+ inductive lemma MyLemma_NiceButNotFast(x: natinf)
+ requires Even(x)
+ ensures x.N? && x.n % 2 == 0
+ {
+ if {
+ case x.N? && x.n == 0 =>
+ // trivial
+ case exists y :: x == S(S(y)) && Even(y) =>
+ var y :| x == S(S(y)) && Even(y);
+ MyLemma_NiceButNotFast(y);
+ assert x.n == y.n + 2;
+ }
+ }
+
+ lemma InfNotEven()
+ ensures !Even(Inf)
+ {
+ if Even(Inf) {
+ InfNotEven_Aux();
+ }
+ }
+
+ inductive lemma InfNotEven_Aux()
+ requires Even(Inf)
+ ensures false
+ {
+ var x := Inf;
+ if {
+ case x.N? && x.n == 0 =>
+ assert false; // this case is absurd
+ case exists y :: x == S(S(y)) && Even(y) =>
+ var y :| x == S(S(y)) && Even(y);
+ assert y == Inf;
+ InfNotEven_Aux();
+ }
+ }
+
+ lemma NextEven(x: natinf)
+ requires Even(x)
+ ensures Even(S(S(x)))
+ {
+ }
+}
diff --git a/Test/dafny0/InductivePredicates.dfy.expect b/Test/dafny0/InductivePredicates.dfy.expect new file mode 100644 index 00000000..b09b7903 --- /dev/null +++ b/Test/dafny0/InductivePredicates.dfy.expect @@ -0,0 +1,9 @@ +InductivePredicates.dfy(64,10): Error: assertion violation
+Execution trace:
+ (0,0): anon0
+ (0,0): anon3_Then
+InductivePredicates.dfy(76,11): Error: assertion violation
+Execution trace:
+ (0,0): anon0
+
+Dafny program verifier finished with 29 verified, 2 errors
diff --git a/Test/dafny0/NestedMatch.dfy b/Test/dafny0/NestedMatch.dfy new file mode 100644 index 00000000..e6e7c489 --- /dev/null +++ b/Test/dafny0/NestedMatch.dfy @@ -0,0 +1,59 @@ +// RUN: %dafny /compile:0 "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+
+datatype Nat = Zero | Suc(Nat)
+
+predicate Even(n: Nat)
+{
+ match n
+ case Zero => true
+ case Suc(Zero) => false
+ case Suc(Suc(p)) => Even(p)
+}
+
+
+method checkEven(n: Nat) {
+ assert Even(Zero) == true;
+ assert Even(Suc(Zero)) == false;
+ assert Even(Suc(Suc(n))) == Even(n);
+}
+
+datatype List<T> = Nil | Cons(T, List<T>)
+
+function last<T>(xs: List<T>): T
+ requires xs != Nil
+{
+ match xs
+ case Cons(y, Nil) => y
+ case Cons(y, Cons(z, zs)) => last(Cons(z, zs))
+}
+
+method checkLast(y: T) {
+ assert last(Cons(y, Nil)) == y;
+ assert last(Cons(y, Cons(y, Nil))) == last(Cons(y, Nil));
+}
+
+
+function minus(x: Nat, y: Nat): Nat
+{
+ match (x, y)
+ case (Zero, _) => Zero
+ case (Suc(_), Zero) => x
+ case (Suc(a), Suc(b)) => minus(a, b)
+}
+
+method checkMinus(x:Nat, y: Nat) {
+ assert minus(Suc(x), Suc(y)) == minus(x,y);
+}
+
+
+// nested match statement
+method Last<T>(xs: List<T>) returns (x: T)
+ requires xs != Nil
+{
+
+ match xs {
+ case Cons(y, Nil) => x:= y;
+ case Cons(y, Cons(z, zs)) => x:=Last(Cons(z, zs));
+ }
+}
diff --git a/Test/dafny0/NestedMatch.dfy.expect b/Test/dafny0/NestedMatch.dfy.expect new file mode 100644 index 00000000..f3a9c95f --- /dev/null +++ b/Test/dafny0/NestedMatch.dfy.expect @@ -0,0 +1,2 @@ +
+Dafny program verifier finished with 11 verified, 0 errors
diff --git a/Test/dafny0/ResolutionErrors.dfy b/Test/dafny0/ResolutionErrors.dfy index f0138c6c..761cffa0 100644 --- a/Test/dafny0/ResolutionErrors.dfy +++ b/Test/dafny0/ResolutionErrors.dfy @@ -1342,3 +1342,10 @@ module GhostLet { x := ghost var a :| 0 <= a; 10; // fine
}
}
+
+// ------------------- tuple equality support -------------------
+
+module TupleEqualitySupport {
+ datatype GoodRecord = GoodRecord(set<(int,int)>)
+ datatype BadRecord = BadRecord(set<(int, int->bool)>) // error: this tuple type does not support equality
+}
diff --git a/Test/dafny0/snapshots/runtest.snapshot.expect b/Test/dafny0/snapshots/runtest.snapshot.expect index 8ad86f3b..f1050f62 100644 --- a/Test/dafny0/snapshots/runtest.snapshot.expect +++ b/Test/dafny0/snapshots/runtest.snapshot.expect @@ -6,12 +6,17 @@ Processing command (at Snapshots0.v0.dfy(4,10)) assert Lit(false); >>> DoNothingToAssert
Dafny program verifier finished with 3 verified, 0 errors
+Processing implementation CheckWellformed$$_module.__default.bar (at Snapshots0.v1.dfy(7,8)):
+ >>> added axiom: ##extracted_function##1() == (0 == $ModuleContextHeight && 0 == $FunctionContextHeight)
+ >>> added after assuming the current precondition: a##cached##0 := a##cached##0 && ##extracted_function##1();
Processing call to procedure IntraModuleCall$$_module.__default.bar in implementation Impl$$_module.__default.foo (at Snapshots0.v1.dfy(3,6)):
- >>> added axiom: (forall call0old#AT#$Heap: Heap, $Heap: Heap :: {:weight 30} { ##extracted_function##1(call0old#AT#$Heap, $Heap) } ##extracted_function##1(call0old#AT#$Heap, $Heap) == (true && Lit(false) && (forall<alpha> $o: ref, $f: Field alpha :: { read($Heap, $o, $f) } $o != null && read(call0old#AT#$Heap, $o, alloc) ==> read($Heap, $o, $f) == read(call0old#AT#$Heap, $o, $f)) && $HeapSucc(call0old#AT#$Heap, $Heap)))
- >>> added after: a##post##0 := a##post##0 && ##extracted_function##1(call0old#AT#$Heap, $Heap);
+ >>> added axiom: (forall call0old#AT#$Heap: Heap, $Heap: Heap :: {:weight 30} { ##extracted_function##2(call0old#AT#$Heap, $Heap) } ##extracted_function##2(call0old#AT#$Heap, $Heap) == (true && Lit(false) && (forall<alpha> $o: ref, $f: Field alpha :: { read($Heap, $o, $f) } $o != null && read(call0old#AT#$Heap, $o, alloc) ==> read($Heap, $o, $f) == read(call0old#AT#$Heap, $o, $f)) && $HeapSucc(call0old#AT#$Heap, $Heap)))
+ >>> added after: a##cached##0 := a##cached##0 && ##extracted_function##2(call0old#AT#$Heap, $Heap);
+Processing command (at <unknown location>) a##cached##0 := a##cached##0 && ##extracted_function##1();
+ >>> AssumeNegationOfAssumptionVariable
Processing command (at Snapshots0.v1.dfy(3,6)) assert (forall<alpha> $o: ref, $f: Field alpha :: false ==> $_Frame[$o, $f]);
>>> MarkAsFullyVerified
-Processing command (at <unknown location>) a##post##0 := a##post##0 && ##extracted_function##1(call0old#AT#$Heap, $Heap);
+Processing command (at <unknown location>) a##cached##0 := a##cached##0 && ##extracted_function##2(call0old#AT#$Heap, $Heap);
>>> AssumeNegationOfAssumptionVariable
Processing command (at Snapshots0.v1.dfy(4,10)) assert Lit(false);
>>> MarkAsPartiallyVerified
@@ -31,7 +36,7 @@ Processing command (at Snapshots1.v0.dfy(12,3)) assert true; Dafny program verifier finished with 4 verified, 0 errors
Processing call to procedure IntraModuleCall$$_module.__default.N in implementation Impl$$_module.__default.M (at Snapshots1.v1.dfy(3,4)):
- >>> added after: a##post##0 := a##post##0 && false;
+ >>> added after: a##cached##0 := a##cached##0 && false;
Processing command (at Snapshots1.v1.dfy(12,3)) assert true;
>>> MarkAsFullyVerified
Processing command (at Snapshots1.v1.dfy(3,4)) assert (forall<alpha> $o: ref, $f: Field alpha :: false ==> $_Frame[$o, $f]);
@@ -62,7 +67,11 @@ Processing command (at Snapshots2.v0.dfy(18,3)) assert true; Dafny program verifier finished with 6 verified, 0 errors
Processing call to procedure IntraModuleCall$$_module.__default.N in implementation Impl$$_module.__default.M (at Snapshots2.v1.dfy(3,4)):
- >>> added after: a##post##0 := a##post##0 && false;
+ >>> added after: a##cached##0 := a##cached##0 && false;
+Processing implementation CheckWellformed$$_module.__default.P (at Snapshots2.v1.dfy(10,11)):
+ >>> added after assuming the current precondition: a##cached##0 := a##cached##0 && false;
+Processing implementation CheckWellformed$$_module.__default.Q (at Snapshots2.v1.dfy(13,11)):
+ >>> added after assuming the current precondition: a##cached##0 := a##cached##0 && false;
Processing command (at Snapshots2.v1.dfy(18,3)) assert true;
>>> MarkAsFullyVerified
Processing command (at Snapshots2.v1.dfy(3,4)) assert (forall<alpha> $o: ref, $f: Field alpha :: false ==> $_Frame[$o, $f]);
@@ -73,11 +82,11 @@ Snapshots2.v1.dfy(4,10): Error: assertion violation Execution trace:
(0,0): anon0
Processing command (at Snapshots2.v1.dfy(11,11)) assert true;
- >>> MarkAsFullyVerified
+ >>> DoNothingToAssert
Processing command (at Snapshots2.v1.dfy(11,15)) assert _module.__default.P($LS($LS($LZ)), $Heap) <==> _module.__default.Q($LS($LS($LZ)), $Heap);
>>> DoNothingToAssert
Processing command (at Snapshots2.v1.dfy(14,11)) assert true;
- >>> MarkAsFullyVerified
+ >>> DoNothingToAssert
Processing command (at Snapshots2.v1.dfy(14,15)) assert _module.__default.Q($LS($LS($LZ)), $Heap) <==> Lit(_module.__default.R($Heap));
>>> DoNothingToAssert
@@ -171,8 +180,28 @@ Processing command (at Snapshots7.v0.dfy(19,14)) assert Lit(false); >>> DoNothingToAssert
Dafny program verifier finished with 4 verified, 0 errors
+Processing implementation CheckWellformed$$_0_M0.C.Foo (at Snapshots7.v1.dfy(5,12)):
+ >>> added axiom: ##extracted_function##1() == (0 == $ModuleContextHeight && 0 == $FunctionContextHeight)
+ >>> added after assuming the current precondition: a##cached##0 := a##cached##0 && ##extracted_function##1();
+Processing implementation Impl$$_0_M0.C.Foo (at Snapshots7.v1.dfy(5,12)):
+ >>> added axiom: ##extracted_function##2() == (0 == $ModuleContextHeight && 0 == $FunctionContextHeight && Lit(false))
+ >>> added after assuming the current precondition: a##cached##0 := a##cached##0 && ##extracted_function##2();
+Processing implementation CheckWellformed$$_1_M1.C.Foo (at Snapshots7.v1.dfy[M1](5,12)):
+ >>> added axiom: ##extracted_function##3() == (1 == $ModuleContextHeight && 0 == $FunctionContextHeight)
+ >>> added after assuming the current precondition: a##cached##0 := a##cached##0 && ##extracted_function##3();
+Processing implementation Impl$$_1_M1.C.Foo (at Snapshots7.v1.dfy[M1](5,12)):
+ >>> added axiom: ##extracted_function##4() == (1 == $ModuleContextHeight && 0 == $FunctionContextHeight && Lit(false))
+ >>> added after assuming the current precondition: a##cached##0 := a##cached##0 && ##extracted_function##4();
+Processing command (at <unknown location>) a##cached##0 := a##cached##0 && ##extracted_function##1();
+ >>> AssumeNegationOfAssumptionVariable
+Processing command (at <unknown location>) a##cached##0 := a##cached##0 && ##extracted_function##2();
+ >>> AssumeNegationOfAssumptionVariable
+Processing command (at <unknown location>) a##cached##0 := a##cached##0 && ##extracted_function##3();
+ >>> AssumeNegationOfAssumptionVariable
+Processing command (at <unknown location>) a##cached##0 := a##cached##0 && ##extracted_function##4();
+ >>> AssumeNegationOfAssumptionVariable
Processing command (at Snapshots7.v1.dfy(19,14)) assert Lit(false);
- >>> DoNothingToAssert
+ >>> MarkAsPartiallyVerified
Snapshots7.v1.dfy(19,14): Error: assertion violation
Execution trace:
(0,0): anon0
diff --git a/Test/dafny4/Bug79.dfy b/Test/dafny4/Bug79.dfy new file mode 100644 index 00000000..49f2421b --- /dev/null +++ b/Test/dafny4/Bug79.dfy @@ -0,0 +1,10 @@ +// RUN: %dafny /compile:0 "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+
+function foo(s:int) : (int, int)
+
+function bar(s:int) : bool
+{
+ var (x, rest) := foo(s);
+ x > 0
+}
\ No newline at end of file diff --git a/Test/dafny4/Bug79.dfy.expect b/Test/dafny4/Bug79.dfy.expect new file mode 100644 index 00000000..069e7767 --- /dev/null +++ b/Test/dafny4/Bug79.dfy.expect @@ -0,0 +1,2 @@ +
+Dafny program verifier finished with 2 verified, 0 errors
diff --git a/Test/dafny4/Bug81.dfy b/Test/dafny4/Bug81.dfy new file mode 100644 index 00000000..1992d666 --- /dev/null +++ b/Test/dafny4/Bug81.dfy @@ -0,0 +1,9 @@ +// RUN: %dafny /compile:0 "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+
+function {:opaque} RefineSeqToSeq<T,U>(s:seq<T>, refine_func:T->U) : seq<U>
+ reads refine_func.reads;
+{
+ if |s| == 0 then []
+ else RefineSeqToSeq(s[1..], refine_func)
+}
diff --git a/Test/dafny4/Bug81.dfy.expect b/Test/dafny4/Bug81.dfy.expect new file mode 100644 index 00000000..069e7767 --- /dev/null +++ b/Test/dafny4/Bug81.dfy.expect @@ -0,0 +1,2 @@ +
+Dafny program verifier finished with 2 verified, 0 errors
diff --git a/Test/dafny4/Juggernaut.dfy b/Test/dafny4/Juggernaut.dfy new file mode 100644 index 00000000..783f725b --- /dev/null +++ b/Test/dafny4/Juggernaut.dfy @@ -0,0 +1,20 @@ +// RUN: %dafny /compile:0 /dprint:"%t.dprint" "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+
+method Jug()
+{
+ var x, y, z;
+ while x > 0 && y > 0 && z > 0
+ decreases x < y, z
+ {
+ if y > x {
+ y := z;
+ x := *;
+ z := x - 1;
+ } else {
+ z := z - 1;
+ x := *;
+ y := x - 1;
+ }
+ }
+}
diff --git a/Test/dafny4/Juggernaut.dfy.expect b/Test/dafny4/Juggernaut.dfy.expect new file mode 100644 index 00000000..069e7767 --- /dev/null +++ b/Test/dafny4/Juggernaut.dfy.expect @@ -0,0 +1,2 @@ +
+Dafny program verifier finished with 2 verified, 0 errors
diff --git a/Test/dafny4/NipkowKlein-chapter3.dfy b/Test/dafny4/NipkowKlein-chapter3.dfy new file mode 100644 index 00000000..6572359a --- /dev/null +++ b/Test/dafny4/NipkowKlein-chapter3.dfy @@ -0,0 +1,282 @@ +// RUN: %dafny /compile:0 /rprint:"%t.rprint" "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+
+// This file is a Dafny encoding of chapter 3 from "Concrete Semantics: With Isabelle/HOL" by
+// Tobias Nipkow and Gerwin Klein.
+
+// ----- lists -----
+
+datatype List<T> = Nil | Cons(head: T, tail: List<T>)
+
+function append(xs: List, ys: List): List
+{
+ match xs
+ case Nil => ys
+ case Cons(x, tail) => Cons(x, append(tail, ys))
+}
+
+// ----- arithmetic expressions -----
+
+type vname = string // variable names
+datatype aexp = N(n: int) | V(x: vname) | Plus(0: aexp, 1: aexp) // arithmetic expressions
+
+type val = int
+type state = vname -> val
+// In Dafny, functions can in general read the heap (which is not interesting to these examples--in fact, for
+// the examples in this file, the fact that functions can read the state is just a distraction, so you can
+// just ignore all the lines "reads s.reads" if you prefer) and may have preconditions (that is, the function
+// may have some domain that is not specific than what its type says).
+// The following predicate holds for a given s if s can be applied to any vname
+predicate Total(s: state)
+ reads s.reads // this says that Total(s) can read anything that s can (on any input)
+{
+ // the following line is the conjunction, over all x, of the precondition of the call s(x)
+ forall x :: s.requires(x)
+}
+
+function aval(a: aexp, s: state): val
+ reads s.reads
+ requires Total(s)
+{
+ match a
+ case N(n) => n
+ case V(x) => s(x)
+ case Plus(a0, a1) => aval(a0, s) + aval(a1, s)
+}
+
+lemma Example0()
+{
+ var y := aval(Plus(N(3), V("x")), x => 0);
+ // The following line confirms that y is 3. If you don't know what y is, you can use the
+ // verification debugger to figure it out, like this: Put any value in the assert (for example,
+ // "assert y == 0;". If you're lucky and picked the right value, the verifier will prove the
+ // assertion for you. If the verifier says it's unable to prove it, then click on the error
+ // (in the Dafny IDE), which brings up the verification debugger. There, inspect the value
+ // of y. This is probably the right value, but due to incompleteness in the verifier, it
+ // could happen that the value you see is some value that verifier wasn't able to properly
+ // exclude. Therefore, it's best to now take the value you see in the verification debugger,
+ // say K, and put that into the assert ("assert y == K;"), to have the verifier confirm that
+ // K really is the answer.
+ assert y == 3;
+}
+
+// ----- constant folding -----
+
+function asimp_const(a: aexp): aexp
+{
+ match a
+ case N(n) => a
+ case V(x) => a
+ case Plus(a0, a1) =>
+ var as0, as1 := asimp_const(a0), asimp_const(a1);
+ if as0.N? && as1.N? then
+ N(as0.n + as1.n)
+ else
+ Plus(as0, as1)
+}
+
+lemma AsimpConst(a: aexp, s: state)
+ requires Total(s)
+ ensures aval(asimp_const(a), s) == aval(a, s)
+{
+ // by induction
+ forall a' | a' < a {
+ AsimpConst(a', s); // this invokes the induction hypothesis for every a' that is structurally smaller than a
+ }
+/* Here is an alternative proof. In the first two cases, the proof is trivial. The Plus case uses two invocations
+ of the induction hypothesis.
+ match a
+ case N(n) =>
+ case V(x) =>
+ case Plus(a0, a1) =>
+ AsimpConst(a0, s);
+ AsimpConst(a1, s);
+*/
+}
+
+// more constant folding
+
+function plus(a0: aexp, a1: aexp): aexp
+{
+ if a0.N? && a1.N? then
+ N(a0.n + a1.n)
+ else if a0.N? then
+ if a0.n == 0 then a1 else Plus(a0, a1)
+ else if a1.N? then
+ if a1.n == 0 then a0 else Plus(a0, a1)
+ else
+ Plus(a0, a1)
+}
+
+lemma AvalPlus(a0: aexp, a1: aexp, s: state)
+ requires Total(s)
+ ensures aval(plus(a0, a1), s) == aval(a0, s) + aval(a1, s)
+{
+ // this proof is done automatically
+}
+
+function asimp(a: aexp): aexp
+{
+ match a
+ case N(n) => a
+ case V(x) => a
+ case Plus(a0, a1) => plus(asimp(a0), asimp(a1))
+}
+
+lemma AsimpCorrect(a: aexp, s: state)
+ requires Total(s)
+ ensures aval(asimp(a), s) == aval(a, s)
+{
+ // call the induction hypothesis on every value a' that is structurally smaller than a
+ forall a' | a' < a { AsimpCorrect(a', s); }
+}
+
+// ----- boolean expressions -----
+
+datatype bexp = Bc(v: bool) | Not(op: bexp) | And(0: bexp, 1: bexp) | Less(a0: aexp, a1: aexp)
+
+function bval(b: bexp, s: state): bool
+ reads s.reads
+ requires Total(s)
+{
+ match b
+ case Bc(v) => v
+ case Not(b) => !bval(b, s)
+ case And(b0, b1) => bval(b0, s) && bval(b1, s)
+ case Less(a0, a1) => aval(a0, s) < aval(a1, s)
+}
+
+// constant folding for booleans
+
+function not(b: bexp): bexp
+{
+ match b
+ case Bc(b0) => Bc(!b0)
+ case Not(b0) => b0 // this case is not in the Nipkow and Klein book, but it seems a nice one to include
+ case And(_, _) => Not(b)
+ case Less(_, _) => Not(b)
+}
+
+function and(b0: bexp, b1: bexp): bexp
+{
+ if b0.Bc? then
+ if b0.v then b1 else b0
+ else if b1.Bc? then
+ if b1.v then b0 else b1
+ else
+ And(b0, b1)
+}
+
+function less(a0: aexp, a1: aexp): bexp
+{
+ if a0.N? && a1.N? then
+ Bc(a0.n < a1.n)
+ else
+ Less(a0, a1)
+}
+
+function bsimp(b: bexp): bexp
+{
+ match b
+ case Bc(v) => b
+ case Not(b0) => not(bsimp(b0))
+ case And(b0, b1) => and(bsimp(b0), bsimp(b1))
+ case Less(a0, a1) => less(asimp(a0), asimp(a1))
+}
+
+lemma BsimpCorrect(b: bexp, s: state)
+ requires Total(s)
+ ensures bval(bsimp(b), s) == bval(b, s)
+{
+/* Here is one proof, which uses the induction hypothesis any anything smaller than b and also invokes
+ the lemma AsimpCorrect on anything smaller than b.
+ forall b' | b' < b { BsimpCorrect(b', s); }
+ forall a' | a' < b { AsimpCorrect(a', s); }
+*/
+ // Here is another proof, which makes explicit the uses of the induction hypothesis and the other lemma.
+ match b
+ case Bc(v) =>
+ case Not(b0) =>
+ BsimpCorrect(b0, s);
+ case And(b0, b1) =>
+ BsimpCorrect(b0, s); BsimpCorrect(b1, s);
+ case Less(a0, a1) =>
+ AsimpCorrect(a0, s); AsimpCorrect(a1, s);
+}
+
+// ----- stack machine -----
+
+datatype instr = LOADI(val) | LOAD(vname) | ADD
+
+type stack = List<val>
+
+function exec1(i: instr, s: state, stk: stack): stack
+ reads s.reads
+ requires Total(s)
+{
+ match i
+ case LOADI(n) => Cons(n, stk)
+ case LOAD(x) => Cons(s(x), stk)
+ case ADD =>
+ if stk.Cons? && stk.tail.Cons? then
+ var Cons(a1, Cons(a0, tail)) := stk;
+ Cons(a0 + a1, tail)
+ else // stack underflow
+ Nil // an alternative would be to return Cons(n, Nil) for an arbitrary value n--that is what Nipkow and Klein do
+}
+
+function exec(ii: List<instr>, s: state, stk: stack): stack
+ reads s.reads
+ requires Total(s)
+{
+ match ii
+ case Nil => stk
+ case Cons(i, rest) => exec(rest, s, exec1(i, s, stk))
+}
+
+// ----- compilation -----
+
+function comp(a: aexp): List<instr>
+{
+ match a
+ case N(n) => Cons(LOADI(n), Nil)
+ case V(x) => Cons(LOAD(x), Nil)
+ case Plus(a0, a1) => append(append(comp(a0), comp(a1)), Cons(ADD, Nil))
+}
+
+lemma CorrectCompilation(a: aexp, s: state, stk: stack)
+ requires Total(s)
+ ensures exec(comp(a), s, stk) == Cons(aval(a, s), stk)
+{
+ match a
+ case N(n) =>
+ case V(x) =>
+ case Plus(a0, a1) =>
+ // This proof spells out the proof as a series of equality-preserving steps. Each
+ // expression in the calculation is terminated by a semi-colon. In some cases, a hint
+ // for the step is needed. Such hints are given in curly braces.
+ calc {
+ exec(comp(a), s, stk);
+ // definition of comp on Plus
+ exec(append(append(comp(a0), comp(a1)), Cons(ADD, Nil)), s, stk);
+ { ExecAppend(append(comp(a0), comp(a1)), Cons(ADD, Nil), s, stk); }
+ exec(Cons(ADD, Nil), s, exec(append(comp(a0), comp(a1)), s, stk));
+ { ExecAppend(comp(a0), comp(a1), s, stk); }
+ exec(Cons(ADD, Nil), s, exec(comp(a1), s, exec(comp(a0), s, stk)));
+ { CorrectCompilation(a0, s, stk); }
+ exec(Cons(ADD, Nil), s, exec(comp(a1), s, Cons(aval(a0, s), stk)));
+ { CorrectCompilation(a1, s, Cons(aval(a0, s), stk)); }
+ exec(Cons(ADD, Nil), s, Cons(aval(a1, s), Cons(aval(a0, s), stk)));
+ // definition of comp on ADD
+ Cons(aval(a1, s) + aval(a0, s), stk);
+ // definition of aval on Plus
+ Cons(aval(a, s), stk);
+ }
+}
+
+lemma ExecAppend(ii0: List<instr>, ii1: List<instr>, s: state, stk: stack)
+ requires Total(s)
+ ensures exec(append(ii0, ii1), s, stk) == exec(ii1, s, exec(ii0, s, stk))
+{
+ // the proof (which is by induction) is done automatically
+}
diff --git a/Test/dafny4/NipkowKlein-chapter3.dfy.expect b/Test/dafny4/NipkowKlein-chapter3.dfy.expect new file mode 100644 index 00000000..ab18d98e --- /dev/null +++ b/Test/dafny4/NipkowKlein-chapter3.dfy.expect @@ -0,0 +1,2 @@ +
+Dafny program verifier finished with 28 verified, 0 errors
diff --git a/Test/dafny4/NipkowKlein-chapter7.dfy b/Test/dafny4/NipkowKlein-chapter7.dfy new file mode 100644 index 00000000..33be9dd6 --- /dev/null +++ b/Test/dafny4/NipkowKlein-chapter7.dfy @@ -0,0 +1,468 @@ +// RUN: %dafny /compile:0 /rprint:"%t.rprint" "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+
+// This file is a Dafny encoding of chapter 7 from "Concrete Semantics: With Isabelle/HOL" by
+// Tobias Nipkow and Gerwin Klein.
+
+// ----- first, some definitions from chapter 3 -----
+
+datatype List<T> = Nil | Cons(head: T, tail: List<T>)
+type vname = string // variable names
+
+type val = int
+type state = imap<vname, val>
+predicate Total(s: state)
+{
+ forall x :: x in s
+}
+
+datatype aexp = N(n: int) | V(x: vname) | Plus(0: aexp, 1: aexp) // arithmetic expressions
+function aval(a: aexp, s: state): val
+ requires Total(s)
+{
+ match a
+ case N(n) => n
+ case V(x) => s[x]
+ case Plus(a0, a1) => aval(a0,s ) + aval(a1, s)
+}
+
+datatype bexp = Bc(v: bool) | Not(op: bexp) | And(0: bexp, 1: bexp) | Less(a0: aexp, a1: aexp)
+function bval(b: bexp, s: state): bool
+ requires Total(s)
+{
+ match b
+ case Bc(v) => v
+ case Not(b) => !bval(b, s)
+ case And(b0, b1) => bval(b0, s) && bval(b1, s)
+ case Less(a0, a1) => aval(a0, s) < aval(a1, s)
+}
+
+// ----- IMP commands -----
+
+datatype com = SKIP | Assign(vname, aexp) | Seq(com, com) | If(bexp, com, com) | While(bexp, com)
+
+// ----- Big-step semantics -----
+
+inductive predicate big_step(c: com, s: state, t: state)
+ requires Total(s)
+{
+ match c
+ case SKIP =>
+ s == t
+ case Assign(x, a) =>
+ t == s[x := aval(a, s)]
+ case Seq(c0, c1) =>
+ exists s' ::
+ Total(s') &&
+ big_step(c0, s, s') &&
+ big_step(c1, s', t)
+ case If(b, thn, els) =>
+ big_step(if bval(b, s) then thn else els, s, t)
+ case While(b, body) =>
+ (!bval(b, s) && s == t) ||
+ (bval(b, s) && exists s' ::
+ Total(s') &&
+ big_step(body, s, s') &&
+ big_step(While(b, body), s', t))
+}
+
+lemma Example1(s: state, t: state)
+ requires Total(s)
+ requires t == s["x" := 5]["y" := 5]
+ ensures big_step(Seq(Assign("x", N(5)), Assign("y", V("x"))), s, t)
+{
+ var s' := s["x" := 5];
+ calc <== {
+ big_step(Seq(Assign("x", N(5)), Assign("y", V("x"))), s, t);
+ // 5 is suffiiently high
+ big_step#[5](Seq(Assign("x", N(5)), Assign("y", V("x"))), s, t);
+ big_step#[4](Assign("x", N(5)), s, s') && big_step#[4](Assign("y", V("x")), s', t);
+ // the rest is done automatically
+ true;
+ }
+}
+
+lemma SemiAssociativity(c0: com, c1: com, c2: com, s: state, t: state)
+ requires Total(s)
+ ensures big_step(Seq(Seq(c0, c1), c2), s, t) == big_step(Seq(c0, Seq(c1, c2)), s, t)
+{
+ calc {
+ big_step(Seq(Seq(c0, c1), c2), s, t);
+ // def. big_step
+ exists s'' :: Total(s'') && big_step(Seq(c0, c1), s, s'') && big_step(c2, s'', t);
+ // def. big_step
+ exists s'' :: Total(s'') && (exists s' :: Total(s') && big_step(c0, s, s') && big_step(c1, s', s'')) && big_step(c2, s'', t);
+ // logic
+ exists s', s'' :: Total(s') && Total(s'') && big_step(c0, s, s') && big_step(c1, s', s'') && big_step(c2, s'', t);
+ // logic
+ exists s' :: Total(s') && big_step(c0, s, s') && exists s'' :: Total(s'') && big_step(c1, s', s'') && big_step(c2, s'', t);
+ // def. big_step
+ exists s' :: Total(s') && big_step(c0, s, s') && big_step(Seq(c1, c2), s', t);
+ // def. big_step
+ big_step(Seq(c0, Seq(c1, c2)), s, t);
+ }
+}
+
+predicate equiv_c(c: com, c': com)
+{
+ forall s,t :: Total(s) ==> big_step(c, s, t) == big_step(c', s, t)
+}
+
+lemma lemma_7_3(b: bexp, c: com)
+ ensures equiv_c(While(b, c), If(b, Seq(c, While(b, c)), SKIP))
+{
+}
+
+lemma lemma_7_4(b: bexp, c: com)
+ ensures equiv_c(If(b, c, c), c)
+{
+}
+
+lemma lemma_7_5(b: bexp, c: com, c': com)
+ requires equiv_c(c, c')
+ ensures equiv_c(While(b, c), While(b, c'))
+{
+ forall s,t | Total(s)
+ ensures big_step(While(b, c), s, t) == big_step(While(b, c'), s, t)
+ {
+ if big_step(While(b, c), s, t) {
+ lemma_7_6(b, c, c', s, t);
+ }
+ if big_step(While(b, c'), s, t) {
+ lemma_7_6(b, c', c, s, t);
+ }
+ }
+}
+
+inductive lemma lemma_7_6(b: bexp, c: com, c': com, s: state, t: state)
+ requires Total(s) && big_step(While(b, c), s, t) && equiv_c(c, c')
+ ensures big_step(While(b, c'), s, t)
+{
+ if !bval(b, s) {
+ // trivial
+ } else {
+ var s' :| Total(s') && big_step#[_k-1](c, s, s') && big_step#[_k-1](While(b, c), s', t);
+ lemma_7_6(b, c, c', s', t); // induction hypothesis
+ }
+}
+
+// equiv_c is an equivalence relation
+lemma equiv_c_reflexive(c: com, c': com)
+ ensures c == c' ==> equiv_c(c, c')
+{
+}
+lemma equiv_c_symmetric(c: com, c': com)
+ ensures equiv_c(c, c') ==> equiv_c(c', c)
+{
+}
+lemma equiv_c_transitive(c: com, c': com, c'': com)
+ ensures equiv_c(c, c') && equiv_c(c', c'') ==> equiv_c(c, c'')
+{
+}
+
+inductive lemma IMP_is_deterministic(c: com, s: state, t: state, t': state)
+ requires Total(s) && big_step(c, s, t) && big_step(c, s, t')
+ ensures t == t'
+{
+ match c
+ case SKIP =>
+ // trivial
+ case Assign(x, a) =>
+ // trivial
+ case Seq(c0, c1) =>
+ var s' :| Total(s') && big_step#[_k-1](c0, s, s') && big_step#[_k-1](c1, s', t);
+ var s'' :| Total(s'') && big_step#[_k-1](c0, s, s'') && big_step#[_k-1](c1, s'', t');
+ IMP_is_deterministic(c0, s, s', s'');
+ IMP_is_deterministic(c1, s', t, t');
+ case If(b, thn, els) =>
+ IMP_is_deterministic(if bval(b, s) then thn else els, s, t, t');
+ case While(b, body) =>
+ if !bval(b, s) {
+ // trivial
+ } else {
+ var s' :| Total(s') && big_step#[_k-1](body, s, s') && big_step#[_k-1](While(b, body), s', t);
+ var s'' :| Total(s'') && big_step#[_k-1](body, s, s'') && big_step#[_k-1](While(b, body), s'', t');
+ IMP_is_deterministic(body, s, s', s'');
+ IMP_is_deterministic(While(b, body), s', t, t');
+ }
+}
+
+// ----- Small-step semantics -----
+
+inductive predicate small_step(c: com, s: state, c': com, s': state)
+ requires Total(s)
+{
+ match c
+ case SKIP => false
+ case Assign(x, a) =>
+ c' == SKIP && s' == s[x := aval(a, s)]
+ case Seq(c0, c1) =>
+ (c0 == SKIP && c' == c1 && s' == s) ||
+ exists c0' :: c' == Seq(c0', c1) && small_step(c0, s, c0', s')
+ case If(b, thn, els) =>
+ c' == (if bval(b, s) then thn else els) && s' == s
+ case While(b, body) =>
+ c' == If(b, Seq(body, While(b, body)), SKIP) && s' == s
+}
+
+inductive lemma SmallStep_is_deterministic(cs: (com, state), cs': (com, state), cs'': (com, state))
+ requires Total(cs.1)
+ requires small_step(cs.0, cs.1, cs'.0, cs'.1)
+ requires small_step(cs.0, cs.1, cs''.0, cs''.1)
+ ensures cs' == cs''
+{
+ match cs.0
+ case Assign(x, a) =>
+ case Seq(c0, c1) =>
+ if c0 == SKIP {
+ } else {
+ var c0' :| cs'.0 == Seq(c0', c1) && small_step#[_k-1](c0, cs.1, c0', cs'.1);
+ var c0'' :| cs''.0 == Seq(c0'', c1) && small_step#[_k-1](c0, cs.1, c0'', cs''.1);
+ SmallStep_is_deterministic((c0, cs.1), (c0', cs'.1), (c0'', cs''.1));
+ }
+ case If(b, thn, els) =>
+ case While(b, body) =>
+}
+
+inductive lemma small_step_ends_in_Total_state(c: com, s: state, c': com, s': state)
+ requires Total(s) && small_step(c, s, c', s')
+ ensures Total(s')
+{
+ match c
+ case Assign(x, a) =>
+ case Seq(c0, c1) =>
+ if c0 != SKIP {
+ var c0' :| c' == Seq(c0', c1) && small_step(c0, s, c0', s');
+ small_step_ends_in_Total_state(c0, s, c0', s');
+ }
+ case If(b, thn, els) =>
+ case While(b, body) =>
+}
+
+inductive predicate small_step_star(c: com, s: state, c': com, s': state)
+ requires Total(s)
+{
+ (c == c' && s == s') ||
+ exists c'', s'' ::
+ small_step(c, s, c'', s'') &&
+ (small_step_ends_in_Total_state(c, s, c'', s''); small_step_star(c'', s'', c', s'))
+}
+
+inductive lemma small_step_star_ends_in_Total_state(c: com, s: state, c': com, s': state)
+ requires Total(s) && small_step_star(c, s, c', s')
+ ensures Total(s')
+{
+ if c == c' && s == s' {
+ } else {
+ var c'', s'' :| small_step(c, s, c'', s'') &&
+ (small_step_ends_in_Total_state(c, s, c'', s''); small_step_star#[_k-1](c'', s'', c', s'));
+ small_step_star_ends_in_Total_state(c'', s'', c', s');
+ }
+}
+
+lemma star_transitive(c0: com, s0: state, c1: com, s1: state, c2: com, s2: state)
+ requires Total(s0) && Total(s1)
+ requires small_step_star(c0, s0, c1, s1) && small_step_star(c1, s1, c2, s2)
+ ensures small_step_star(c0, s0, c2, s2)
+{
+ star_transitive_aux(c0, s0, c1, s1, c2, s2);
+}
+inductive lemma star_transitive_aux(c0: com, s0: state, c1: com, s1: state, c2: com, s2: state)
+ requires Total(s0) && Total(s1)
+ requires small_step_star(c0, s0, c1, s1)
+ ensures small_step_star(c1, s1, c2, s2) ==> small_step_star(c0, s0, c2, s2)
+{
+ if c0 == c1 && s0 == s1 {
+ } else {
+ var c', s' :|
+ small_step(c0, s0, c', s') &&
+ (small_step_ends_in_Total_state(c0, s0, c', s'); small_step_star#[_k-1](c', s', c1, s1));
+ star_transitive_aux(c', s', c1, s1, c2, s2);
+ }
+}
+
+// The big-step semantics can be simulated by some number of small steps
+inductive lemma BigStep_implies_SmallStepStar(c: com, s: state, t: state)
+ requires Total(s) && big_step(c, s, t)
+ ensures small_step_star(c, s, SKIP, t)
+{
+ match c
+ case SKIP =>
+ // trivial
+ case Assign(x, a) =>
+ assert t == s[x := aval(a, s)];
+ assert small_step(c, s, SKIP, t);
+ assert small_step_star(SKIP, t, SKIP, t);
+ case Seq(c0, c1) =>
+ var s' :| Total(s') && big_step#[_k-1](c0, s, s') && big_step#[_k-1](c1, s', t);
+ calc <== {
+ small_step_star(c, s, SKIP, t);
+ { star_transitive(Seq(c0, c1), s, Seq(SKIP, c1), s', SKIP, t); }
+ small_step_star(Seq(c0, c1), s, Seq(SKIP, c1), s') && small_step_star(Seq(SKIP, c1), s', SKIP, t);
+ { lemma_7_13(c0, s, SKIP, s', c1); }
+ small_step_star(c0, s, SKIP, s') && small_step_star(Seq(SKIP, c1), s', SKIP, t);
+ { BigStep_implies_SmallStepStar(c0, s, s'); }
+ small_step_star(Seq(SKIP, c1), s', SKIP, t);
+ { assert small_step(Seq(SKIP, c1), s', c1, s'); }
+ small_step_star(c1, s', SKIP, t);
+ { BigStep_implies_SmallStepStar(c1, s', t); }
+ true;
+ }
+ case If(b, thn, els) =>
+ BigStep_implies_SmallStepStar(if bval(b, s) then thn else els, s, t);
+ case While(b, body) =>
+ if !bval(b, s) && s == t {
+ calc <== {
+ small_step_star(c, s, SKIP, t);
+ { assert small_step(c, s, If(b, Seq(body, While(b, body)), SKIP), s); }
+ small_step_star(If(b, Seq(body, While(b, body)), SKIP), s, SKIP, t);
+ { assert small_step(If(b, Seq(body, While(b, body)), SKIP), s, SKIP, s); }
+ small_step_star(SKIP, s, SKIP, t);
+ true;
+ }
+ } else {
+ var s' :| Total(s') && big_step#[_k-1](body, s, s') && big_step#[_k-1](While(b, body), s', t);
+ calc <== {
+ small_step_star(c, s, SKIP, t);
+ { assert small_step(c, s, If(b, Seq(body, While(b, body)), SKIP), s); }
+ small_step_star(If(b, Seq(body, While(b, body)), SKIP), s, SKIP, t);
+ { assert small_step(If(b, Seq(body, While(b, body)), SKIP), s, Seq(body, While(b, body)), s); }
+ small_step_star(Seq(body, While(b, body)), s, SKIP, t);
+ { star_transitive(Seq(body, While(b, body)), s, Seq(SKIP, While(b, body)), s', SKIP, t); }
+ small_step_star(Seq(body, While(b, body)), s, Seq(SKIP, While(b, body)), s') && small_step_star(Seq(SKIP, While(b, body)), s', SKIP, t);
+ { lemma_7_13(body, s, SKIP, s', While(b, body)); }
+ small_step_star(body, s, SKIP, s') && small_step_star(Seq(SKIP, While(b, body)), s', SKIP, t);
+ { BigStep_implies_SmallStepStar(body, s, s'); }
+ small_step_star(Seq(SKIP, While(b, body)), s', SKIP, t);
+ { assert small_step(Seq(SKIP, While(b, body)), s', While(b, body), s'); }
+ small_step_star(While(b, body), s', SKIP, t);
+ { BigStep_implies_SmallStepStar(While(b, body), s', t); }
+ true;
+ }
+ }
+}
+
+inductive lemma lemma_7_13(c0: com, s0: state, c: com, t: state, c1: com)
+ requires Total(s0) && small_step_star(c0, s0, c, t)
+ ensures small_step_star(Seq(c0, c1), s0, Seq(c, c1), t)
+{
+ if c0 == c && s0 == t {
+ } else {
+ var c', s' :| small_step(c0, s0, c', s') && (small_step_ends_in_Total_state(c0, s0, c', s'); small_step_star#[_k-1](c', s', c, t));
+ lemma_7_13(c', s', c, t, c1);
+ }
+}
+
+inductive lemma SmallStepStar_implies_BigStep(c: com, s: state, t: state)
+ requires Total(s) && small_step_star(c, s, SKIP, t)
+ ensures big_step(c, s, t)
+{
+ if c == SKIP && s == t {
+ } else {
+ var c', s' :| small_step(c, s, c', s') && (small_step_ends_in_Total_state(c, s, c', s'); small_step_star#[_k-1](c', s', SKIP, t));
+ SmallStepStar_implies_BigStep(c', s', t);
+ SmallStep_plus_BigStep(c, s, c', s', t);
+ }
+}
+
+inductive lemma SmallStep_plus_BigStep(c: com, s: state, c': com, s': state, t: state)
+ requires Total(s) && Total(s') && small_step(c, s, c', s')
+ ensures big_step(c', s', t) ==> big_step(c, s, t)
+{
+ match c
+ case Assign(x, a) =>
+ case Seq(c0, c1) =>
+ if c0 == SKIP && c' == c1 && s' == s {
+ } else {
+ var c0' :| c' == Seq(c0', c1) && small_step(c0, s, c0', s');
+ if big_step(c', s', t) {
+ var k: nat :| big_step#[k](Seq(c0', c1), s', t);
+ var s'' :| Total(s'') && big_step(c0', s', s'') && big_step(c1, s'', t);
+ SmallStep_plus_BigStep(c0, s, c0', s', s'');
+ }
+ }
+ case If(b, thn, els) =>
+ case While(b, body) =>
+ assert c' == If(b, Seq(body, While(b, body)), SKIP) && s' == s;
+ if big_step(c', s', t) {
+ assert big_step(if bval(b, s') then Seq(body, While(b, body)) else SKIP, s', t);
+ }
+}
+
+// big-step and small-step semantics agree
+lemma BigStep_SmallStepStar_Same(c: com, s: state, t: state)
+ requires Total(s)
+ ensures big_step(c, s, t) <==> small_step_star(c, s, SKIP, t)
+{
+ if big_step(c, s, t) {
+ BigStep_implies_SmallStepStar(c, s, t);
+ }
+ if small_step_star(c, s, SKIP, t) {
+ SmallStepStar_implies_BigStep(c, s, t);
+ }
+}
+
+predicate final(c: com, s: state)
+ requires Total(s)
+{
+ !exists c',s' :: small_step(c, s, c', s')
+}
+
+// lemma 7.17:
+lemma final_is_skip(c: com, s: state)
+ requires Total(s)
+ ensures final(c, s) <==> c == SKIP
+{
+ if c == SKIP {
+ assert final(c, s);
+ } else {
+ var _, _ := only_skip_has_no_next_state(c, s);
+ }
+}
+lemma only_skip_has_no_next_state(c: com, s: state) returns (c': com, s': state)
+ requires Total(s) && c != SKIP
+ ensures small_step(c, s, c', s')
+{
+ match c
+ case SKIP =>
+ case Assign(x, a) =>
+ c', s' := SKIP, s[x := aval(a, s)];
+ case Seq(c0, c1) =>
+ if c0 == SKIP {
+ c', s' := c1, s;
+ } else {
+ c', s' := only_skip_has_no_next_state(c0, s);
+ c' := Seq(c', c1);
+ }
+ case If(b, thn, els) =>
+ c', s' := if bval(b, s) then thn else els, s;
+ case While(b, body) =>
+ c', s' := If(b, Seq(body, While(b, body)), SKIP), s;
+}
+
+lemma lemma_7_18(c: com, s: state)
+ requires Total(s)
+ ensures (exists t :: big_step(c, s, t)) <==>
+ (exists c',s' :: small_step_star(c, s, c', s') &&
+ (small_step_star_ends_in_Total_state(c, s, c', s'); final(c', s')))
+{
+ if exists t :: big_step(c, s, t) {
+ var t :| big_step(c, s, t);
+ BigStep_SmallStepStar_Same(c, s, t);
+ small_step_star_ends_in_Total_state(c, s, SKIP, t);
+ calc ==> {
+ true;
+ big_step(c, s, t);
+ small_step_star(c, s, SKIP, t);
+ { assert final(SKIP, t); }
+ small_step_star(c, s, SKIP, t) && final(SKIP, t);
+ }
+ }
+ if exists c',s' :: small_step_star(c, s, c', s') &&
+ (small_step_star_ends_in_Total_state(c, s, c', s'); final(c', s')) {
+ var c',s' :| small_step_star(c, s, c', s') &&
+ (small_step_star_ends_in_Total_state(c, s, c', s'); final(c', s'));
+ final_is_skip(c', s');
+ BigStep_SmallStepStar_Same(c, s, s');
+ }
+}
diff --git a/Test/dafny4/NipkowKlein-chapter7.dfy.expect b/Test/dafny4/NipkowKlein-chapter7.dfy.expect new file mode 100644 index 00000000..e08b3632 --- /dev/null +++ b/Test/dafny4/NipkowKlein-chapter7.dfy.expect @@ -0,0 +1,2 @@ +
+Dafny program verifier finished with 54 verified, 0 errors
diff --git a/Test/hofs/ReadsReads.dfy b/Test/hofs/ReadsReads.dfy index d0a8b43b..e11473bd 100644 --- a/Test/hofs/ReadsReads.dfy +++ b/Test/hofs/ReadsReads.dfy @@ -28,12 +28,12 @@ module ReadsRequiresReads { function MyReadsBad(f : A -> B, a : A) : set<object> { - f.reads(a) + f.reads(a) // error: MyReadsBad does not have permission to read what f.reads(a) reads } function MyReadsBad2(f : A -> B, a : A) : set<object> { - (f.reads)(a) + (f.reads)(a) // error: MyReadsBad2 does not have permission to read what f.reads(a) reads } function MyReadsOk'(f : A -> B, a : A, o : object) : bool @@ -44,7 +44,7 @@ module ReadsRequiresReads { function MyReadsBad'(f : A -> B, a : A, o : object) : bool { - o in f.reads(a) + o in f.reads(a) // error: MyReadsBad' does not have permission to read what f.reads(a) reads } function MyRequiresOk(f : A -> B, a : A) : bool @@ -55,7 +55,7 @@ module ReadsRequiresReads { function MyRequiresBad(f : A -> B, a : A) : bool { - f.requires(a) + f.requires(a) // error: MyRequiresBad does not have permission to read what f.requires(a) reads } } @@ -64,6 +64,7 @@ module WhatWeKnowAboutReads { lemma IndeedNothing() { assert ReadsNothing.reads() == {}; + assert ((ReadsNothing).reads)() == {}; } method NothingHere() { @@ -83,9 +84,9 @@ module WhatWeKnowAboutReads { var s' := new S; if * { assert s in ReadsSomething.reads(s) || ReadsSomething.reads(s) == {}; } else if * { assert s in ReadsSomething.reads(s); - } else if * { assert ReadsSomething.reads(s) == {}; + } else if * { assert ReadsSomething.reads(s) == {}; // error } else if * { assert s' !in ReadsSomething.reads(s); - } else if * { assert s' in ReadsSomething.reads(s); + } else if * { assert s' in ReadsSomething.reads(s); // error } } @@ -95,9 +96,9 @@ module WhatWeKnowAboutReads { var f := (u) reads u => (); if * { assert s in f.reads(s) || f.reads(s) == {}; } else if * { assert s in f.reads(s); - } else if * { assert f.reads(s) == {}; + } else if * { assert f.reads(s) == {}; // error } else if * { assert s' !in f.reads(s); - } else if * { assert s' in f.reads(s); + } else if * { assert s' in f.reads(s); // error } } } @@ -131,3 +132,11 @@ module ReadsAll { f(0) + f(1) + f(2) } } + +module ReadsOnFunctions { + lemma Requires_Reads_What_Function_Reads(f: int -> int) + { + var g := f.requires; + assert g.reads(10) == f.reads(10); + } +} diff --git a/Test/hofs/ReadsReads.dfy.expect b/Test/hofs/ReadsReads.dfy.expect index 44a95b6d..73002b73 100644 --- a/Test/hofs/ReadsReads.dfy.expect +++ b/Test/hofs/ReadsReads.dfy.expect @@ -14,26 +14,23 @@ ReadsReads.dfy(58,7): Error: insufficient reads clause to invoke function Execution trace:
(0,0): anon0
(0,0): anon3_Else
-ReadsReads.dfy(66,33): Error: assertion violation
-Execution trace:
- (0,0): anon0
-ReadsReads.dfy(86,50): Error: assertion violation
+ReadsReads.dfy(87,50): Error: assertion violation
Execution trace:
(0,0): anon0
(0,0): anon16_Then
-ReadsReads.dfy(88,29): Error: assertion violation
+ReadsReads.dfy(89,29): Error: assertion violation
Execution trace:
(0,0): anon0
(0,0): anon18_Then
-ReadsReads.dfy(98,37): Error: assertion violation
+ReadsReads.dfy(99,37): Error: assertion violation
Execution trace:
(0,0): anon0
- ReadsReads.dfy(95,14): anon15_Else
+ ReadsReads.dfy(96,14): anon15_Else
(0,0): anon19_Then
-ReadsReads.dfy(100,29): Error: assertion violation
+ReadsReads.dfy(101,29): Error: assertion violation
Execution trace:
(0,0): anon0
- ReadsReads.dfy(95,14): anon15_Else
+ ReadsReads.dfy(96,14): anon15_Else
(0,0): anon21_Then
-Dafny program verifier finished with 17 verified, 9 errors
+Dafny program verifier finished with 20 verified, 8 errors
diff --git a/Util/Emacs/dafny-mode.el b/Util/Emacs/dafny-mode.el index e4bf845b..8355817a 100644 --- a/Util/Emacs/dafny-mode.el +++ b/Util/Emacs/dafny-mode.el @@ -31,7 +31,7 @@ `(,(dafny-regexp-opt '(
"class" "trait" "datatype" "codatatype" "newtype" "type" "iterator"
- "function" "predicate" "copredicate"
+ "function" "predicate" "copredicate" "inductive"
"var" "method" "constructor" "lemma" "colemma"
"ghost" "static" "protected" "abstract"
"module" "import" "default" "as" "opened"
@@ -86,7 +86,7 @@ ;; commands
(defun dafny-command-line (file)
- (concat "boogie " file))
+ (concat "dafny " file))
(defun dafny-run-verifier ()
"run Dafny verifier"
diff --git a/Util/latex/dafny.sty b/Util/latex/dafny.sty index 10896434..44a55f70 100644 --- a/Util/latex/dafny.sty +++ b/Util/latex/dafny.sty @@ -7,7 +7,7 @@ \lstdefinelanguage{dafny}{
morekeywords={class,datatype,codatatype,newtype,type,iterator,trait,extends,
bool,char,nat,int,real,object,set,multiset,seq,string,map,imap,array,array2,array3,
- function,predicate,copredicate,
+ function,predicate,copredicate,inductive,
ghost,var,static,protected,refines,
method,lemma,constructor,colemma,
returns,yields,abstract,module,import,default,opened,as,in,
|