diff options
| author |  Dan Rosén <danr@chalmers.se> | 2014-07-07 17:24:46 -0700 |
|---|---|---|
| committer | Dan Rosén <danr@chalmers.se> | 2014-07-07 17:24:46 -0700 |
| commit | 661faf59f8e1003cdbf339260d1293e8dd77f2df (patch) | |
| tree | 37e11e8a86658fe4d69b38572f3b6fadd8d287c9 | |
| parent | 8de9fcae1a91acce9a1e59f292f05a95c81b3dbc (diff) | |
| parent | 93d9965a347b1a6ad70007822f01c2b032ea5436 (diff) | |
Merge
78 files changed, 2290 insertions, 4037 deletions
diff --git a/Binaries/DafnyPrelude.bpl b/Binaries/DafnyPrelude.bpl index adb9f043..7b52f69f 100644 --- a/Binaries/DafnyPrelude.bpl +++ b/Binaries/DafnyPrelude.bpl @@ -62,6 +62,10 @@ axiom (forall t, u: Ty :: { TMap(t,u) } Tag(TMap(t,u)) == TagMap); // ---------------------------------------------------------------
// -- Literals ---------------------------------------------------
// ---------------------------------------------------------------
+function {:identity} LitInt(x: int): int { x }
+axiom (forall x: int :: { $Box(LitInt(x)) } $Box(LitInt(x)) == Lit($Box(x)) );
+function {:identity} LitReal(x: real): real { x }
+axiom (forall x: real :: { $Box(LitReal(x)) } $Box(LitReal(x)) == Lit($Box(x)) );
function {:identity} Lit<T>(x: T): T { x }
axiom (forall<T> x: T :: { $Box(Lit(x)) } $Box(Lit(x)) == Lit($Box(x)) );
@@ -613,7 +617,8 @@ type MultiSet T = [T]int; function $IsGoodMultiSet<T>(ms: MultiSet T): bool;
// ints are non-negative, used after havocing, and for conversion from sequences to multisets.
axiom (forall<T> ms: MultiSet T :: { $IsGoodMultiSet(ms) }
- $IsGoodMultiSet(ms) <==> (forall bx: T :: { ms[bx] } 0 <= ms[bx]));
+ $IsGoodMultiSet(ms) <==>
+ (forall bx: T :: { ms[bx] } 0 <= ms[bx] && ms[bx] <= MultiSet#Card(ms)));
function MultiSet#Card<T>(MultiSet T): int;
axiom (forall<T> s: MultiSet T :: { MultiSet#Card(s) } 0 <= MultiSet#Card(s));
@@ -706,6 +711,10 @@ axiom (forall<T> s: Set T :: { MultiSet#Card(MultiSet#FromSet(s)) } function MultiSet#FromSeq<T>(Seq T): MultiSet T;
// conversion produces a good map.
axiom (forall<T> s: Seq T :: { MultiSet#FromSeq(s) } $IsGoodMultiSet(MultiSet#FromSeq(s)) );
+// cardinality axiom
+axiom (forall<T> s: Seq T ::
+ { MultiSet#Card(MultiSet#FromSeq(s)) }
+ MultiSet#Card(MultiSet#FromSeq(s)) == Seq#Length(s));
// building axiom
axiom (forall<T> s: Seq T, v: T ::
{ MultiSet#FromSeq(Seq#Build(s, v)) }
@@ -848,6 +857,8 @@ axiom (forall<T> s, t: Seq T :: function Seq#FromArray(h: Heap, a: ref): Seq Box;
axiom (forall h: Heap, a: ref ::
{ Seq#Length(Seq#FromArray(h,a)) }
+ /*
+<<<<<<< local
Seq#Length(Seq#FromArray(h, a)) == _System.array.Length(a));
axiom (forall h: Heap, a: ref :: { Seq#FromArray(h,a): Seq Box }
(forall i: int :: 0 <= i && i < Seq#Length(Seq#FromArray(h, a)) ==> Seq#Index(Seq#FromArray(h, a), i) == read(h, a, IndexField(i))));
@@ -855,6 +866,20 @@ axiom (forall<alpha> h: Heap, o: ref, f: Field alpha, v: alpha, a: ref :: { Seq#FromArray(update(h, o, f, v), a) }
o != a ==> Seq#FromArray(update(h, o, f, v), a) == Seq#FromArray(h, a) );
axiom (forall h: Heap, i: int, v: Box, a: ref ::
+=======
+*/
+ Seq#Length(Seq#FromArray(h, a)) == _System.array.Length(a));
+axiom (forall h: Heap, a: ref, i: int ::
+ { Seq#Index(Seq#FromArray(h, a): Seq Box, i) }
+ 0 <= i && i < Seq#Length(Seq#FromArray(h, a)) ==> Seq#Index(Seq#FromArray(h, a), i) == read(h, a, IndexField(i)));
+axiom (forall h0, h1: Heap, a: ref ::
+ { Seq#FromArray(h1, a), $HeapSucc(h0, h1) }
+ $IsGoodHeap(h0) && $IsGoodHeap(h1) && $HeapSucc(h0, h1) &&
+ (forall i: int ::
+ 0 <= i && i < _System.array.Length(a) ==> read(h0, a, IndexField(i)) == read(h1, a, IndexField(i)))
+ ==>
+ Seq#FromArray(h0, a) == Seq#FromArray(h1, a));
+axiom (forall h: Heap, i: int, v: Box, a: ref ::
{ Seq#FromArray(update(h, a, IndexField(i), v), a) }
0 <= i && i < _System.array.Length(a) ==> Seq#FromArray(update(h, a, IndexField(i), v), a) == Seq#Update(Seq#FromArray(h, a), i, v) );
/**** Someday:
diff --git a/Source/Dafny.sln b/Source/Dafny.sln index 034dfd7b..40e71952 100644 --- a/Source/Dafny.sln +++ b/Source/Dafny.sln @@ -1,6 +1,6 @@
-Microsoft Visual Studio Solution File, Format Version 11.00
-# Visual Studio 2010
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio 2012
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DafnyDriver", "DafnyDriver\DafnyDriver.csproj", "{63400D1F-05B2-453E-9592-1EAB74B2C9CC}"
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DafnyPipeline", "Dafny\DafnyPipeline.csproj", "{FE44674A-1633-4917-99F4-57635E6FA740}"
@@ -28,8 +28,8 @@ Global {63400D1F-05B2-453E-9592-1EAB74B2C9CC}.Debug|.NET.Build.0 = Debug|Any CPU
{63400D1F-05B2-453E-9592-1EAB74B2C9CC}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{63400D1F-05B2-453E-9592-1EAB74B2C9CC}.Debug|Any CPU.Build.0 = Debug|Any CPU
- {63400D1F-05B2-453E-9592-1EAB74B2C9CC}.Debug|Mixed Platforms.ActiveCfg = Debug|Any CPU
- {63400D1F-05B2-453E-9592-1EAB74B2C9CC}.Debug|Mixed Platforms.Build.0 = Debug|Any CPU
+ {63400D1F-05B2-453E-9592-1EAB74B2C9CC}.Debug|Mixed Platforms.ActiveCfg = Checked|Any CPU
+ {63400D1F-05B2-453E-9592-1EAB74B2C9CC}.Debug|Mixed Platforms.Build.0 = Checked|Any CPU
{63400D1F-05B2-453E-9592-1EAB74B2C9CC}.Release|.NET.ActiveCfg = Release|Any CPU
{63400D1F-05B2-453E-9592-1EAB74B2C9CC}.Release|Any CPU.ActiveCfg = Release|Any CPU
{63400D1F-05B2-453E-9592-1EAB74B2C9CC}.Release|Any CPU.Build.0 = Release|Any CPU
@@ -45,8 +45,8 @@ Global {FE44674A-1633-4917-99F4-57635E6FA740}.Debug|.NET.Build.0 = Debug|Any CPU
{FE44674A-1633-4917-99F4-57635E6FA740}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{FE44674A-1633-4917-99F4-57635E6FA740}.Debug|Any CPU.Build.0 = Debug|Any CPU
- {FE44674A-1633-4917-99F4-57635E6FA740}.Debug|Mixed Platforms.ActiveCfg = Debug|Any CPU
- {FE44674A-1633-4917-99F4-57635E6FA740}.Debug|Mixed Platforms.Build.0 = Debug|Any CPU
+ {FE44674A-1633-4917-99F4-57635E6FA740}.Debug|Mixed Platforms.ActiveCfg = Checked|Any CPU
+ {FE44674A-1633-4917-99F4-57635E6FA740}.Debug|Mixed Platforms.Build.0 = Checked|Any CPU
{FE44674A-1633-4917-99F4-57635E6FA740}.Release|.NET.ActiveCfg = Release|Any CPU
{FE44674A-1633-4917-99F4-57635E6FA740}.Release|Any CPU.ActiveCfg = Release|Any CPU
{FE44674A-1633-4917-99F4-57635E6FA740}.Release|Any CPU.Build.0 = Release|Any CPU
diff --git a/Source/Dafny/Cloner.cs b/Source/Dafny/Cloner.cs index 699d73d1..99da0774 100644 --- a/Source/Dafny/Cloner.cs +++ b/Source/Dafny/Cloner.cs @@ -30,6 +30,9 @@ namespace Microsoft.Dafny if (d is ArbitraryTypeDecl) {
var dd = (ArbitraryTypeDecl)d;
return new ArbitraryTypeDecl(Tok(dd.tok), dd.Name, m, dd.EqualitySupport, CloneAttributes(dd.Attributes));
+ } else if (d is TupleTypeDecl) {
+ var dd = (TupleTypeDecl)d;
+ return new TupleTypeDecl(dd.Dims, dd.Module);
} else if (d is IndDatatypeDecl) {
var dd = (IndDatatypeDecl)d;
var tps = dd.TypeArgs.ConvertAll(CloneTypeParam);
@@ -61,18 +64,13 @@ namespace Microsoft.Dafny body, CloneAttributes(dd.Attributes), dd.SignatureEllipsis);
return iter;
} else if (d is ClassDecl) {
+ var dd = (ClassDecl)d;
+ var tps = dd.TypeArgs.ConvertAll(CloneTypeParam);
+ var mm = dd.Members.ConvertAll(CloneMember);
if (d is DefaultClassDecl) {
- var dd = (ClassDecl)d;
- var tps = dd.TypeArgs.ConvertAll(CloneTypeParam);
- var mm = dd.Members.ConvertAll(CloneMember);
- var cl = new DefaultClassDecl(m, mm);
- return cl;
+ return new DefaultClassDecl(m, mm);
} else {
- var dd = (ClassDecl)d;
- var tps = dd.TypeArgs.ConvertAll(CloneTypeParam);
- var mm = dd.Members.ConvertAll(CloneMember);
- var cl = new ClassDecl(Tok(dd.tok), dd.Name, m, tps, mm, CloneAttributes(dd.Attributes));
- return cl;
+ return new ClassDecl(Tok(dd.tok), dd.Name, m, tps, mm, CloneAttributes(dd.Attributes));
}
} else if (d is ModuleDecl) {
if (d is LiteralModuleDecl) {
@@ -355,7 +353,7 @@ namespace Microsoft.Dafny } else if (expr is MatchExpr) {
var e = (MatchExpr)expr;
return new MatchExpr(Tok(e.tok), CloneExpr(e.Source),
- e.Cases.ConvertAll(c => new MatchCaseExpr(Tok(c.tok), c.Id, c.Arguments.ConvertAll(CloneBoundVar), CloneExpr(c.Body))));
+ e.Cases.ConvertAll(c => new MatchCaseExpr(Tok(c.tok), c.Id, c.Arguments.ConvertAll(CloneBoundVar), CloneExpr(c.Body))), e.UsesOptionalBraces);
} else if (expr is NegationExpression) {
var e = (NegationExpression)expr;
@@ -478,7 +476,7 @@ namespace Microsoft.Dafny } else if (stmt is MatchStmt) {
var s = (MatchStmt)stmt;
r = new MatchStmt(Tok(s.Tok), Tok(s.EndTok), CloneExpr(s.Source),
- s.Cases.ConvertAll(c => new MatchCaseStmt(Tok(c.tok), c.Id, c.Arguments.ConvertAll(CloneBoundVar), c.Body.ConvertAll(CloneStmt))));
+ s.Cases.ConvertAll(c => new MatchCaseStmt(Tok(c.tok), c.Id, c.Arguments.ConvertAll(CloneBoundVar), c.Body.ConvertAll(CloneStmt))), s.UsesOptionalBraces);
} else if (stmt is AssignSuchThatStmt) {
var s = (AssignSuchThatStmt)stmt;
diff --git a/Source/Dafny/Compiler.cs b/Source/Dafny/Compiler.cs index f5e8ff30..fcf8a2ca 100644 --- a/Source/Dafny/Compiler.cs +++ b/Source/Dafny/Compiler.cs @@ -107,6 +107,10 @@ namespace Microsoft.Dafny { indent += IndentAmount;
}
foreach (TopLevelDecl d in m.TopLevelDecls) {
+ bool compileIt = true;
+ if (Attributes.ContainsBool(d.Attributes, "compile", ref compileIt) && !compileIt) {
+ continue;
+ }
wr.WriteLine();
if (d is ArbitraryTypeDecl) {
var at = (ArbitraryTypeDecl)d;
@@ -130,16 +134,16 @@ namespace Microsoft.Dafny { // public T x; // yield-parameter
// public int y; // yield-parameter
// IEnumerator<object> _iter;
- //
+ //
// public void _MyIteratorExample(T q) {
// this.q = q;
// _iter = TheIterator();
// }
- //
+ //
// public void MoveNext(out bool more) {
// more =_iter.MoveNext();
// }
- //
+ //
// private IEnumerator<object> TheIterator() {
// // the translation of the body of the iterator, with each "yield" turning into a "yield return null;"
// yield break;
@@ -411,7 +415,12 @@ namespace Microsoft.Dafny { if (dt is IndDatatypeDecl) {
Indent(ind); wr.WriteLine("public override string ToString() {");
- string nm = (dt.Module.IsDefaultModule ? "" : dt.Module.CompileName + ".") + dt.CompileName + "." + ctor.CompileName;
+ string nm;
+ if (dt is TupleTypeDecl) {
+ nm = "";
+ } else {
+ nm = (dt.Module.IsDefaultModule ? "" : dt.Module.CompileName + ".") + dt.CompileName + "." + ctor.CompileName;
+ }
Indent(ind + IndentAmount); wr.WriteLine("string s = \"{0}\";", nm);
if (ctor.Formals.Count != 0) {
Indent(ind + IndentAmount); wr.WriteLine("s += \"(\";");
@@ -538,7 +547,7 @@ namespace Microsoft.Dafny { }
}
wr.Write(")");
-
+
wr.WriteLine(";");
Indent(ind + 2 * IndentAmount);
wr.WriteLine("}");
@@ -584,7 +593,7 @@ namespace Microsoft.Dafny { Indent(ind);
wr.WriteLine("}");
}
-
+
// destructors
foreach (var ctor in dt.Ctors) {
foreach (var arg in ctor.Formals) {
@@ -1019,6 +1028,11 @@ namespace Microsoft.Dafny { if (s.AssumeToken != null) {
compiler.Error("an assume statement cannot be compiled (line {0})", s.AssumeToken.line);
}
+ } else if (stmt is ForallStmt) {
+ var s = (ForallStmt)stmt;
+ if (s.Body == null) {
+ compiler.Error("a forall statement without a body cannot be compiled (line {0})", stmt.Tok.line);
+ }
}
}
}
diff --git a/Source/Dafny/Dafny.atg b/Source/Dafny/Dafny.atg index 74aa4abd..c8f410c9 100644 --- a/Source/Dafny/Dafny.atg +++ b/Source/Dafny/Dafny.atg @@ -81,7 +81,7 @@ public static int Parse (string/*!*/ s, string/*!*/ filename, ModuleDecl module, parser.Parse();
return parser.errors.count;
}
-public Parser(Scanner/*!*/ scanner, Errors/*!*/ errors, ModuleDecl module, BuiltIns builtIns, bool verifyThisFile=true)
+public Parser(Scanner/*!*/ scanner, Errors/*!*/ errors, ModuleDecl module, BuiltIns builtIns, bool verifyThisFile=true)
: this(scanner, errors) // the real work
{
// initialize readonly fields
@@ -130,6 +130,14 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { (e is FunctionCallExpr ||
(e is IdentifierSequence && ((IdentifierSequence)e).OpenParen != null));
}
+
+bool CloseOptionalParen(bool usesOptionalParen) {
+ return usesOptionalParen && la.kind == _closeparen;
+}
+
+bool CloseOptionalBrace(bool usesOptionalBrace) {
+ return usesOptionalBrace && la.kind == _rbrace;
+}
/*--------------------------------------------------------------------------*/
CHARACTERS
letter = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz".
@@ -172,6 +180,7 @@ TOKENS lbrace = '{'.
rbrace = '}'.
openparen = '('.
+ closeparen = ')'.
star = '*'.
notIn = "!in" CONTEXT (nonidchar).
COMMENTS FROM "/*" TO "*/" NESTED
@@ -197,9 +206,9 @@ Dafny includedFile = Path.Combine(basePath, includedFile);
fullPath = Path.GetFullPath(includedFile);
}
- defaultModule.Includes.Add(new Include(t, includedFile, fullPath));
+ defaultModule.Includes.Add(new Include(t, includedFile, fullPath));
}
- .)
+ .)
}
{ SubModuleDecl<defaultModule, out submodule> (. defaultModule.TopLevelDecls.Add(submodule); .)
| ClassDecl<defaultModule, out c> (. defaultModule.TopLevelDecls.Add(c); .)
@@ -226,7 +235,7 @@ Dafny .
SubModuleDecl<ModuleDefinition parent, out ModuleDecl submodule>
= (. ClassDecl/*!*/ c; DatatypeDecl/*!*/ dt; ArbitraryTypeDecl at; IteratorDecl iter;
- Attributes attrs = null; IToken/*!*/ id;
+ Attributes attrs = null; IToken/*!*/ id;
List<MemberDecl/*!*/> namedModuleDefaultClassMembers = new List<MemberDecl>();;
List<IToken> idRefined = null, idPath = null, idAssignment = null;
ModuleDefinition module;
@@ -238,8 +247,8 @@ SubModuleDecl<ModuleDefinition parent, out ModuleDecl submodule> ( [ "abstract" (. isAbstract = true; .) ]
"module"
{ Attribute<ref attrs> }
- NoUSIdent<out id>
-
+ NoUSIdent<out id>
+
[ "refines" QualifiedName<out idRefined> ] (. module = new ModuleDefinition(id, id.val, isAbstract, false, idRefined == null ? null : idRefined, parent, attrs, false); .)
"{" (. module.BodyStartTok = t; .)
{ SubModuleDecl<module, out sm> (. module.TopLevelDecls.Add(sm); .)
@@ -252,15 +261,15 @@ SubModuleDecl<ModuleDefinition parent, out ModuleDecl submodule> "}" (. module.BodyEndTok = t;
module.TopLevelDecls.Add(new DefaultClassDecl(module, namedModuleDefaultClassMembers));
submodule = new LiteralModuleDecl(module, parent); .)
- |
+ |
"import" ["opened" (.opened = true;.)]
- NoUSIdent<out id>
+ NoUSIdent<out id>
[ "=" QualifiedName<out idPath>
(. submodule = new AliasModuleDecl(idPath, id, parent, opened); .)
| "as" QualifiedName<out idPath> ["default" QualifiedName<out idAssignment> ]
(. submodule = new ModuleFacadeDecl(idPath, id, parent, idAssignment, opened); .)
]
- [ SYNC ";"
+ [ SYNC ";"
// This semi-colon used to be required, but it seems silly to have it.
// To stage the transition toward not having it at all, let's make it optional for now. Then,
// in a next big version of Dafny, including the following warning message:
@@ -342,7 +351,7 @@ DatatypeDecl<ModuleDefinition/*!*/ module, out DatatypeDecl/*!*/ dt> "=" (. bodyStart = t; .)
DatatypeMemberDecl<ctors>
{ "|" DatatypeMemberDecl<ctors> }
- [ SYNC ";"
+ [ SYNC ";"
// This semi-colon used to be required, but it seems silly to have it.
// To stage the transition toward not having it at all, let's make it optional for now. Then,
// in a next big version of Dafny, including the following warning message:
@@ -394,7 +403,7 @@ ArbitraryTypeDecl<ModuleDefinition/*!*/ module, out ArbitraryTypeDecl at> NoUSIdent<out id>
[ "(" "==" ")" (. eqSupport = TypeParameter.EqualitySupportValue.Required; .)
] (. at = new ArbitraryTypeDecl(id, id.val, module, eqSupport, attrs); .)
- [ SYNC ";"
+ [ SYNC ";"
// This semi-colon used to be required, but it seems silly to have it.
// To stage the transition toward not having it at all, let's make it optional for now. Then,
// in a next big version of Dafny, including the following warning message:
@@ -618,7 +627,7 @@ MethodDecl<MemberModifiers mmod, bool allowConstructor, out Method/*!*/ m> { MethodSpec<req, mod, ens, dec, ref decAttrs, ref modAttrs> }
[ BlockStmt<out body, out bodyStart, out bodyEnd>
]
- (.
+ (.
if (Attributes.Contains(attrs, "axiom") && !mmod.IsGhost && !isLemma) {
SemErr(t, "only ghost methods can have the :axiom attribute");
}
@@ -730,8 +739,9 @@ Type<out Type/*!*/ ty> TypeAndToken<out tok, out ty>
.
TypeAndToken<out IToken/*!*/ tok, out Type/*!*/ ty>
-= (. Contract.Ensures(Contract.ValueAtReturn(out tok)!=null); Contract.Ensures(Contract.ValueAtReturn(out ty) != null); tok = Token.NoToken; ty = new BoolType(); /*keep compiler happy*/
- List<Type/*!*/>/*!*/ gt;
+= (. Contract.Ensures(Contract.ValueAtReturn(out tok)!=null); Contract.Ensures(Contract.ValueAtReturn(out ty) != null);
+ tok = Token.NoToken; ty = new BoolType(); /*keep compiler happy*/
+ List<Type> gt;
.)
( "bool" (. tok = t; .)
| "nat" (. tok = t; ty = new NatType(); .)
@@ -765,30 +775,38 @@ TypeAndToken<out IToken/*!*/ tok, out Type/*!*/ ty> ty = new MapType(gt[0], gt[1]);
}
.)
+ | "(" (. tok = t; gt = new List<Type>(); .)
+ [ Type<out ty> (. gt.Add(ty); .)
+ { "," Type<out ty> (. gt.Add(ty); .)
+ }
+ ]
+ ")" (. if (gt.Count == 1) {
+ // just return the type 'ty'
+ } else {
+ // make sure the nullary tuple type exists
+ var dims = gt.Count;
+ var tmp = theBuiltIns.TupleType(tok, dims, true);
+ ty = new UserDefinedType(tok, BuiltIns.TupleTypeName(dims), gt, new List<IToken>());
+ }
+ .)
| ReferenceType<out tok, out ty>
)
.
ReferenceType<out IToken/*!*/ tok, out Type/*!*/ ty>
= (. Contract.Ensures(Contract.ValueAtReturn(out tok) != null); Contract.Ensures(Contract.ValueAtReturn(out ty) != null);
tok = Token.NoToken; ty = new BoolType(); /*keep compiler happy*/
- List<Type/*!*/>/*!*/ gt;
+ List<Type> gt;
List<IToken> path;
.)
( "object" (. tok = t; ty = new ObjectType(); .)
- | arrayToken (. tok = t; gt = new List<Type/*!*/>(); .)
- GenericInstantiation<gt> (. if (gt.Count != 1) {
- SemErr("array type expects exactly one type argument");
- }
- int dims = 1;
- if (tok.val.Length != 5) {
- dims = int.Parse(tok.val.Substring(5));
- }
- ty = theBuiltIns.ArrayType(tok, dims, gt[0], true);
+ | arrayToken (. tok = t; gt = new List<Type>(); .)
+ [ GenericInstantiation<gt> ] (. int dims = tok.val.Length == 5 ? 1 : int.Parse(tok.val.Substring(5));
+ ty = theBuiltIns.ArrayType(tok, dims, gt, true);
.)
- | Ident<out tok> (. gt = new List<Type/*!*/>();
+ | Ident<out tok> (. gt = new List<Type>();
path = new List<IToken>(); .)
{ (. path.Add(tok); .)
- "." Ident<out tok>
+ "." Ident<out tok>
}
[ GenericInstantiation<gt> ] (. ty = (tok.val == "real") ? (Type)Microsoft.Dafny.Type.Real : new UserDefinedType(tok, tok.val, gt, path); .)
)
@@ -1009,7 +1027,7 @@ OneStmt<out Statement/*!*/ s> SYNC
";" (. s = label != null ? new BreakStmt(x, t, label) : new BreakStmt(x, t, breakCount); .)
| ReturnStmt<out s>
- | SkeletonStmt<out s>
+ | SkeletonStmt<out s>
)
.
@@ -1023,7 +1041,7 @@ SkeletonStmt<out Statement s> Ident<out tok> (. names.Add(tok); .)
{"," Ident<out tok> (. names.Add(tok); .)
}
- ":="
+ ":="
Expression<out e, false> (. exprs.Add(e); .)
{"," Expression<out e, false> (. exprs.Add(e); .)
}
@@ -1031,7 +1049,7 @@ SkeletonStmt<out Statement s> SemErr(whereTok, exprs.Count < names.Count ? "not enough expressions" : "too many expressions");
names = null; exprs = null;
}
- .)
+ .)
]
";"
(. s = new SkeletonStatement(dotdotdot, t, names, exprs); .)
@@ -1111,7 +1129,7 @@ Rhs<out AssignmentRhs r, Expression receiverForInitCall> [ "[" (. ee = new List<Expression>(); .)
Expressions<ee>
"]" (. // make sure an array class with this dimensionality exists
- UserDefinedType tmp = theBuiltIns.ArrayType(x, ee.Count, new IntType(), true);
+ var tmp = theBuiltIns.ArrayType(ee.Count, new IntType(), true);
.)
| (. x = null; args = new List<Expression/*!*/>(); .)
[ "." Ident<out x> ]
@@ -1332,14 +1350,20 @@ Guard<out Expression e> /* null represents demonic-choice */ MatchStmt<out Statement/*!*/ s>
= (. Contract.Ensures(Contract.ValueAtReturn(out s) != null);
Token x; Expression/*!*/ e; MatchCaseStmt/*!*/ c;
- List<MatchCaseStmt/*!*/> cases = new List<MatchCaseStmt/*!*/>(); .)
+ List<MatchCaseStmt/*!*/> cases = new List<MatchCaseStmt/*!*/>();
+ bool usesOptionalBrace = false;
+ .)
"match" (. x = t; .)
Expression<out e, true>
- "{"
+ [ "{" (. usesOptionalBrace = true; .)
+ ]
{ CaseStatement<out c> (. cases.Add(c); .)
}
- "}"
- (. s = new MatchStmt(x, t, e, cases); .)
+ ( IF(CloseOptionalBrace(usesOptionalBrace))
+ "}"
+ | (. if (usesOptionalBrace) { SemErr(t, "expecting close curly brace"); } .)
+ )
+ (. s = new MatchStmt(x, t, e, cases, usesOptionalBrace); .)
.
CaseStatement<out MatchCaseStmt/*!*/ c>
= (. Contract.Ensures(Contract.ValueAtReturn(out c) != null);
@@ -1417,10 +1441,11 @@ ForallStmt<out Statement/*!*/ s> var ens = new List<MaybeFreeExpression/*!*/>();
bool isFree;
Expression/*!*/ e;
- BlockStmt/*!*/ block;
+ BlockStmt block = null;
IToken bodyStart, bodyEnd;
+ IToken tok = Token.NoToken;
.)
- ( "forall" (. x = t; .)
+ ( "forall" (. x = t; tok = x; .)
| "parallel" (. x = t;
errors.Warning(t, "the 'parallel' keyword has been deprecated; the comprehension statement now uses the keyword 'forall' (and the parentheses around the bound variables are now optional)");
.)
@@ -1435,16 +1460,27 @@ ForallStmt<out Statement/*!*/ s> (. if (bvars == null) { bvars = new List<BoundVar>(); }
if (range == null) { range = new LiteralExpr(x, true); }
.)
- ( ")" (. if (!usesOptionalParen) { SemErr(t, "found but didn't expect a close parenthesis"); } .)
+ ( IF(CloseOptionalParen(usesOptionalParen))
+ ")"
| (. if (usesOptionalParen) { SemErr(t, "expecting close parenthesis"); } .)
)
{ (. isFree = false; .)
[ "free" (. isFree = true; .)
]
- "ensures" Expression<out e, false> ";" (. ens.Add(new MaybeFreeExpression(e, isFree)); .)
+ "ensures" Expression<out e, false> (. ens.Add(new MaybeFreeExpression(e, isFree)); .)
+ ";" (. tok = t; .)
}
- BlockStmt<out block, out bodyStart, out bodyEnd>
- (. s = new ForallStmt(x, block.EndTok, bvars, attrs, range, ens, block); .)
+ [ BlockStmt<out block, out bodyStart, out bodyEnd>
+ ]
+ (. if (DafnyOptions.O.DisallowSoundnessCheating && block == null && 0 < ens.Count) {
+ SemErr(t, "a forall statement with an ensures clause must have a body");
+ }
+
+ if (block != null) {
+ tok = block.EndTok;
+ }
+ s = new ForallStmt(x, tok, bvars, attrs, range, ens, block);
+ .)
.
ModifyStmt<out Statement s>
@@ -1478,9 +1514,9 @@ ModifyStmt<out Statement s> CalcStmt<out Statement/*!*/ s>
= (. Contract.Ensures(Contract.ValueAtReturn(out s) != null);
Token x;
- CalcStmt.CalcOp/*!*/ op, calcOp = Microsoft.Dafny.CalcStmt.DefaultOp, resOp = Microsoft.Dafny.CalcStmt.DefaultOp;
+ CalcStmt.CalcOp/*!*/ op, calcOp = Microsoft.Dafny.CalcStmt.DefaultOp, resOp = Microsoft.Dafny.CalcStmt.DefaultOp;
var lines = new List<Expression/*!*/>();
- var hints = new List<BlockStmt/*!*/>();
+ var hints = new List<BlockStmt/*!*/>();
CalcStmt.CalcOp stepOp;
var stepOps = new List<CalcStmt.CalcOp>();
CalcStmt.CalcOp maybeOp;
@@ -1494,7 +1530,7 @@ CalcStmt<out Statement/*!*/ s> if (maybeOp == null) {
SemErr(opTok, "the main operator of a calculation must be transitive");
}
- resOp = calcOp;
+ resOp = calcOp;
.)
]
"{"
@@ -1522,8 +1558,8 @@ CalcStmt<out Statement/*!*/ s> if (lines.Count > 0) {
// Repeat the last line to create a dummy line for the dangling hint
lines.Add(lines[lines.Count - 1]);
- }
- s = new CalcStmt(x, t, calcOp, lines, hints, stepOps, resOp);
+ }
+ s = new CalcStmt(x, t, calcOp, lines, hints, stepOps, resOp);
.)
.
CalcOp<out IToken x, out CalcStmt.CalcOp/*!*/ op>
@@ -1543,9 +1579,9 @@ CalcOp<out IToken x, out CalcStmt.CalcOp/*!*/ op> | '\u2265' (. x = t; binOp = BinaryExpr.Opcode.Ge; .)
| EquivOp (. x = t; binOp = BinaryExpr.Opcode.Iff; .)
| ImpliesOp (. x = t; binOp = BinaryExpr.Opcode.Imp; .)
- | ExpliesOp (. x = t; binOp = BinaryExpr.Opcode.Exp; .)
+ | ExpliesOp (. x = t; binOp = BinaryExpr.Opcode.Exp; .)
)
- (.
+ (.
if (k == null) {
op = new Microsoft.Dafny.CalcStmt.BinaryCalcOp(binOp);
} else {
@@ -1555,7 +1591,7 @@ CalcOp<out IToken x, out CalcStmt.CalcOp/*!*/ op> .
Hint<out BlockStmt s>
= (. Contract.Ensures(Contract.ValueAtReturn(out s) != null); // returns an empty block statement if the hint is empty
- var subhints = new List<Statement/*!*/>();
+ var subhints = new List<Statement/*!*/>();
IToken bodyStart, bodyEnd;
BlockStmt/*!*/ block;
Statement/*!*/ calc;
@@ -1565,7 +1601,7 @@ Hint<out BlockStmt s> { BlockStmt<out block, out bodyStart, out bodyEnd> (. endTok = block.EndTok; subhints.Add(block); .)
| CalcStmt<out calc> (. endTok = calc.EndTok; subhints.Add(calc); .)
}
- (. s = new BlockStmt(x, endTok, subhints); // if the hint is empty x is the first token of the next line, but it doesn't matter cause the block statement is just used as a container
+ (. s = new BlockStmt(x, endTok, subhints); // if the hint is empty x is the first token of the next line, but it doesn't matter cause the block statement is just used as a container
.)
.
/*------------------------------------------------------------------------*/
@@ -1745,7 +1781,7 @@ RelOp<out IToken/*!*/ x, out BinaryExpr.Opcode op, out Expression k> [ "#" "[" Expression<out k, true> "]" ]
| "in" (. x = t; op = BinaryExpr.Opcode.In; .)
| notIn (. x = t; op = BinaryExpr.Opcode.NotIn; .)
- | /* The next operator is "!!", but we have to scan it as two "!", since the scanner is gready
+ | /* The next operator is "!!", but we have to scan it as two "!", since the scanner is gready
so if "!!" is a valid token, we won't be able to scan it as two "!" when needed: */
"!" (. x = t; y = Token.NoToken; .)
[ "!" (. y = t; .)
@@ -1849,25 +1885,51 @@ ConstAtomExpression<out Expression e> | "|" (. x = t; .)
Expression<out e, true> (. e = new UnaryExpr(x, UnaryExpr.Opcode.SeqLength, e); .)
"|"
- | "(" (. x = t; .)
- Expression<out e, true> (. e = new ParensExpression(x, e); .)
- ")"
- | "real" (. x = t; .)
- "(" (. IToken openParen = t; .)
- Expression<out e, true>
- ")" (. IToken classTok = new Token(t.line, t.col); classTok.val = "Real";
- IToken fnTok = new Token(t.line, t.col); fnTok.val = "IntToReal";
- //e = new IdentifierSequence(new List<IToken>() { classTok, fnTok }, openParen, new List<Expression/*!*/>() { e });
- e = new FunctionCallExpr(x, "IntToReal", new StaticReceiverExpr(x, theBuiltIns.RealClass), openParen, new List<Expression/*!*/>() { e });
- .)
- | "int" (. x = t; .)
- "(" (. IToken openParen = t; .)
- Expression<out e, true>
- ")" (. IToken classTok = new Token(t.line, t.col); classTok.val = "Real";
- IToken fnTok = new Token(t.line, t.col); fnTok.val = "RealToInt";
- //e = new IdentifierSequence(new List<IToken>() { classTok, fnTok }, openParen, new List<Expression/*!*/>() { e });
- e = new FunctionCallExpr(x, "RealToInt", new StaticReceiverExpr(x, theBuiltIns.RealClass), openParen, new List<Expression/*!*/>() { e });
- .)
+ | ParensExpression<out e>
+ | "real" (. x = t; .)
+ "(" (. IToken openParen = t; .)
+ Expression<out e, true>
+ ")" (. IToken classTok = new Token(t.line, t.col); classTok.val = "Real";
+ IToken fnTok = new Token(t.line, t.col); fnTok.val = "IntToReal";
+ //e = new IdentifierSequence(new List<IToken>() { classTok, fnTok }, openParen, new List<Expression/*!*/>() { e });
+ e = new FunctionCallExpr(x, "IntToReal", new StaticReceiverExpr(x, theBuiltIns.RealClass), openParen, new List<Expression/*!*/>() { e });
+ .)
+ | "int" (. x = t; .)
+ "(" (. IToken openParen = t; .)
+ Expression<out e, true>
+ ")" (. IToken classTok = new Token(t.line, t.col); classTok.val = "Real";
+ IToken fnTok = new Token(t.line, t.col); fnTok.val = "RealToInt";
+ //e = new IdentifierSequence(new List<IToken>() { classTok, fnTok }, openParen, new List<Expression/*!*/>() { e });
+ e = new FunctionCallExpr(x, "RealToInt", new StaticReceiverExpr(x, theBuiltIns.RealClass), openParen, new List<Expression/*!*/>() { e });
+ .)
+ )
+ .
+ParensExpression<out Expression e>
+= (. IToken x;
+ List<Expression> args = null;
+ .)
+ "(" (. x = t; e = null; .)
+ ( ")" (. // unit
+ // make sure the nullary tuple type exists
+ var tmp = theBuiltIns.TupleType(x, 0, true);
+ e = new DatatypeValue(x, BuiltIns.TupleTypeName(0), BuiltIns.TupleTypeCtorName, new List<Expression>());
+ .)
+ | Expression<out e, true>
+ { "," (. if (args == null) {
+ args = new List<Expression>();
+ args.Add(e); // add the first argument, which was parsed above
+ }
+ .)
+ Expression<out e, true> (. args.Add(e); .)
+ }
+ ")" (. if (args == null) {
+ e = new ParensExpression(x, e);
+ } else {
+ // make sure the corresponding tuple type exists
+ var tmp = theBuiltIns.TupleType(x, args.Count, true);
+ e = new DatatypeValue(x, BuiltIns.TupleTypeName(args.Count), BuiltIns.TupleTypeCtorName, args);
+ }
+ .)
)
.
DisplayExpr<out Expression e>
@@ -2006,15 +2068,22 @@ NamedExpr<out Expression e, bool allowSemi> MatchExpression<out Expression e, bool allowSemi>
= (. Contract.Ensures(Contract.ValueAtReturn(out e) != null); IToken/*!*/ x; MatchCaseExpr/*!*/ c;
List<MatchCaseExpr/*!*/> cases = new List<MatchCaseExpr/*!*/>();
+ bool usesOptionalBrace = false;
.)
"match" (. x = t; .)
Expression<out e, allowSemi>
+ [ "{" (. usesOptionalBrace = true; .)
+ ]
/* Note: The following gives rise to a '"case" is start & successor of deletable structure' error,
but it's okay, because we want this closer match expression to bind as much as possible--use
parens around it to limit its scope. */
{ CaseExpression<out c, allowSemi> (. cases.Add(c); .)
}
- (. e = new MatchExpr(x, e, cases); .)
+ ( IF(CloseOptionalBrace(usesOptionalBrace))
+ "}"
+ | (. if (usesOptionalBrace) { SemErr(t, "expecting close curly brace"); } .)
+ )
+ (. e = new MatchExpr(x, e, cases, usesOptionalBrace); .)
.
CaseExpression<out MatchCaseExpr c, bool allowSemi>
= (. Contract.Ensures(Contract.ValueAtReturn(out c) != null); IToken/*!*/ x, id;
@@ -2051,10 +2120,10 @@ CasePattern<out CasePattern pat> // later if resolution finds the CasePattern to denote a parameter-less constructor), because this
// (in particular, bv.IsGhost) is the place where a LetExpr records whether or not the "ghost"
// keyword was used in the declaration.
- pat = new CasePattern(bv.tok, bv);
+ pat = new CasePattern(bv.tok, bv);
.)
)
-
+
.
/*------------------------------------------------------------------------*/
DottedIdentifiersAndFunction<out Expression e>
@@ -2108,9 +2177,9 @@ Suffix<ref Expression e> multipleLengths = new List<Expression>();
multipleLengths.Add(e0);
}
- takeRest = true;
+ takeRest = true;
.)
- [Expression<out ee, true> (. multipleLengths.Add(ee);
+ [Expression<out ee, true> (. multipleLengths.Add(ee);
takeRest = false;
.)
]
@@ -2130,7 +2199,7 @@ Suffix<ref Expression e> (. if (multipleIndices != null) {
e = new MultiSelectExpr(x, e, multipleIndices);
// make sure an array class with this dimensionality exists
- UserDefinedType tmp = theBuiltIns.ArrayType(x, multipleIndices.Count, new IntType(), true);
+ var tmp = theBuiltIns.ArrayType(multipleIndices.Count, new IntType(), true);
} else {
if (!anyDots && e0 == null) {
/* a parsing error occurred */
@@ -2310,7 +2379,7 @@ IdentOrDigitsSuffix<out IToken x, out IToken y> // Identifier, disallowing leading underscores
NoUSIdent<out IToken/*!*/ x>
= (. Contract.Ensures(Contract.ValueAtReturn(out x) != null); .)
- ident (. x = t;
+ ident (. x = t;
if (x.val.StartsWith("_")) {
SemErr("cannot declare identifier beginning with underscore");
}
@@ -2320,7 +2389,7 @@ NoUSIdent<out IToken/*!*/ x> // Identifier, disallowing leading underscores, except possibly the "wildcard" identifier "_"
WildIdent<out IToken/*!*/ x, bool allowWildcardId>
= (. Contract.Ensures(Contract.ValueAtReturn(out x) != null); .)
- ident (. x = t;
+ ident (. x = t;
if (x.val.StartsWith("_")) {
if (allowWildcardId && x.val.Length == 1) {
t.val = "_v" + anonymousIds++;
@@ -2341,7 +2410,7 @@ Nat<out BigInteger n> n = BigInteger.Zero;
}
.)
- |hexdigits
+ |hexdigits
(. try {
// note: leading 0 required when parsing positive hex numbers
n = BigInteger.Parse("0" + t.val.Substring(2), System.Globalization.NumberStyles.HexNumber);
@@ -2361,7 +2430,7 @@ Dec<out Basetypes.BigDec d> SemErr("incorrectly formatted number");
d = Basetypes.BigDec.ZERO;
}
- .)
+ .)
)
.
END Dafny.
diff --git a/Source/Dafny/DafnyAst.cs b/Source/Dafny/DafnyAst.cs index 754ae8bc..67806193 100644 --- a/Source/Dafny/DafnyAst.cs +++ b/Source/Dafny/DafnyAst.cs @@ -88,16 +88,18 @@ namespace Microsoft.Dafny { {
public readonly ModuleDefinition SystemModule = new ModuleDefinition(Token.NoToken, "_System", false, false, null, null, null, true);
Dictionary<int, ClassDecl> arrayTypeDecls = new Dictionary<int, ClassDecl>();
+ Dictionary<int, TupleTypeDecl> tupleTypeDecls = new Dictionary<int, TupleTypeDecl>();
public readonly ClassDecl ObjectDecl;
public readonly ClassDecl RealClass;
//public readonly Function RealToInt;
//public readonly Function IntToReal;
public BuiltIns() {
// create class 'object'
- ObjectDecl = new ClassDecl(Token.NoToken, "object", SystemModule, new List<TypeParameter>(), new List<MemberDecl>(), null);
+ ObjectDecl = new ClassDecl(Token.NoToken, "object", SystemModule, new List<TypeParameter>(), new List<MemberDecl>(), DontCompile());
SystemModule.TopLevelDecls.Add(ObjectDecl);
// add one-dimensional arrays, since they may arise during type checking
- UserDefinedType tmp = ArrayType(Token.NoToken, 1, Type.Int, true);
+ // Arrays of other dimensions may be added during parsing as the parser detects the need for these
+ UserDefinedType tmp = ArrayType(1, Type.Int, true);
// add real number functions
Function RealToInt = new Function(Token.NoToken, "RealToInt", true, true, new List<TypeParameter>(), Token.NoToken,
new List<Formal> { new Formal(Token.NoToken, "x", Type.Real, true, true) }, Type.Int, new List<Expression>(),
@@ -108,28 +110,35 @@ namespace Microsoft.Dafny { new List<FrameExpression>(), new List<Expression>(), new Specification<Expression>(new List<Expression>(), null),
null, null, Token.NoToken);
RealClass = new ClassDecl(Token.NoToken, "Real", SystemModule, new List<TypeParameter>(),
- new List<MemberDecl>() { RealToInt, IntToReal }, null);
+ new List<MemberDecl>() { RealToInt, IntToReal }, DontCompile());
RealToInt.EnclosingClass = RealClass;
IntToReal.EnclosingClass = RealClass;
RealToInt.IsBuiltin = true;
IntToReal.IsBuiltin = true;
SystemModule.TopLevelDecls.Add(RealClass);
+ // Note, in addition to these types, the _System module contains tuple types. These tuple types are added to SystemModule
+ // by the parser as the parser detects the need for these.
}
- public UserDefinedType ArrayType(int dims, Type arg) {
- return ArrayType(Token.NoToken, dims, arg, false);
+ private Attributes DontCompile() {
+ var flse = new Attributes.Argument(Token.NoToken, Expression.CreateBoolLiteral(Token.NoToken, false));
+ return new Attributes("compile", new List<Attributes.Argument>() { flse }, null);
}
- public UserDefinedType ArrayType(IToken tok, int dims, Type arg, bool allowCreationOfNewClass) {
- Contract.Requires(tok != null);
+
+ public UserDefinedType ArrayType(int dims, Type arg, bool allowCreationOfNewClass = false) {
Contract.Requires(1 <= dims);
Contract.Requires(arg != null);
+ return ArrayType(Token.NoToken, dims, new List<Type>() { arg }, allowCreationOfNewClass);
+ }
+ public UserDefinedType ArrayType(IToken tok, int dims, List<Type> typeArgs, bool allowCreationOfNewClass) {
+ Contract.Requires(tok != null);
+ Contract.Requires(1 <= dims);
+ Contract.Requires(typeArgs != null);
Contract.Ensures(Contract.Result<UserDefinedType>() != null);
- List<Type> typeArgs = new List<Type>();
- typeArgs.Add(arg);
UserDefinedType udt = new UserDefinedType(tok, ArrayClassName(dims), typeArgs, null);
if (allowCreationOfNewClass && !arrayTypeDecls.ContainsKey(dims)) {
- ArrayClassDecl arrayClass = new ArrayClassDecl(dims, SystemModule);
+ ArrayClassDecl arrayClass = new ArrayClassDecl(dims, SystemModule, DontCompile());
for (int d = 0; d < dims; d++) {
string name = dims == 1 ? "Length" : "Length" + d;
string compiledName = dims == 1 ? "Length" : "GetLength(" + d + ")";
@@ -152,6 +161,30 @@ namespace Microsoft.Dafny { return "array" + dims;
}
}
+
+ public TupleTypeDecl TupleType(IToken tok, int dims, bool allowCreationOfNewType) {
+ Contract.Requires(tok != null);
+ Contract.Requires(0 <= dims);
+ Contract.Ensures(Contract.Result<TupleTypeDecl>() != null);
+
+ TupleTypeDecl tt;
+ if (!tupleTypeDecls.TryGetValue(dims, out tt)) {
+ Contract.Assume(allowCreationOfNewType); // the parser should ensure that all needed tuple types exist by the time of resolution
+ tt = new TupleTypeDecl(dims, SystemModule);
+ tupleTypeDecls.Add(dims, tt);
+ SystemModule.TopLevelDecls.Add(tt);
+ }
+ return tt;
+ }
+ public static string TupleTypeName(int dims) {
+ Contract.Requires(0 <= dims);
+ return "_tuple#" + dims;
+ }
+ public static bool IsTupleTypeName(string s) {
+ Contract.Requires(s != null);
+ return s.StartsWith("_tuple#");
+ }
+ public const string TupleTypeCtorName = "_#Make"; // the printer wants this name to be uniquely recognizable
}
public class Attributes {
@@ -553,9 +586,9 @@ namespace Microsoft.Dafny { }
public class MapType : CollectionType
{
- public Type Range {
- get { return range; }
- set {
+ public Type Range {
+ get { return range; }
+ set {
range = Range;
TypeArgs = new List<Type> { Arg, range };
}
@@ -573,7 +606,7 @@ namespace Microsoft.Dafny { }
public Type Domain {
get { return Arg; }
- set {
+ set {
TypeArgs = new List<Type> { Domain, range };
}
}
@@ -679,7 +712,7 @@ namespace Microsoft.Dafny { else
this.Path = new List<IToken>();
}
-
+
/// <summary>
/// This constructor constructs a resolved type parameter
/// </summary>
@@ -694,7 +727,7 @@ namespace Microsoft.Dafny { this.Path = new List<IToken>();
}
- public UserDefinedType(TypeParameter tp)
+ public UserDefinedType(TypeParameter tp)
: this(tp.tok, tp.Name, tp)
{
Contract.Requires(tp != null);
@@ -736,8 +769,11 @@ namespace Microsoft.Dafny { [Pure]
public override string TypeName(ModuleDefinition context) {
Contract.Ensures(Contract.Result<string>() != null);
- if (ResolvedParam != null) {
+ /* if (ResolvedParam != null) {
return ResolvedParam.FullName();
+ } else */
+ if (BuiltIns.IsTupleTypeName(Name)) {
+ return "(" + Util.Comma(",", TypeArgs, ty => ty.TypeName(context)) + ")";
} else {
string s = "";
foreach (var t in Path) {
@@ -923,7 +959,7 @@ namespace Microsoft.Dafny { /// Domain and Range refer to the types of the indexing operation. That is, in A[i],
/// i is of type Domain and A[i] is of type Range.
/// Arg is either Domain or Range, depending on what type it is. Arg is the type
- /// one would use in an expression "x in C", whereas
+ /// one would use in an expression "x in C", whereas
/// This proxy stands for one of:
/// seq(T) Domain,Range,Arg := int,T,T
/// multiset(T) Domain,Range,Arg := T,int,T
@@ -1050,7 +1086,7 @@ namespace Microsoft.Dafny { EqualitySupport = equalitySupport;
}
- public TypeParameter(IToken tok, string name, int positionalIndex, ParentType parent)
+ public TypeParameter(IToken tok, string name, int positionalIndex, ParentType parent)
: this(tok, name)
{
PositionalIndex = positionalIndex;
@@ -1107,7 +1143,7 @@ namespace Microsoft.Dafny { public ModuleDecl CompileRoot;
public readonly List<IToken> CompilePath;
public ModuleSignature OriginalSignature;
-
+
public ModuleFacadeDecl(List<IToken> path, IToken name, ModuleDefinition parent, List<IToken> compilePath, bool opened)
: base(name, name.val, parent, opened) {
Path = path;
@@ -1117,7 +1153,7 @@ namespace Microsoft.Dafny { }
public class ModuleSignature {
-
+
public readonly Dictionary<string, TopLevelDecl> TopLevels = new Dictionary<string, TopLevelDecl>();
public readonly Dictionary<string, Tuple<DatatypeCtor, bool>> Ctors = new Dictionary<string, Tuple<DatatypeCtor, bool>>();
public readonly Dictionary<string, MemberDecl> StaticMembers = new Dictionary<string, MemberDecl>();
@@ -1138,15 +1174,15 @@ namespace Microsoft.Dafny { } else return false;
} else return false;
}
-
-
+
+
}
public class ModuleDefinition : TopLevelDecl {
public readonly List<IToken> RefinementBaseName; // null if no refinement base
public ModuleDecl RefinementBaseRoot; // filled in early during resolution, corresponds to RefinementBaseName[0]
public ModuleDefinition RefinementBase; // filled in during resolution (null if no refinement base)
public List<Include> Includes;
-
+
public readonly List<TopLevelDecl> TopLevelDecls = new List<TopLevelDecl>(); // filled in by the parser; readonly after that
public readonly Graph<ICallable> CallGraph = new Graph<ICallable>(); // filled in during resolution
public int Height; // height in the topological sorting of modules; filled in during resolution
@@ -1396,10 +1432,10 @@ namespace Microsoft.Dafny { public class ArrayClassDecl : ClassDecl {
public readonly int Dims;
- public ArrayClassDecl(int dims, ModuleDefinition module)
+ public ArrayClassDecl(int dims, ModuleDefinition module, Attributes attrs)
: base(Token.NoToken, BuiltIns.ArrayClassName(dims), module,
new List<TypeParameter>(new TypeParameter[]{new TypeParameter(Token.NoToken, "arg")}),
- new List<MemberDecl>(), null)
+ new List<MemberDecl>(), attrs)
{
Contract.Requires(1 <= dims);
Contract.Requires(module != null);
@@ -1408,7 +1444,8 @@ namespace Microsoft.Dafny { }
}
- public abstract class DatatypeDecl : TopLevelDecl {
+ public abstract class DatatypeDecl : TopLevelDecl
+ {
public readonly List<DatatypeCtor> Ctors;
[ContractInvariantMethod]
void ObjectInvariant() {
@@ -1454,6 +1491,52 @@ namespace Microsoft.Dafny { }
}
+ public class TupleTypeDecl : IndDatatypeDecl
+ {
+ public readonly int Dims;
+ /// <summary>
+ /// Construct a resolved built-in tuple type with "dim" arguments. "systemModule" is expected to be the _System module.
+ /// </summary>
+ public TupleTypeDecl(int dims, ModuleDefinition systemModule)
+ : this(systemModule, CreateTypeParameters(dims)) {
+ Contract.Requires(0 <= dims);
+ Contract.Requires(systemModule != null);
+ }
+ private TupleTypeDecl(ModuleDefinition systemModule, List<TypeParameter> typeArgs)
+ : base(Token.NoToken, BuiltIns.TupleTypeName(typeArgs.Count), systemModule, typeArgs, CreateConstructors(typeArgs), null) {
+ Contract.Requires(systemModule != null);
+ Contract.Requires(typeArgs != null);
+ Dims = typeArgs.Count;
+ foreach (var ctor in Ctors) {
+ ctor.EnclosingDatatype = this; // resolve here
+ DefaultCtor = ctor;
+ TypeParametersUsedInConstructionByDefaultCtor = new bool[typeArgs.Count];
+ for (int i = 0; i < typeArgs.Count; i++) {
+ TypeParametersUsedInConstructionByDefaultCtor[i] = true;
+ }
+ }
+ }
+ private static List<TypeParameter> CreateTypeParameters(int dims) {
+ Contract.Requires(0 <= dims);
+ var ts = new List<TypeParameter>();
+ for (int i = 0; i < dims; i++) {
+ ts.Add(new TypeParameter(Token.NoToken, "T" + i));
+ }
+ return ts;
+ }
+ private static List<DatatypeCtor> CreateConstructors(List<TypeParameter> typeArgs) {
+ Contract.Requires(typeArgs != null);
+ var formals = new List<Formal>();
+ for (int i = 0; i < typeArgs.Count; i++) {
+ var tp = typeArgs[i];
+ var f = new Formal(Token.NoToken, i.ToString(), new UserDefinedType(Token.NoToken, tp.Name, tp), true, false);
+ formals.Add(f);
+ }
+ var ctor = new DatatypeCtor(Token.NoToken, BuiltIns.TupleTypeCtorName, formals, null);
+ return new List<DatatypeCtor>() { ctor };
+ }
+ }
+
public class CoDatatypeDecl : DatatypeDecl
{
public CoDatatypeDecl SscRepr; // filled in during resolution
@@ -1496,7 +1579,7 @@ namespace Microsoft.Dafny { }
public string FullName {
- get {
+ get {
Contract.Ensures(Contract.Result<string>() != null);
Contract.Assume(EnclosingDatatype != null);
@@ -1561,9 +1644,9 @@ namespace Microsoft.Dafny { public class NoContext : ICodeContext
{
public readonly ModuleDefinition Module;
- public NoContext(ModuleDefinition module)
+ public NoContext(ModuleDefinition module)
{
- this.Module = module;
+ this.Module = module;
}
bool ICodeContext.IsGhost { get { return true; } }
bool ICodeContext.IsStatic { get { Contract.Assume(false, "should not be called on NoContext"); throw new cce.UnreachableException(); } }
@@ -1959,7 +2042,7 @@ namespace Microsoft.Dafny { }
return UniqueName;
}
- static char[] specialChars = new char[] { '\'', '_', '?', '\\' };
+ static char[] specialChars = new char[] { '\'', '_', '?', '\\', '#' };
public static string CompilerizeName(string nm) {
if ('0' <= nm[0] && nm[0] <= '9') {
// the identifier is one that consists of just digits
@@ -1983,6 +2066,7 @@ namespace Microsoft.Dafny { case '_': name += "__"; break;
case '?': name += "_q"; break;
case '\\': name += "_b"; break;
+ case '#': name += "_h"; break;
default:
Contract.Assume(false); // unexpected character
break;
@@ -3240,7 +3324,7 @@ namespace Microsoft.Dafny { Contract.Invariant(MethodName != null);
Contract.Invariant(cce.NonNullElements(Lhs));
Contract.Invariant(cce.NonNullElements(Args));
- Contract.Invariant(TypeArgumentSubstitutions == null ||
+ Contract.Invariant(TypeArgumentSubstitutions == null ||
Contract.ForAll(Method.TypeArgs, tp => TypeArgumentSubstitutions.ContainsKey(tp)));
}
@@ -3248,8 +3332,8 @@ namespace Microsoft.Dafny { public Expression Receiver; // non-null after resolution
public readonly string MethodName;
public readonly List<Expression> Args;
- public Dictionary<TypeParameter, Type> TypeArgumentSubstitutions;
- // create, initialized, and used by resolution
+ public Dictionary<TypeParameter, Type> TypeArgumentSubstitutions;
+ // create, initialized, and used by resolution
// (could be deleted once all of resolution is done)
// That's not going to work! It should never be deleted!
public Method Method; // filled in by resolution
@@ -3560,7 +3644,6 @@ namespace Microsoft.Dafny { Contract.Invariant(Range != null);
Contract.Invariant(BoundVars.Count != 0 || LiteralExpr.IsTrue(Range));
Contract.Invariant(Ens != null);
- Contract.Invariant(Body != null);
}
public ForallStmt(IToken tok, IToken endTok, List<BoundVar> boundVars, Attributes attrs, Expression range, List<MaybeFreeExpression> ens, Statement body)
@@ -3571,7 +3654,6 @@ namespace Microsoft.Dafny { Contract.Requires(range != null);
Contract.Requires(boundVars.Count != 0 || LiteralExpr.IsTrue(range));
Contract.Requires(cce.NonNullElements(ens));
- Contract.Requires(body != null);
this.BoundVars = boundVars;
this.Attributes = attrs;
this.Range = range;
@@ -3605,7 +3687,9 @@ namespace Microsoft.Dafny { public override IEnumerable<Statement> SubStatements {
get {
- yield return Body;
+ if (Body != null) {
+ yield return Body;
+ }
}
}
public override IEnumerable<Expression> SubExpressions {
@@ -3686,8 +3770,8 @@ namespace Microsoft.Dafny { public static bool ValidOp(BinaryExpr.Opcode op) {
return
op == BinaryExpr.Opcode.Eq || op == BinaryExpr.Opcode.Neq
- || op == BinaryExpr.Opcode.Lt || op == BinaryExpr.Opcode.Le
- || op == BinaryExpr.Opcode.Gt || op == BinaryExpr.Opcode.Ge
+ || op == BinaryExpr.Opcode.Lt || op == BinaryExpr.Opcode.Le
+ || op == BinaryExpr.Opcode.Gt || op == BinaryExpr.Opcode.Ge
|| LogicOp(op);
}
@@ -3713,7 +3797,7 @@ namespace Microsoft.Dafny { var op2 = other.Op;
if (op1 == BinaryExpr.Opcode.Neq || op2 == BinaryExpr.Opcode.Neq)
return op2 == BinaryExpr.Opcode.Eq;
- if (op1 == op2)
+ if (op1 == op2)
return true;
if (LogicOp(op1) || LogicOp(op2))
return op2 == BinaryExpr.Opcode.Eq ||
@@ -3805,7 +3889,7 @@ namespace Microsoft.Dafny { public readonly List<Expression> Steps; // expressions li op l<i + 1>, filled in during resolution (last step is dummy)
public Expression Result; // expression l0 ResultOp ln, filled in during resolution
- public static readonly CalcOp DefaultOp = new BinaryCalcOp(BinaryExpr.Opcode.Eq);
+ public static readonly CalcOp DefaultOp = new BinaryCalcOp(BinaryExpr.Opcode.Eq);
[ContractInvariantMethod]
void ObjectInvariant()
@@ -3847,7 +3931,7 @@ namespace Microsoft.Dafny { } else {
this.ResultOp = resultOp;
}
- this.Steps = new List<Expression>();
+ this.Steps = new List<Expression>();
this.Result = null;
}
@@ -3916,8 +4000,9 @@ namespace Microsoft.Dafny { public readonly Expression Source;
public readonly List<MatchCaseStmt> Cases;
public readonly List<DatatypeCtor> MissingCases = new List<DatatypeCtor>(); // filled in during resolution
+ public readonly bool UsesOptionalBraces;
- public MatchStmt(IToken tok, IToken endTok, Expression source, [Captured] List<MatchCaseStmt> cases)
+ public MatchStmt(IToken tok, IToken endTok, Expression source, [Captured] List<MatchCaseStmt> cases, bool usesOptionalBraces)
: base(tok, endTok) {
Contract.Requires(tok != null);
Contract.Requires(endTok != null);
@@ -3925,6 +4010,7 @@ namespace Microsoft.Dafny { Contract.Requires(cce.NonNullElements(cases));
this.Source = source;
this.Cases = cases;
+ this.UsesOptionalBraces = usesOptionalBraces;
}
public override IEnumerable<Statement> SubStatements {
@@ -4014,7 +4100,7 @@ namespace Microsoft.Dafny { Contract.Requires(endTok != null);
NameReplacements = nameReplacements;
ExprReplacements = exprReplacements;
-
+
}
public override IEnumerable<Statement> SubStatements {
get {
@@ -4185,6 +4271,20 @@ namespace Microsoft.Dafny { }
/// <summary>
+ /// Create a resolved expression of the form "e0 + e1"
+ /// </summary>
+ public static Expression CreateAdd(Expression e0, Expression e1) {
+ Contract.Requires(e0 != null);
+ Contract.Requires(e1 != null);
+ Contract.Requires((e0.Type is IntType && e1.Type is IntType) || (e0.Type is RealType && e1.Type is RealType));
+ Contract.Ensures(Contract.Result<Expression>() != null);
+ var s = new BinaryExpr(e0.tok, BinaryExpr.Opcode.Add, e0, e1);
+ s.ResolvedOp = BinaryExpr.ResolvedOpcode.Add; // resolve here
+ s.Type = e0.Type; // resolve here
+ return s;
+ }
+
+ /// <summary>
/// Create a resolved expression of the form "e0 - e1"
/// </summary>
public static Expression CreateSubtract(Expression e0, Expression e1) {
@@ -4209,12 +4309,8 @@ namespace Microsoft.Dafny { if (n == 0) {
return e;
}
- var nn = new LiteralExpr(e.tok, n);
- nn.Type = Type.Int;
- var p = new BinaryExpr(e.tok, BinaryExpr.Opcode.Add, e, nn);
- p.ResolvedOp = BinaryExpr.ResolvedOpcode.Add;
- p.Type = Type.Int;
- return p;
+ var nn = CreateIntLiteral(e.tok, n);
+ return CreateAdd(e, nn);
}
/// <summary>
@@ -4228,11 +4324,8 @@ namespace Microsoft.Dafny { if (n == 0) {
return e;
}
- var nn = Expression.CreateIntLiteral(e.tok, n);
- var p = new BinaryExpr(e.tok, BinaryExpr.Opcode.Sub, e, nn);
- p.ResolvedOp = BinaryExpr.ResolvedOpcode.Sub;
- p.Type = Type.Int;
- return p;
+ var nn = CreateIntLiteral(e.tok, n);
+ return CreateSubtract(e, nn);
}
/// <summary>
@@ -4252,7 +4345,7 @@ namespace Microsoft.Dafny { /// <summary>
/// Create a resolved expression for a bool b
- /// </summary>
+ /// </summary>
public static Expression CreateBoolLiteral(IToken tok, bool b) {
Contract.Requires(tok != null);
var lit = new LiteralExpr(tok, b);
@@ -4296,6 +4389,26 @@ namespace Microsoft.Dafny { return s;
}
+ public static Expression CreateEq(Expression e0, Expression e1, Type ty) {
+ Contract.Requires(e0 != null);
+ Contract.Requires(e1 != null);
+ Contract.Requires(ty != null);
+ var eq = new BinaryExpr(e0.tok, BinaryExpr.Opcode.Eq, e0, e1);
+ if (ty is SetType) {
+ eq.ResolvedOp = BinaryExpr.ResolvedOpcode.SetEq;
+ } else if (ty is SeqType) {
+ eq.ResolvedOp = BinaryExpr.ResolvedOpcode.SeqEq;
+ } else if (ty is MultiSetType) {
+ eq.ResolvedOp = BinaryExpr.ResolvedOpcode.InMultiSet;
+ } else if (ty is MapType) {
+ eq.ResolvedOp = BinaryExpr.ResolvedOpcode.MapEq;
+ } else {
+ eq.ResolvedOp = BinaryExpr.ResolvedOpcode.EqCommon;
+ }
+ eq.type = Type.Bool;
+ return eq;
+ }
+
/// <summary>
/// Create a resolved expression of the form "e0 && e1"
/// </summary>
@@ -4357,7 +4470,7 @@ namespace Microsoft.Dafny { Contract.Ensures(Contract.Result<MatchCaseExpr>() != null);
ResolvedCloner cloner = new ResolvedCloner();
- var newVars = old_case.Arguments.ConvertAll(cloner.CloneBoundVar);
+ var newVars = old_case.Arguments.ConvertAll(cloner.CloneBoundVar);
new_body = VarSubstituter(old_case.Arguments.ConvertAll<NonglobalVariable>(x=>(NonglobalVariable)x), newVars, new_body);
var new_case = new MatchCaseExpr(old_case.tok, old_case.Id, newVars, new_body);
@@ -4367,15 +4480,15 @@ namespace Microsoft.Dafny { }
/// <summary>
- /// Create a match expression with a resolved type
+ /// Create a match expression with a resolved type
/// </summary>
public static Expression CreateMatch(IToken tok, Expression src, List<MatchCaseExpr> cases, Type type) {
- MatchExpr e = new MatchExpr(tok, src, cases);
+ MatchExpr e = new MatchExpr(tok, src, cases, false);
e.Type = type; // resolve here
return e;
}
-
+
/// <summary>
/// Create a let expression with a resolved type and fresh variables
/// </summary>
@@ -4415,22 +4528,33 @@ namespace Microsoft.Dafny { }
body = VarSubstituter(expr.BoundVars.ConvertAll<NonglobalVariable>(x=>(NonglobalVariable)x), newVars, body);
-
+
QuantifierExpr q;
if (forall) {
q = new ForallExpr(expr.tok, new List<TypeParameter>(), newVars, expr.Range, body, expr.Attributes);
} else {
q = new ExistsExpr(expr.tok, new List<TypeParameter>(), newVars, expr.Range, body, expr.Attributes);
- }
+ }
q.Type = Type.Bool;
- return q;
+ return q;
+ }
+
+ /// <summary>
+ /// Create a resolved IdentifierExpr (whose token is that of the variable)
+ /// </summary>
+ public static Expression CreateIdentExpr(IVariable v) {
+ Contract.Requires(v != null);
+ var e = new IdentifierExpr(v.Tok, v.Name);
+ e.Var = v; // resolve here
+ e.type = v.Type; // resolve here
+ return e;
}
public static Expression VarSubstituter(List<NonglobalVariable> oldVars, List<BoundVar> newVars, Expression e) {
Contract.Requires(oldVars != null && newVars != null);
Contract.Requires(oldVars.Count == newVars.Count);
-
+
Dictionary<IVariable, Expression/*!*/> substMap = new Dictionary<IVariable, Expression>();
Dictionary<TypeParameter, Type> typeMap = new Dictionary<TypeParameter, Type>();
@@ -4455,7 +4579,7 @@ namespace Microsoft.Dafny { {
public readonly Type UnresolvedType;
- public StaticReceiverExpr(IToken tok, Type t)
+ public StaticReceiverExpr(IToken tok, Type t)
: base(tok) {
Contract.Requires(tok != null);
Contract.Requires(t != null);
@@ -4525,7 +4649,7 @@ namespace Microsoft.Dafny { this.Value = b;
}
}
-
+
public class DatatypeValue : Expression {
public readonly string DatatypeName;
public readonly string MemberName;
@@ -4540,7 +4664,7 @@ namespace Microsoft.Dafny { Contract.Invariant(cce.NonNullElements(Arguments));
Contract.Invariant(cce.NonNullElements(InferredTypeArgs));
Contract.Invariant(
- Ctor == null ||
+ Ctor == null ||
InferredTypeArgs.Count == Ctor.EnclosingDatatype.TypeArgs.Count);
}
@@ -4638,7 +4762,7 @@ namespace Microsoft.Dafny { Contract.Requires(cce.NonNullElements(elements));
}
}
-
+
public class MultiSetDisplayExpr : DisplayExpression {
public MultiSetDisplayExpr(IToken tok, List<Expression> elements) : base(tok, elements) {
Contract.Requires(tok != null);
@@ -4800,7 +4924,7 @@ namespace Microsoft.Dafny { public readonly Expression Receiver;
public readonly IToken OpenParen; // can be null if Args.Count == 0
public readonly List<Expression> Args;
- public Dictionary<TypeParameter, Type> TypeArgumentSubstitutions;
+ public Dictionary<TypeParameter, Type> TypeArgumentSubstitutions;
// created, initialized, and used by resolution (and also used by translation)
public enum CoCallResolution {
No,
@@ -4822,7 +4946,7 @@ namespace Microsoft.Dafny { Function == null || TypeArgumentSubstitutions == null ||
Contract.ForAll(
Function.TypeArgs,
- a => TypeArgumentSubstitutions.ContainsKey(a)) &&
+ a => TypeArgumentSubstitutions.ContainsKey(a)) &&
Contract.ForAll(
TypeArgumentSubstitutions.Keys,
a => Function.TypeArgs.Contains(a) || Function.EnclosingClass.TypeArgs.Contains(a)));
@@ -5052,6 +5176,18 @@ namespace Microsoft.Dafny { public ResolvedOpcode ResolvedOp_PossiblyStillUndetermined { // offer a way to return _theResolveOp -- for experts only!
get { return _theResolvedOp; }
}
+ public static bool IsEqualityOp(ResolvedOpcode op) {
+ switch (op) {
+ case ResolvedOpcode.EqCommon:
+ case ResolvedOpcode.SetEq:
+ case ResolvedOpcode.SeqEq:
+ case ResolvedOpcode.MultiSetEq:
+ case ResolvedOpcode.MapEq:
+ return true;
+ default:
+ return false;
+ }
+ }
public static Opcode ResolvedOp2SyntacticOp(ResolvedOpcode rop) {
switch (rop) {
@@ -5610,6 +5746,7 @@ namespace Microsoft.Dafny { public readonly Expression Source;
public readonly List<MatchCaseExpr> Cases;
public readonly List<DatatypeCtor> MissingCases = new List<DatatypeCtor>(); // filled in during resolution
+ public readonly bool UsesOptionalBraces;
[ContractInvariantMethod]
void ObjectInvariant() {
@@ -5618,13 +5755,14 @@ namespace Microsoft.Dafny { Contract.Invariant(cce.NonNullElements(MissingCases));
}
- public MatchExpr(IToken tok, Expression source, [Captured] List<MatchCaseExpr> cases)
+ public MatchExpr(IToken tok, Expression source, [Captured] List<MatchCaseExpr> cases, bool usesOptionalBraces)
: base(tok) {
Contract.Requires(tok != null);
Contract.Requires(source != null);
Contract.Requires(cce.NonNullElements(cases));
this.Source = source;
this.Cases = cases;
+ this.UsesOptionalBraces = usesOptionalBraces;
}
public override IEnumerable<Expression> SubExpressions {
@@ -5807,7 +5945,7 @@ namespace Microsoft.Dafny { public class MaybeFreeExpression {
public readonly Expression E;
public readonly bool IsFree;
-
+
[ContractInvariantMethod]
void ObjectInvariant() {
Contract.Invariant(E != null);
diff --git a/Source/Dafny/Parser.cs b/Source/Dafny/Parser.cs index bc89b6f1..750c04d0 100644 --- a/Source/Dafny/Parser.cs +++ b/Source/Dafny/Parser.cs @@ -25,8 +25,9 @@ public class Parser { public const int _lbrace = 9;
public const int _rbrace = 10;
public const int _openparen = 11;
- public const int _star = 12;
- public const int _notIn = 13;
+ public const int _closeparen = 12;
+ public const int _star = 13;
+ public const int _notIn = 14;
public const int maxT = 126;
const bool T = true;
@@ -107,7 +108,7 @@ public static int Parse (string/*!*/ s, string/*!*/ filename, ModuleDecl module, parser.Parse();
return parser.errors.count;
}
-public Parser(Scanner/*!*/ scanner, Errors/*!*/ errors, ModuleDecl module, BuiltIns builtIns, bool verifyThisFile=true)
+public Parser(Scanner/*!*/ scanner, Errors/*!*/ errors, ModuleDecl module, BuiltIns builtIns, bool verifyThisFile=true)
: this(scanner, errors) // the real work
{
// initialize readonly fields
@@ -156,6 +157,14 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { (e is FunctionCallExpr ||
(e is IdentifierSequence && ((IdentifierSequence)e).OpenParen != null));
}
+
+bool CloseOptionalParen(bool usesOptionalParen) {
+ return usesOptionalParen && la.kind == _closeparen;
+}
+
+bool CloseOptionalBrace(bool usesOptionalBrace) {
+ return usesOptionalBrace && la.kind == _rbrace;
+}
/*--------------------------------------------------------------------------*/
@@ -236,7 +245,7 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { // theModule should be a DefaultModuleDecl (actually, the singular DefaultModuleDecl)
Contract.Assert(defaultModule != null);
- while (la.kind == 14) {
+ while (la.kind == 15) {
Get();
Expect(6);
{
@@ -248,28 +257,28 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { includedFile = Path.Combine(basePath, includedFile);
fullPath = Path.GetFullPath(includedFile);
}
- defaultModule.Includes.Add(new Include(t, includedFile, fullPath));
+ defaultModule.Includes.Add(new Include(t, includedFile, fullPath));
}
}
while (StartOf(1)) {
switch (la.kind) {
- case 15: case 16: case 18: {
+ case 16: case 17: case 19: {
SubModuleDecl(defaultModule, out submodule);
defaultModule.TopLevelDecls.Add(submodule);
break;
}
- case 23: {
+ case 24: {
ClassDecl(defaultModule, out c);
defaultModule.TopLevelDecls.Add(c);
break;
}
- case 26: case 27: {
+ case 27: case 28: {
DatatypeDecl(defaultModule, out dt);
defaultModule.TopLevelDecls.Add(dt);
break;
}
- case 31: {
+ case 32: {
ArbitraryTypeDecl(defaultModule, out at);
defaultModule.TopLevelDecls.Add(at);
break;
@@ -279,7 +288,7 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { defaultModule.TopLevelDecls.Add(iter);
break;
}
- case 24: case 25: case 29: case 40: case 41: case 42: case 43: case 44: case 62: case 63: case 64: {
+ case 25: case 26: case 30: case 40: case 41: case 42: case 43: case 44: case 62: case 63: case 64: {
ClassMemberDecl(membersDefaultClass, false);
break;
}
@@ -302,7 +311,7 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { void SubModuleDecl(ModuleDefinition parent, out ModuleDecl submodule) {
ClassDecl/*!*/ c; DatatypeDecl/*!*/ dt; ArbitraryTypeDecl at; IteratorDecl iter;
- Attributes attrs = null; IToken/*!*/ id;
+ Attributes attrs = null; IToken/*!*/ id;
List<MemberDecl/*!*/> namedModuleDefaultClassMembers = new List<MemberDecl>();;
List<IToken> idRefined = null, idPath = null, idAssignment = null;
ModuleDefinition module;
@@ -311,17 +320,17 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { bool isAbstract = false;
bool opened = false;
- if (la.kind == 15 || la.kind == 16) {
- if (la.kind == 15) {
+ if (la.kind == 16 || la.kind == 17) {
+ if (la.kind == 16) {
Get();
isAbstract = true;
}
- Expect(16);
+ Expect(17);
while (la.kind == 9) {
Attribute(ref attrs);
}
NoUSIdent(out id);
- if (la.kind == 17) {
+ if (la.kind == 18) {
Get();
QualifiedName(out idRefined);
}
@@ -330,22 +339,22 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { module.BodyStartTok = t;
while (StartOf(1)) {
switch (la.kind) {
- case 15: case 16: case 18: {
+ case 16: case 17: case 19: {
SubModuleDecl(module, out sm);
module.TopLevelDecls.Add(sm);
break;
}
- case 23: {
+ case 24: {
ClassDecl(module, out c);
module.TopLevelDecls.Add(c);
break;
}
- case 26: case 27: {
+ case 27: case 28: {
DatatypeDecl(module, out dt);
module.TopLevelDecls.Add(dt);
break;
}
- case 31: {
+ case 32: {
ArbitraryTypeDecl(module, out at);
module.TopLevelDecls.Add(at);
break;
@@ -355,7 +364,7 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { module.TopLevelDecls.Add(iter);
break;
}
- case 24: case 25: case 29: case 40: case 41: case 42: case 43: case 44: case 62: case 63: case 64: {
+ case 25: case 26: case 30: case 40: case 41: case 42: case 43: case 44: case 62: case 63: case 64: {
ClassMemberDecl(namedModuleDefaultClassMembers, false);
break;
}
@@ -365,22 +374,22 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { module.BodyEndTok = t;
module.TopLevelDecls.Add(new DefaultClassDecl(module, namedModuleDefaultClassMembers));
submodule = new LiteralModuleDecl(module, parent);
- } else if (la.kind == 18) {
+ } else if (la.kind == 19) {
Get();
- if (la.kind == 19) {
+ if (la.kind == 20) {
Get();
opened = true;
}
NoUSIdent(out id);
- if (la.kind == 20 || la.kind == 21) {
- if (la.kind == 20) {
+ if (la.kind == 21 || la.kind == 22) {
+ if (la.kind == 21) {
Get();
QualifiedName(out idPath);
submodule = new AliasModuleDecl(idPath, id, parent, opened);
} else {
Get();
QualifiedName(out idPath);
- if (la.kind == 22) {
+ if (la.kind == 23) {
Get();
QualifiedName(out idAssignment);
}
@@ -409,8 +418,8 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { List<MemberDecl/*!*/> members = new List<MemberDecl/*!*/>();
IToken bodyStart;
- while (!(la.kind == 0 || la.kind == 23)) {SynErr(129); Get();}
- Expect(23);
+ while (!(la.kind == 0 || la.kind == 24)) {SynErr(129); Get();}
+ Expect(24);
while (la.kind == 9) {
Attribute(ref attrs);
}
@@ -440,10 +449,10 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { IToken bodyStart = Token.NoToken; // dummy assignment
bool co = false;
- while (!(la.kind == 0 || la.kind == 26 || la.kind == 27)) {SynErr(130); Get();}
- if (la.kind == 26) {
+ while (!(la.kind == 0 || la.kind == 27 || la.kind == 28)) {SynErr(130); Get();}
+ if (la.kind == 27) {
Get();
- } else if (la.kind == 27) {
+ } else if (la.kind == 28) {
Get();
co = true;
} else SynErr(131);
@@ -454,10 +463,10 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { if (la.kind == 38) {
GenericParameters(typeArgs);
}
- Expect(20);
+ Expect(21);
bodyStart = t;
DatatypeMemberDecl(ctors);
- while (la.kind == 28) {
+ while (la.kind == 29) {
Get();
DatatypeMemberDecl(ctors);
}
@@ -480,15 +489,15 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { Attributes attrs = null;
var eqSupport = TypeParameter.EqualitySupportValue.Unspecified;
- Expect(31);
+ Expect(32);
while (la.kind == 9) {
Attribute(ref attrs);
}
NoUSIdent(out id);
if (la.kind == 11) {
Get();
- Expect(32);
Expect(33);
+ Expect(12);
eqSupport = TypeParameter.EqualitySupportValue.Required;
}
at = new ArbitraryTypeDecl(id, id.val, module, eqSupport, attrs);
@@ -569,8 +578,8 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { Function/*!*/ f;
MemberModifiers mmod = new MemberModifiers();
- while (la.kind == 24 || la.kind == 25) {
- if (la.kind == 24) {
+ while (la.kind == 25 || la.kind == 26) {
+ if (la.kind == 25) {
Get();
mmod.IsGhost = true;
} else {
@@ -578,7 +587,7 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { mmod.IsStatic = true;
}
}
- if (la.kind == 29) {
+ if (la.kind == 30) {
FieldDecl(mmod, mm);
} else if (la.kind == 62 || la.kind == 63 || la.kind == 64) {
FunctionDecl(mmod, out f);
@@ -598,7 +607,7 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { void NoUSIdent(out IToken/*!*/ x) {
Contract.Ensures(Contract.ValueAtReturn(out x) != null);
Expect(1);
- x = t;
+ x = t;
if (x.val.StartsWith("_")) {
SemErr("cannot declare identifier beginning with underscore");
}
@@ -669,19 +678,19 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { eqSupport = TypeParameter.EqualitySupportValue.Unspecified;
if (la.kind == 11) {
Get();
- Expect(32);
Expect(33);
+ Expect(12);
eqSupport = TypeParameter.EqualitySupportValue.Required;
}
typeArgs.Add(new TypeParameter(id, id.val, eqSupport));
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
NoUSIdent(out id);
eqSupport = TypeParameter.EqualitySupportValue.Unspecified;
if (la.kind == 11) {
Get();
- Expect(32);
Expect(33);
+ Expect(12);
eqSupport = TypeParameter.EqualitySupportValue.Required;
}
typeArgs.Add(new TypeParameter(id, id.val, eqSupport));
@@ -694,8 +703,8 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { Attributes attrs = null;
IToken/*!*/ id; Type/*!*/ ty;
- while (!(la.kind == 0 || la.kind == 29)) {SynErr(138); Get();}
- Expect(29);
+ while (!(la.kind == 0 || la.kind == 30)) {SynErr(138); Get();}
+ Expect(30);
if (mmod.IsStatic) { SemErr(t, "fields cannot be declared 'static'"); }
while (la.kind == 9) {
@@ -703,7 +712,7 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { }
FIdentType(out id, out ty);
mm.Add(new Field(id, id.val, mmod.IsGhost, ty, attrs));
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
FIdentType(out id, out ty);
mm.Add(new Field(id, id.val, mmod.IsGhost, ty, attrs));
@@ -984,13 +993,13 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { if (StartOf(9)) {
TypeIdentOptional(out id, out name, out ty, out isGhost);
formals.Add(new Formal(id, name, ty, true, isGhost));
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
TypeIdentOptional(out id, out name, out ty, out isGhost);
formals.Add(new Formal(id, name, ty, true, isGhost));
}
}
- Expect(33);
+ Expect(12);
}
void FIdentType(out IToken/*!*/ id, out Type/*!*/ ty) {
@@ -1011,7 +1020,7 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { Contract.Ensures(Contract.ValueAtReturn(out id)!=null);
Contract.Ensures(Contract.ValueAtReturn(out ty)!=null);
isGhost = false;
- if (la.kind == 24) {
+ if (la.kind == 25) {
Get();
if (allowGhostKeyword) { isGhost = true; } else { SemErr(t, "formal cannot be declared 'ghost' in this context"); }
}
@@ -1028,7 +1037,7 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { void WildIdent(out IToken/*!*/ x, bool allowWildcardId) {
Contract.Ensures(Contract.ValueAtReturn(out x) != null);
Expect(1);
- x = t;
+ x = t;
if (x.val.StartsWith("_")) {
if (allowWildcardId && x.val.Length == 1) {
t.val = "_v" + anonymousIds++;
@@ -1074,7 +1083,7 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { Contract.Ensures(Contract.ValueAtReturn(out ty)!=null);
Contract.Ensures(Contract.ValueAtReturn(out identName)!=null);
string name = null; id = Token.NoToken; ty = new BoolType()/*dummy*/; isGhost = false;
- if (la.kind == 24) {
+ if (la.kind == 25) {
Get();
isGhost = true;
}
@@ -1106,8 +1115,9 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { }
void TypeAndToken(out IToken/*!*/ tok, out Type/*!*/ ty) {
- Contract.Ensures(Contract.ValueAtReturn(out tok)!=null); Contract.Ensures(Contract.ValueAtReturn(out ty) != null); tok = Token.NoToken; ty = new BoolType(); /*keep compiler happy*/
- List<Type/*!*/>/*!*/ gt;
+ Contract.Ensures(Contract.ValueAtReturn(out tok)!=null); Contract.Ensures(Contract.ValueAtReturn(out ty) != null);
+ tok = Token.NoToken; ty = new BoolType(); /*keep compiler happy*/
+ List<Type> gt;
switch (la.kind) {
case 52: {
@@ -1186,6 +1196,30 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { break;
}
+ case 11: {
+ Get();
+ tok = t; gt = new List<Type>();
+ if (StartOf(10)) {
+ Type(out ty);
+ gt.Add(ty);
+ while (la.kind == 31) {
+ Get();
+ Type(out ty);
+ gt.Add(ty);
+ }
+ }
+ Expect(12);
+ if (gt.Count == 1) {
+ // just return the type 'ty'
+ } else {
+ // make sure the nullary tuple type exists
+ var dims = gt.Count;
+ var tmp = theBuiltIns.TupleType(tok, dims, true);
+ ty = new UserDefinedType(tok, BuiltIns.TupleTypeName(dims), gt, new List<IToken>());
+ }
+
+ break;
+ }
case 1: case 5: case 60: {
ReferenceType(out tok, out ty);
break;
@@ -1198,16 +1232,16 @@ bool SemiFollowsCall(bool allowSemi, Expression e) { Contract.Requires(cce.NonNullElements(formals)); IToken/*!*/ id; Type/*!*/ ty; bool isGhost;
Expect(11);
openParen = t;
- if (la.kind == 1 || la.kind == 24) {
+ if (la.kind == 1 || la.kind == 25) {
GIdentType(allowGhostKeyword, out id, out ty, out isGhost);
formals.Add(new Formal(id, id.val, ty, incoming, isGhost));
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
GIdentType(allowGhostKeyword, out id, out ty, out isGhost);
formals.Add(new Formal(id, id.val, ty, incoming, isGhost));
}
}
- Expect(33);
+ Expect(12);
}
void IteratorSpec(List<FrameExpression/*!*/>/*!*/ reads, List<FrameExpression/*!*/>/*!*/ mod, List<Expression/*!*/> decreases,
@@ -1225,7 +1259,7 @@ ref Attributes readsAttrs, ref Attributes modAttrs, ref Attributes decrAttrs) { if (StartOf(12)) {
FrameExpression(out fe);
reads.Add(fe);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
FrameExpression(out fe);
reads.Add(fe);
@@ -1241,7 +1275,7 @@ ref Attributes readsAttrs, ref Attributes modAttrs, ref Attributes decrAttrs) { if (StartOf(12)) {
FrameExpression(out fe);
mod.Add(fe);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
FrameExpression(out fe);
mod.Add(fe);
@@ -1323,7 +1357,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo if (StartOf(12)) {
FrameExpression(out fe);
mod.Add(fe);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
FrameExpression(out fe);
mod.Add(fe);
@@ -1410,7 +1444,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo decreases.Add(e);
}
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
PossiblyWildExpression(out e);
if (!allowWildcard && e is WildcardExpr) {
@@ -1427,7 +1461,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Expect(38);
Type(out ty);
gt.Add(ty);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
Type(out ty);
gt.Add(ty);
@@ -1438,7 +1472,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo void ReferenceType(out IToken/*!*/ tok, out Type/*!*/ ty) {
Contract.Ensures(Contract.ValueAtReturn(out tok) != null); Contract.Ensures(Contract.ValueAtReturn(out ty) != null);
tok = Token.NoToken; ty = new BoolType(); /*keep compiler happy*/
- List<Type/*!*/>/*!*/ gt;
+ List<Type> gt;
List<IToken> path;
if (la.kind == 60) {
@@ -1446,20 +1480,16 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo tok = t; ty = new ObjectType();
} else if (la.kind == 5) {
Get();
- tok = t; gt = new List<Type/*!*/>();
- GenericInstantiation(gt);
- if (gt.Count != 1) {
- SemErr("array type expects exactly one type argument");
- }
- int dims = 1;
- if (tok.val.Length != 5) {
- dims = int.Parse(tok.val.Substring(5));
+ tok = t; gt = new List<Type>();
+ if (la.kind == 38) {
+ GenericInstantiation(gt);
}
- ty = theBuiltIns.ArrayType(tok, dims, gt[0], true);
+ int dims = tok.val.Length == 5 ? 1 : int.Parse(tok.val.Substring(5));
+ ty = theBuiltIns.ArrayType(tok, dims, gt, true);
} else if (la.kind == 1) {
Ident(out tok);
- gt = new List<Type/*!*/>();
+ gt = new List<Type>();
path = new List<IToken>();
while (la.kind == 61) {
path.Add(tok);
@@ -1490,7 +1520,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo if (StartOf(17)) {
PossiblyWildFrameExpression(out fe);
reads.Add(fe);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
PossiblyWildFrameExpression(out fe);
reads.Add(fe);
@@ -1528,7 +1558,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo void PossiblyWildFrameExpression(out FrameExpression/*!*/ fe) {
Contract.Ensures(Contract.ValueAtReturn(out fe) != null); fe = dummyFrameExpr;
- if (la.kind == 12) {
+ if (la.kind == 13) {
Get();
fe = new FrameExpression(t, new WildcardExpr(t), null);
} else if (StartOf(12)) {
@@ -1539,7 +1569,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo void PossiblyWildExpression(out Expression/*!*/ e) {
Contract.Ensures(Contract.ValueAtReturn(out e)!=null);
e = dummyExpr;
- if (la.kind == 12) {
+ if (la.kind == 13) {
Get();
e = new WildcardExpr(t);
} else if (StartOf(16)) {
@@ -1580,11 +1610,11 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo PrintStmt(out s);
break;
}
- case 1: case 2: case 3: case 4: case 11: case 28: case 54: case 55: case 113: case 114: case 115: case 116: case 117: case 118: {
+ case 1: case 2: case 3: case 4: case 11: case 29: case 54: case 55: case 113: case 114: case 115: case 116: case 117: case 118: {
UpdateStmt(out s);
break;
}
- case 24: case 29: {
+ case 25: case 30: {
VarDeclStatement(out s);
break;
}
@@ -1708,7 +1738,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo x = t;
AttributeArg(out arg, false);
args.Add(arg);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
AttributeArg(out arg, false);
args.Add(arg);
@@ -1735,9 +1765,9 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo }
Expect(8);
endTok = t; rhss.Add(new ExprRhs(e, attrs));
- } else if (la.kind == 30 || la.kind == 69 || la.kind == 71) {
+ } else if (la.kind == 31 || la.kind == 69 || la.kind == 71) {
lhss.Add(e); lhs0 = e;
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
Lhs(out e);
lhss.Add(e);
@@ -1747,7 +1777,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo x = t;
Rhs(out r, lhs0);
rhss.Add(r);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
Rhs(out r, lhs0);
rhss.Add(r);
@@ -1790,18 +1820,18 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Attributes attrs = null;
IToken endTok;
- if (la.kind == 24) {
+ if (la.kind == 25) {
Get();
isGhost = true; x = t;
}
- Expect(29);
+ Expect(30);
if (!isGhost) { x = t; }
while (la.kind == 9) {
Attribute(ref attrs);
}
LocalIdentTypeOptional(out d, isGhost);
lhss.Add(d); d.Attributes = attrs; attrs = null;
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
while (la.kind == 9) {
Attribute(ref attrs);
@@ -1817,7 +1847,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Rhs(out r, lhs0);
rhss.Add(r);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
Rhs(out r, lhs0);
rhss.Add(r);
@@ -1954,17 +1984,26 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo void MatchStmt(out Statement/*!*/ s) {
Contract.Ensures(Contract.ValueAtReturn(out s) != null);
Token x; Expression/*!*/ e; MatchCaseStmt/*!*/ c;
- List<MatchCaseStmt/*!*/> cases = new List<MatchCaseStmt/*!*/>();
+ List<MatchCaseStmt/*!*/> cases = new List<MatchCaseStmt/*!*/>();
+ bool usesOptionalBrace = false;
+
Expect(82);
x = t;
Expression(out e, true);
- Expect(9);
+ if (la.kind == 9) {
+ Get();
+ usesOptionalBrace = true;
+ }
while (la.kind == 78) {
CaseStatement(out c);
cases.Add(c);
}
- Expect(10);
- s = new MatchStmt(x, t, e, cases);
+ if (CloseOptionalBrace(usesOptionalBrace)) {
+ Expect(10);
+ } else if (StartOf(21)) {
+ if (usesOptionalBrace) { SemErr(t, "expecting close curly brace"); }
+ } else SynErr(187);
+ s = new MatchStmt(x, t, e, cases, usesOptionalBrace);
}
void ForallStmt(out Statement/*!*/ s) {
@@ -1977,18 +2016,19 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo var ens = new List<MaybeFreeExpression/*!*/>();
bool isFree;
Expression/*!*/ e;
- BlockStmt/*!*/ block;
+ BlockStmt block = null;
IToken bodyStart, bodyEnd;
+ IToken tok = Token.NoToken;
if (la.kind == 85) {
Get();
- x = t;
+ x = t; tok = x;
} else if (la.kind == 86) {
Get();
x = t;
errors.Warning(t, "the 'parallel' keyword has been deprecated; the comprehension statement now uses the keyword 'forall' (and the parentheses around the bound variables are now optional)");
- } else SynErr(187);
+ } else SynErr(188);
if (la.kind == 11) {
Get();
usesOptionalParen = true;
@@ -2002,12 +2042,11 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo if (bvars == null) { bvars = new List<BoundVar>(); }
if (range == null) { range = new LiteralExpr(x, true); }
- if (la.kind == 33) {
- Get();
- if (!usesOptionalParen) { SemErr(t, "found but didn't expect a close parenthesis"); }
- } else if (la.kind == 9 || la.kind == 46 || la.kind == 48) {
+ if (CloseOptionalParen(usesOptionalParen)) {
+ Expect(12);
+ } else if (StartOf(22)) {
if (usesOptionalParen) { SemErr(t, "expecting close parenthesis"); }
- } else SynErr(188);
+ } else SynErr(189);
while (la.kind == 46 || la.kind == 48) {
isFree = false;
if (la.kind == 46) {
@@ -2016,19 +2055,30 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo }
Expect(48);
Expression(out e, false);
- Expect(8);
ens.Add(new MaybeFreeExpression(e, isFree));
+ Expect(8);
+ tok = t;
+ }
+ if (la.kind == 9) {
+ BlockStmt(out block, out bodyStart, out bodyEnd);
}
- BlockStmt(out block, out bodyStart, out bodyEnd);
- s = new ForallStmt(x, block.EndTok, bvars, attrs, range, ens, block);
+ if (DafnyOptions.O.DisallowSoundnessCheating && block == null && 0 < ens.Count) {
+ SemErr(t, "a forall statement with an ensures clause must have a body");
+ }
+
+ if (block != null) {
+ tok = block.EndTok;
+ }
+ s = new ForallStmt(x, tok, bvars, attrs, range, ens, block);
+
}
void CalcStmt(out Statement/*!*/ s) {
Contract.Ensures(Contract.ValueAtReturn(out s) != null);
Token x;
- CalcStmt.CalcOp/*!*/ op, calcOp = Microsoft.Dafny.CalcStmt.DefaultOp, resOp = Microsoft.Dafny.CalcStmt.DefaultOp;
+ CalcStmt.CalcOp/*!*/ op, calcOp = Microsoft.Dafny.CalcStmt.DefaultOp, resOp = Microsoft.Dafny.CalcStmt.DefaultOp;
var lines = new List<Expression/*!*/>();
- var hints = new List<BlockStmt/*!*/>();
+ var hints = new List<BlockStmt/*!*/>();
CalcStmt.CalcOp stepOp;
var stepOps = new List<CalcStmt.CalcOp>();
CalcStmt.CalcOp maybeOp;
@@ -2039,13 +2089,13 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Expect(88);
x = t;
- if (StartOf(21)) {
+ if (StartOf(23)) {
CalcOp(out opTok, out calcOp);
maybeOp = calcOp.ResultOp(calcOp); // guard against non-transitive calcOp (like !=)
if (maybeOp == null) {
SemErr(opTok, "the main operator of a calculation must be transitive");
}
- resOp = calcOp;
+ resOp = calcOp;
}
Expect(9);
@@ -2053,7 +2103,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Expression(out e, false);
lines.Add(e); stepOp = calcOp; danglingOperator = null;
Expect(8);
- if (StartOf(21)) {
+ if (StartOf(23)) {
CalcOp(out opTok, out op);
maybeOp = resOp.ResultOp(op);
if (maybeOp == null) {
@@ -2078,8 +2128,8 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo if (lines.Count > 0) {
// Repeat the last line to create a dummy line for the dangling hint
lines.Add(lines[lines.Count - 1]);
- }
- s = new CalcStmt(x, t, calcOp, lines, hints, stepOps, resOp);
+ }
+ s = new CalcStmt(x, t, calcOp, lines, hints, stepOps, resOp);
}
@@ -2095,11 +2145,11 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo while (IsAttribute()) {
Attribute(ref attrs);
}
- if (StartOf(22)) {
+ if (StartOf(24)) {
if (StartOf(12)) {
FrameExpression(out fe);
mod.Add(fe);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
FrameExpression(out fe);
mod.Add(fe);
@@ -2112,10 +2162,10 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo if (la.kind == 9) {
BlockStmt(out body, out bodyStart, out endTok);
} else if (la.kind == 8) {
- while (!(la.kind == 0 || la.kind == 8)) {SynErr(189); Get();}
+ while (!(la.kind == 0 || la.kind == 8)) {SynErr(190); Get();}
Get();
endTok = t;
- } else SynErr(190);
+ } else SynErr(191);
s = new ModifyStmt(tok, endTok, mod, attrs, body);
if (ellipsisToken != null) {
s = new SkeletonStatement(s, ellipsisToken, null);
@@ -2135,11 +2185,11 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo } else if (la.kind == 51) {
Get();
returnTok = t; isYield = true;
- } else SynErr(191);
- if (StartOf(23)) {
+ } else SynErr(192);
+ if (StartOf(25)) {
Rhs(out r, null);
rhss = new List<AssignmentRhs>(); rhss.Add(r);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
Rhs(out r, null);
rhss.Add(r);
@@ -2166,7 +2216,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo names = new List<IToken>(); exprs = new List<Expression>(); whereTok = t;
Ident(out tok);
names.Add(tok);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
Ident(out tok);
names.Add(tok);
@@ -2174,7 +2224,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Expect(69);
Expression(out e, false);
exprs.Add(e);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
Expression(out e, false);
exprs.Add(e);
@@ -2208,7 +2258,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo ee = new List<Expression>();
Expressions(ee);
Expect(75);
- UserDefinedType tmp = theBuiltIns.ArrayType(x, ee.Count, new IntType(), true);
+ var tmp = theBuiltIns.ArrayType(ee.Count, new IntType(), true);
} else {
x = null; args = new List<Expression/*!*/>();
@@ -2220,7 +2270,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo if (StartOf(16)) {
Expressions(args);
}
- Expect(33);
+ Expect(12);
}
}
if (ee != null) {
@@ -2231,13 +2281,13 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo r = new TypeRhs(newToken, ty);
}
- } else if (la.kind == 12) {
+ } else if (la.kind == 13) {
Get();
r = new HavocRhs(t);
} else if (StartOf(16)) {
Expression(out e, false);
r = new ExprRhs(e);
- } else SynErr(192);
+ } else SynErr(193);
while (la.kind == 9) {
Attribute(ref attrs);
}
@@ -2252,20 +2302,20 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo while (la.kind == 61 || la.kind == 74) {
Suffix(ref e);
}
- } else if (StartOf(24)) {
+ } else if (StartOf(26)) {
ConstAtomExpression(out e);
Suffix(ref e);
while (la.kind == 61 || la.kind == 74) {
Suffix(ref e);
}
- } else SynErr(193);
+ } else SynErr(194);
}
void Expressions(List<Expression/*!*/>/*!*/ args) {
Contract.Requires(cce.NonNullElements(args)); Expression/*!*/ e;
Expression(out e, true);
args.Add(e);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
Expression(out e, true);
args.Add(e);
@@ -2296,18 +2346,18 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo void Guard(out Expression e) {
Expression/*!*/ ee; e = null;
- if (la.kind == 12) {
+ if (la.kind == 13) {
Get();
e = null;
} else if (IsParenStar()) {
Expect(11);
+ Expect(13);
Expect(12);
- Expect(33);
e = null;
} else if (StartOf(16)) {
Expression(out ee, true);
e = ee;
- } else SynErr(194);
+ } else SynErr(195);
}
void LoopSpec(out List<MaybeFreeExpression/*!*/> invariants, out List<Expression/*!*/> decreases, out List<FrameExpression/*!*/> mod, ref Attributes decAttrs, ref Attributes modAttrs) {
@@ -2317,23 +2367,23 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo decreases = new List<Expression/*!*/>();
mod = null;
- while (StartOf(25)) {
+ while (StartOf(27)) {
if (la.kind == 46 || la.kind == 81) {
Invariant(out invariant);
- while (!(la.kind == 0 || la.kind == 8)) {SynErr(195); Get();}
+ while (!(la.kind == 0 || la.kind == 8)) {SynErr(196); Get();}
Expect(8);
invariants.Add(invariant);
} else if (la.kind == 49) {
- while (!(la.kind == 0 || la.kind == 49)) {SynErr(196); Get();}
+ while (!(la.kind == 0 || la.kind == 49)) {SynErr(197); Get();}
Get();
while (IsAttribute()) {
Attribute(ref decAttrs);
}
DecreasesList(decreases, true);
- while (!(la.kind == 0 || la.kind == 8)) {SynErr(197); Get();}
+ while (!(la.kind == 0 || la.kind == 8)) {SynErr(198); Get();}
Expect(8);
} else {
- while (!(la.kind == 0 || la.kind == 45)) {SynErr(198); Get();}
+ while (!(la.kind == 0 || la.kind == 45)) {SynErr(199); Get();}
Get();
while (IsAttribute()) {
Attribute(ref modAttrs);
@@ -2342,13 +2392,13 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo if (StartOf(12)) {
FrameExpression(out fe);
mod.Add(fe);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
FrameExpression(out fe);
mod.Add(fe);
}
}
- while (!(la.kind == 0 || la.kind == 8)) {SynErr(199); Get();}
+ while (!(la.kind == 0 || la.kind == 8)) {SynErr(200); Get();}
Expect(8);
}
}
@@ -2356,7 +2406,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo void Invariant(out MaybeFreeExpression/*!*/ invariant) {
bool isFree = false; Expression/*!*/ e; List<string> ids = new List<string>(); invariant = null; Attributes attrs = null;
- while (!(la.kind == 0 || la.kind == 46 || la.kind == 81)) {SynErr(200); Get();}
+ while (!(la.kind == 0 || la.kind == 46 || la.kind == 81)) {SynErr(201); Get();}
if (la.kind == 46) {
Get();
isFree = true;
@@ -2383,12 +2433,12 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Get();
IdentTypeOptional(out bv);
arguments.Add(bv);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
IdentTypeOptional(out bv);
arguments.Add(bv);
}
- Expect(33);
+ Expect(12);
}
Expect(79);
while (StartOf(14)) {
@@ -2405,7 +2455,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo } else if (StartOf(16)) {
Expression(out e, allowSemi);
arg = new Attributes.Argument(t, e);
- } else SynErr(201);
+ } else SynErr(202);
}
void QuantifierDomain(out List<BoundVar> bvars, out Attributes attrs, out Expression range) {
@@ -2416,7 +2466,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo IdentTypeOptional(out bv);
bvars.Add(bv);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
IdentTypeOptional(out bv);
bvars.Add(bv);
@@ -2424,7 +2474,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo while (IsAttribute()) {
Attribute(ref attrs);
}
- if (la.kind == 28) {
+ if (la.kind == 29) {
Get();
Expression(out range, true);
}
@@ -2436,7 +2486,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo x = null;
switch (la.kind) {
- case 32: {
+ case 33: {
Get();
x = t; binOp = BinaryExpr.Opcode.Eq;
if (la.kind == 89) {
@@ -2502,7 +2552,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo x = t; binOp = BinaryExpr.Opcode.Exp;
break;
}
- default: SynErr(202); break;
+ default: SynErr(203); break;
}
if (k == null) {
op = new Microsoft.Dafny.CalcStmt.BinaryCalcOp(binOp);
@@ -2514,7 +2564,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo void Hint(out BlockStmt s) {
Contract.Ensures(Contract.ValueAtReturn(out s) != null); // returns an empty block statement if the hint is empty
- var subhints = new List<Statement/*!*/>();
+ var subhints = new List<Statement/*!*/>();
IToken bodyStart, bodyEnd;
BlockStmt/*!*/ block;
Statement/*!*/ calc;
@@ -2530,7 +2580,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo endTok = calc.EndTok; subhints.Add(calc);
}
}
- s = new BlockStmt(x, endTok, subhints); // if the hint is empty x is the first token of the next line, but it doesn't matter cause the block statement is just used as a container
+ s = new BlockStmt(x, endTok, subhints); // if the hint is empty x is the first token of the next line, but it doesn't matter cause the block statement is just used as a container
}
@@ -2539,7 +2589,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Get();
} else if (la.kind == 97) {
Get();
- } else SynErr(203);
+ } else SynErr(204);
}
void ImpliesOp() {
@@ -2547,7 +2597,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Get();
} else if (la.kind == 99) {
Get();
- } else SynErr(204);
+ } else SynErr(205);
}
void ExpliesOp() {
@@ -2555,7 +2605,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Get();
} else if (la.kind == 101) {
Get();
- } else SynErr(205);
+ } else SynErr(206);
}
void EquivExpression(out Expression e0, bool allowSemi) {
@@ -2572,7 +2622,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo void ImpliesExpliesExpression(out Expression e0, bool allowSemi) {
Contract.Ensures(Contract.ValueAtReturn(out e0) != null); IToken/*!*/ x; Expression/*!*/ e1;
LogicalExpression(out e0, allowSemi);
- if (StartOf(26)) {
+ if (StartOf(28)) {
if (la.kind == 98 || la.kind == 99) {
ImpliesOp();
x = t;
@@ -2596,7 +2646,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo void LogicalExpression(out Expression e0, bool allowSemi) {
Contract.Ensures(Contract.ValueAtReturn(out e0) != null); IToken/*!*/ x; Expression/*!*/ e1;
RelationalExpression(out e0, allowSemi);
- if (StartOf(27)) {
+ if (StartOf(29)) {
if (la.kind == 102 || la.kind == 103) {
AndOp();
x = t;
@@ -2650,7 +2700,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Term(out e0, allowSemi);
e = e0;
- if (StartOf(28)) {
+ if (StartOf(30)) {
RelOp(out x, out op, out k);
firstOpTok = x;
Term(out e1, allowSemi);
@@ -2663,7 +2713,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo e = new TernaryExpr(x, op == BinaryExpr.Opcode.Eq ? TernaryExpr.Opcode.PrefixEqOp : TernaryExpr.Opcode.PrefixNeqOp, k, e0, e1);
}
- while (StartOf(28)) {
+ while (StartOf(30)) {
if (chain == null) {
chain = new List<Expression>();
ops = new List<BinaryExpr.Opcode>();
@@ -2740,7 +2790,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Get();
} else if (la.kind == 103) {
Get();
- } else SynErr(206);
+ } else SynErr(207);
}
void OrOp() {
@@ -2748,7 +2798,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Get();
} else if (la.kind == 105) {
Get();
- } else SynErr(207);
+ } else SynErr(208);
}
void Term(out Expression e0, bool allowSemi) {
@@ -2768,7 +2818,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo k = null;
switch (la.kind) {
- case 32: {
+ case 33: {
Get();
x = t; op = BinaryExpr.Opcode.Eq;
if (la.kind == 89) {
@@ -2815,7 +2865,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo x = t; op = BinaryExpr.Opcode.In;
break;
}
- case 13: {
+ case 14: {
Get();
x = t; op = BinaryExpr.Opcode.NotIn;
break;
@@ -2853,14 +2903,14 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo x = t; op = BinaryExpr.Opcode.Ge;
break;
}
- default: SynErr(208); break;
+ default: SynErr(209); break;
}
}
void Factor(out Expression e0, bool allowSemi) {
Contract.Ensures(Contract.ValueAtReturn(out e0) != null); IToken/*!*/ x; Expression/*!*/ e1; BinaryExpr.Opcode op;
UnaryExpression(out e0, allowSemi);
- while (la.kind == 12 || la.kind == 110 || la.kind == 111) {
+ while (la.kind == 13 || la.kind == 110 || la.kind == 111) {
MulOp(out x, out op);
UnaryExpression(out e1, allowSemi);
e0 = new BinaryExpr(x, op, e0, e1);
@@ -2875,7 +2925,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo } else if (la.kind == 109) {
Get();
x = t; op = BinaryExpr.Opcode.Sub;
- } else SynErr(209);
+ } else SynErr(210);
}
void UnaryExpression(out Expression e, bool allowSemi) {
@@ -2895,7 +2945,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo e = new UnaryExpr(x, UnaryExpr.Opcode.Not, e);
break;
}
- case 24: case 29: case 56: case 66: case 72: case 76: case 82: case 83: case 85: case 88: case 121: case 122: case 123: {
+ case 25: case 30: case 56: case 66: case 72: case 76: case 82: case 83: case 85: case 88: case 121: case 122: case 123: {
EndlessExpression(out e, allowSemi);
break;
}
@@ -2930,25 +2980,25 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo }
} else if (la.kind == 1) {
MapComprehensionExpr(x, out e, allowSemi);
- } else if (StartOf(29)) {
+ } else if (StartOf(31)) {
SemErr("map must be followed by literal in brackets or comprehension.");
- } else SynErr(210);
+ } else SynErr(211);
break;
}
- case 2: case 3: case 4: case 11: case 28: case 54: case 55: case 113: case 114: case 115: case 116: case 117: case 118: {
+ case 2: case 3: case 4: case 11: case 29: case 54: case 55: case 113: case 114: case 115: case 116: case 117: case 118: {
ConstAtomExpression(out e);
while (la.kind == 61 || la.kind == 74) {
Suffix(ref e);
}
break;
}
- default: SynErr(211); break;
+ default: SynErr(212); break;
}
}
void MulOp(out IToken x, out BinaryExpr.Opcode op) {
Contract.Ensures(Contract.ValueAtReturn(out x) != null); x = Token.NoToken; op = BinaryExpr.Opcode.Add/*(dummy)*/;
- if (la.kind == 12) {
+ if (la.kind == 13) {
Get();
x = t; op = BinaryExpr.Opcode.Mul;
} else if (la.kind == 110) {
@@ -2957,7 +3007,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo } else if (la.kind == 111) {
Get();
x = t; op = BinaryExpr.Opcode.Mod;
- } else SynErr(212);
+ } else SynErr(213);
}
void NegOp() {
@@ -2965,7 +3015,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Get();
} else if (la.kind == 112) {
Get();
- } else SynErr(213);
+ } else SynErr(214);
}
void EndlessExpression(out Expression e, bool allowSemi) {
@@ -3004,7 +3054,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo e = new StmtExpr(s.Tok, s, e);
break;
}
- case 24: case 29: {
+ case 25: case 30: {
LetExpr(out e, allowSemi);
break;
}
@@ -3012,7 +3062,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo NamedExpr(out e, allowSemi);
break;
}
- default: SynErr(214); break;
+ default: SynErr(215); break;
}
}
@@ -3044,7 +3094,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo if (StartOf(16)) {
Expressions(args);
}
- Expect(33);
+ Expect(12);
}
e = new IdentifierSequence(idents, openParen, args);
}
@@ -3078,7 +3128,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo if (StartOf(16)) {
Expressions(args);
}
- Expect(33);
+ Expect(12);
e = new FunctionCallExpr(id, id.val, e, openParen, args);
}
if (!func) { e = new ExprDotName(id, e, id.val); }
@@ -3106,17 +3156,17 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo multipleLengths = new List<Expression>();
multipleLengths.Add(e0);
}
- takeRest = true;
+ takeRest = true;
if (StartOf(16)) {
Expression(out ee, true);
- multipleLengths.Add(ee);
+ multipleLengths.Add(ee);
takeRest = false;
}
}
- } else if (la.kind == 30 || la.kind == 75) {
- while (la.kind == 30) {
+ } else if (la.kind == 31 || la.kind == 75) {
+ while (la.kind == 31) {
Get();
Expression(out ee, true);
if (multipleIndices == null) {
@@ -3126,7 +3176,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo multipleIndices.Add(ee);
}
- } else SynErr(215);
+ } else SynErr(216);
} else if (la.kind == 120) {
Get();
anyDots = true;
@@ -3134,11 +3184,11 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Expression(out ee, true);
e1 = ee;
}
- } else SynErr(216);
+ } else SynErr(217);
if (multipleIndices != null) {
e = new MultiSelectExpr(x, e, multipleIndices);
// make sure an array class with this dimensionality exists
- UserDefinedType tmp = theBuiltIns.ArrayType(x, multipleIndices.Count, new IntType(), true);
+ var tmp = theBuiltIns.ArrayType(multipleIndices.Count, new IntType(), true);
} else {
if (!anyDots && e0 == null) {
/* a parsing error occurred */
@@ -3175,7 +3225,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo }
Expect(75);
- } else SynErr(217);
+ } else SynErr(218);
}
void DisplayExpr(out Expression e) {
@@ -3199,7 +3249,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo }
e = new SeqDisplayExpr(x, elements);
Expect(75);
- } else SynErr(218);
+ } else SynErr(219);
}
void MultiSetExpr(out Expression e) {
@@ -3222,10 +3272,10 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo x = t; elements = new List<Expression/*!*/>();
Expression(out e, true);
e = new MultiSetFormingExpr(x, e);
- Expect(33);
- } else if (StartOf(30)) {
+ Expect(12);
+ } else if (StartOf(32)) {
SemErr("multiset must be followed by multiset literal or expression to coerce in parentheses.");
- } else SynErr(219);
+ } else SynErr(220);
}
void MapDisplayExpr(IToken/*!*/ mapToken, out Expression e) {
@@ -3250,7 +3300,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo IdentTypeOptional(out bv);
bvars.Add(bv);
- if (la.kind == 28) {
+ if (la.kind == 29) {
Get();
Expression(out range, true);
}
@@ -3301,7 +3351,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo x = t;
Expect(11);
Expression(out e, true);
- Expect(33);
+ Expect(12);
e = new FreshExpr(x, e);
break;
}
@@ -3310,24 +3360,20 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo x = t;
Expect(11);
Expression(out e, true);
- Expect(33);
+ Expect(12);
e = new OldExpr(x, e);
break;
}
- case 28: {
+ case 29: {
Get();
x = t;
Expression(out e, true);
e = new UnaryExpr(x, UnaryExpr.Opcode.SeqLength, e);
- Expect(28);
+ Expect(29);
break;
}
case 11: {
- Get();
- x = t;
- Expression(out e, true);
- e = new ParensExpression(x, e);
- Expect(33);
+ ParensExpression(out e);
break;
}
case 55: {
@@ -3336,10 +3382,10 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Expect(11);
IToken openParen = t;
Expression(out e, true);
- Expect(33);
+ Expect(12);
IToken classTok = new Token(t.line, t.col); classTok.val = "Real";
IToken fnTok = new Token(t.line, t.col); fnTok.val = "IntToReal";
- //e = new IdentifierSequence(new List<IToken>() { classTok, fnTok }, openParen, new List<Expression/*!*/>() { e });
+ //e = new IdentifierSequence(new List<IToken>() { classTok, fnTok }, openParen, new List<Expression/*!*/>() { e });
e = new FunctionCallExpr(x, "IntToReal", new StaticReceiverExpr(x, theBuiltIns.RealClass), openParen, new List<Expression/*!*/>() { e });
break;
@@ -3350,15 +3396,15 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Expect(11);
IToken openParen = t;
Expression(out e, true);
- Expect(33);
+ Expect(12);
IToken classTok = new Token(t.line, t.col); classTok.val = "Real";
IToken fnTok = new Token(t.line, t.col); fnTok.val = "RealToInt";
- //e = new IdentifierSequence(new List<IToken>() { classTok, fnTok }, openParen, new List<Expression/*!*/>() { e });
+ //e = new IdentifierSequence(new List<IToken>() { classTok, fnTok }, openParen, new List<Expression/*!*/>() { e });
e = new FunctionCallExpr(x, "RealToInt", new StaticReceiverExpr(x, theBuiltIns.RealClass), openParen, new List<Expression/*!*/>() { e });
break;
}
- default: SynErr(220); break;
+ default: SynErr(221); break;
}
}
@@ -3383,7 +3429,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo n = BigInteger.Zero;
}
- } else SynErr(221);
+ } else SynErr(222);
}
void Dec(out Basetypes.BigDec d) {
@@ -3398,6 +3444,41 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo }
+ void ParensExpression(out Expression e) {
+ IToken x;
+ List<Expression> args = null;
+
+ Expect(11);
+ x = t; e = null;
+ if (la.kind == 12) {
+ Get();
+ var tmp = theBuiltIns.TupleType(x, 0, true);
+ e = new DatatypeValue(x, BuiltIns.TupleTypeName(0), BuiltIns.TupleTypeCtorName, new List<Expression>());
+
+ } else if (StartOf(16)) {
+ Expression(out e, true);
+ while (la.kind == 31) {
+ Get();
+ if (args == null) {
+ args = new List<Expression>();
+ args.Add(e); // add the first argument, which was parsed above
+ }
+
+ Expression(out e, true);
+ args.Add(e);
+ }
+ Expect(12);
+ if (args == null) {
+ e = new ParensExpression(x, e);
+ } else {
+ // make sure the corresponding tuple type exists
+ var tmp = theBuiltIns.TupleType(x, args.Count, true);
+ e = new DatatypeValue(x, BuiltIns.TupleTypeName(args.Count), BuiltIns.TupleTypeCtorName, args);
+ }
+
+ } else SynErr(223);
+ }
+
void MapLiteralExpressions(out List<ExpressionPair> elements) {
Expression/*!*/ d, r;
elements = new List<ExpressionPair/*!*/>();
@@ -3405,7 +3486,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Expect(69);
Expression(out r, true);
elements.Add(new ExpressionPair(d,r));
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
Expression(out d, true);
Expect(69);
@@ -3419,21 +3500,31 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Get();
} else if (la.kind == 125) {
Get();
- } else SynErr(222);
+ } else SynErr(224);
}
void MatchExpression(out Expression e, bool allowSemi) {
Contract.Ensures(Contract.ValueAtReturn(out e) != null); IToken/*!*/ x; MatchCaseExpr/*!*/ c;
List<MatchCaseExpr/*!*/> cases = new List<MatchCaseExpr/*!*/>();
+ bool usesOptionalBrace = false;
Expect(82);
x = t;
Expression(out e, allowSemi);
+ if (la.kind == 9) {
+ Get();
+ usesOptionalBrace = true;
+ }
while (la.kind == 78) {
CaseExpression(out c, allowSemi);
cases.Add(c);
}
- e = new MatchExpr(x, e, cases);
+ if (CloseOptionalBrace(usesOptionalBrace)) {
+ Expect(10);
+ } else if (StartOf(31)) {
+ if (usesOptionalBrace) { SemErr(t, "expecting close curly brace"); }
+ } else SynErr(225);
+ e = new MatchExpr(x, e, cases, usesOptionalBrace);
}
void QuantifierGuts(out Expression q, bool allowSemi) {
@@ -3450,7 +3541,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo } else if (la.kind == 122 || la.kind == 123) {
Exists();
x = t;
- } else SynErr(223);
+ } else SynErr(226);
QuantifierDomain(out bvars, out attrs, out range);
QSep();
Expression(out body, allowSemi);
@@ -3474,12 +3565,12 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo x = t;
IdentTypeOptional(out bv);
bvars.Add(bv);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
IdentTypeOptional(out bv);
bvars.Add(bv);
}
- Expect(28);
+ Expect(29);
Expression(out range, allowSemi);
if (la.kind == 124 || la.kind == 125) {
QSep();
@@ -3498,7 +3589,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo AssumeStmt(out s);
} else if (la.kind == 88) {
CalcStmt(out s);
- } else SynErr(224);
+ } else SynErr(227);
}
void LetExpr(out Expression e, bool allowSemi) {
@@ -3510,17 +3601,17 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo bool exact = true;
e = dummyExpr;
- if (la.kind == 24) {
+ if (la.kind == 25) {
Get();
isGhost = true; x = t;
}
- Expect(29);
+ Expect(30);
if (!isGhost) { x = t; }
CasePattern(out pat);
if (isGhost) { pat.Vars.Iter(bv => bv.IsGhost = true); }
letLHSs.Add(pat);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
CasePattern(out pat);
if (isGhost) { pat.Vars.Iter(bv => bv.IsGhost = true); }
@@ -3538,10 +3629,10 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo }
}
- } else SynErr(225);
+ } else SynErr(228);
Expression(out e, false);
letRHSs.Add(e);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
Expression(out e, false);
letRHSs.Add(e);
@@ -3577,19 +3668,19 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo if (la.kind == 1) {
CasePattern(out pat);
arguments.Add(pat);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
CasePattern(out pat);
arguments.Add(pat);
}
}
- Expect(33);
+ Expect(12);
pat = new CasePattern(id, id.val, arguments);
} else if (la.kind == 1) {
IdentTypeOptional(out bv);
- pat = new CasePattern(bv.tok, bv);
+ pat = new CasePattern(bv.tok, bv);
- } else SynErr(226);
+ } else SynErr(229);
}
void CaseExpression(out MatchCaseExpr c, bool allowSemi) {
@@ -3605,12 +3696,12 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Get();
IdentTypeOptional(out bv);
arguments.Add(bv);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
IdentTypeOptional(out bv);
arguments.Add(bv);
}
- Expect(33);
+ Expect(12);
}
Expect(79);
Expression(out body, allowSemi);
@@ -3622,7 +3713,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Get();
} else if (la.kind == 121) {
Get();
- } else SynErr(227);
+ } else SynErr(230);
}
void Exists() {
@@ -3630,7 +3721,7 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Get();
} else if (la.kind == 123) {
Get();
- } else SynErr(228);
+ } else SynErr(231);
}
void AttributeBody(ref Attributes attrs) {
@@ -3641,10 +3732,10 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo Expect(7);
Expect(1);
aName = t.val;
- if (StartOf(31)) {
+ if (StartOf(33)) {
AttributeArg(out aArg, true);
aArgs.Add(aArg);
- while (la.kind == 30) {
+ while (la.kind == 31) {
Get();
AttributeArg(out aArg, true);
aArgs.Add(aArg);
@@ -3666,38 +3757,40 @@ List<Expression/*!*/>/*!*/ decreases, ref Attributes decAttrs, ref Attributes mo }
static readonly bool[,]/*!*/ set = {
- {T,T,T,T, T,x,x,x, T,T,x,T, x,x,x,x, x,x,x,x, x,x,x,T, T,x,T,T, T,T,x,x, x,x,T,x, x,T,x,x, T,T,T,T, T,T,T,T, T,T,T,T, x,x,T,T, x,x,x,x, x,x,x,x, x,x,T,T, x,x,T,x, T,x,x,x, T,x,x,x, T,T,T,T, T,T,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,T,T,T, T,T,T,x, x,x,x,x, x,x,x,x},
- {x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,T, T,x,T,x, x,x,x,T, T,T,T,T, x,T,x,T, x,x,T,x, x,x,x,x, T,T,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
- {x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, T,T,x,x, x,T,x,x, x,x,x,x, x,x,x,x, T,T,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
+ {T,T,T,T, T,x,x,x, T,T,x,T, x,x,x,x, x,x,x,x, x,x,x,x, T,T,x,T, T,T,T,x, x,x,T,x, x,T,x,x, T,T,T,T, T,T,T,T, T,T,T,T, x,x,T,T, x,x,x,x, x,x,x,x, x,x,T,T, x,x,T,x, T,x,x,x, T,x,x,x, T,T,T,T, T,T,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,T,T,T, T,T,T,x, x,x,x,x, x,x,x,x},
+ {x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, T,T,x,T, x,x,x,x, T,T,T,T, T,x,T,x, T,x,T,x, x,x,x,x, T,T,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
+ {x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,T,T,x, x,x,T,x, x,x,x,x, x,x,x,x, T,T,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
{x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,T,T,T, T,T,T,T, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
{x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, T,T,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
- {T,x,x,x, x,x,x,x, x,T,T,T, x,x,x,T, T,x,T,x, x,x,x,T, T,T,T,T, x,T,x,T, x,x,T,x, x,x,T,x, T,T,T,T, T,x,x,T, T,T,T,x, x,x,x,x, x,x,x,x, x,x,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
+ {T,x,x,x, x,x,x,x, x,T,T,T, x,x,x,x, T,T,x,T, x,x,x,x, T,T,T,T, T,x,T,x, T,x,T,x, x,x,T,x, T,T,T,T, T,x,x,T, T,T,T,x, x,x,x,x, x,x,x,x, x,x,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
{x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,T, T,T,T,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
{T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, T,T,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
{x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,T,T,T, T,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
- {x,T,T,x, x,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, T,T,T,T, T,T,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
- {x,T,x,x, x,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, T,T,T,T, T,T,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
+ {x,T,T,x, x,T,x,x, x,x,x,T, x,x,x,x, x,x,x,x, x,x,x,x, x,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, T,T,T,T, T,T,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
+ {x,T,x,x, x,T,x,x, x,x,x,T, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, T,T,T,T, T,T,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
{T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,T,T,T, T,T,T,T, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
- {x,T,T,T, T,x,x,x, x,T,x,T, x,x,x,x, x,x,x,x, x,x,x,x, T,x,x,x, T,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,x,T, x,x,x,x, x,T,T,x, x,x,x,x, T,x,T,x, T,x,x,x, x,x,T,T, x,T,x,x, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,T, x,T,x,x, T,T,T,T, T,T,T,x, x,T,T,T, x,x,x,x},
+ {x,T,T,T, T,x,x,x, x,T,x,T, x,x,x,x, x,x,x,x, x,x,x,x, x,T,x,x, x,T,T,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,x,T, x,x,x,x, x,T,T,x, x,x,x,x, T,x,T,x, T,x,x,x, x,x,T,T, x,T,x,x, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,T, x,T,x,x, T,T,T,T, T,T,T,x, x,T,T,T, x,x,x,x},
{x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,x,x,T, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
- {x,T,T,T, T,x,x,x, x,T,x,T, x,x,x,x, x,x,x,x, x,x,x,x, T,x,x,x, T,T,x,x, x,x,x,x, x,T,x,x, x,x,x,x, x,x,x,x, x,x,x,T, x,x,T,T, x,x,x,x, x,x,x,x, x,x,T,T, x,x,T,x, T,x,x,x, T,x,x,x, T,x,T,T, T,T,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,T,T,T, T,T,T,x, x,x,x,x, x,x,x,x},
+ {x,T,T,T, T,x,x,x, x,T,x,T, x,x,x,x, x,x,x,x, x,x,x,x, x,T,x,x, x,T,T,x, x,x,x,x, x,T,x,x, x,x,x,x, x,x,x,x, x,x,x,T, x,x,T,T, x,x,x,x, x,x,x,x, x,x,T,T, x,x,T,x, T,x,x,x, T,x,x,x, T,x,T,T, T,T,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,T,T,T, T,T,T,x, x,x,x,x, x,x,x,x},
{T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,T,T,T, T,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
- {x,T,T,T, T,x,x,x, x,T,x,T, x,x,x,x, x,x,x,x, x,x,x,x, T,x,x,x, T,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,x,T, x,x,x,x, x,x,T,x, x,x,x,x, T,x,T,x, T,x,x,x, x,x,T,T, x,T,x,x, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,T, x,T,x,x, T,T,T,T, T,T,T,x, x,T,T,T, x,x,x,x},
- {x,T,T,T, T,x,x,x, x,T,x,T, T,x,x,x, x,x,x,x, x,x,x,x, T,x,x,x, T,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,x,T, x,x,x,x, x,T,T,x, x,x,x,x, T,x,T,x, T,x,x,x, x,x,T,T, x,T,x,x, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,T, x,T,x,x, T,T,T,T, T,T,T,x, x,T,T,T, x,x,x,x},
- {T,T,T,T, T,x,x,x, x,T,x,T, x,x,x,x, x,x,x,x, x,x,x,x, T,x,x,x, T,T,x,x, x,x,x,x, x,T,x,x, x,x,x,x, x,x,x,x, x,x,x,T, x,x,T,T, x,x,x,x, x,x,x,x, x,x,T,T, x,x,T,x, T,x,x,x, T,x,x,x, T,x,T,T, T,T,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,T,T,T, T,T,T,x, x,x,x,x, x,x,x,x},
- {x,T,T,T, T,x,x,x, x,T,x,T, T,x,x,x, x,x,x,x, x,x,x,x, T,x,x,x, T,T,x,x, x,x,x,x, x,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,x,T, x,x,x,x, x,x,T,x, x,x,x,x, T,x,T,x, T,x,x,x, x,x,T,T, x,T,x,x, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,T, x,T,x,x, T,T,T,T, T,T,T,x, x,T,T,T, x,x,x,x},
- {x,T,T,T, T,x,x,x, x,T,x,T, T,x,x,x, x,x,x,x, x,x,x,x, T,x,x,x, T,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,x,T, x,x,x,x, x,x,T,x, x,x,x,x, T,x,T,x, T,x,x,x, x,x,T,T, x,T,x,x, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,T, x,T,x,x, T,T,T,T, T,T,T,x, x,T,T,T, x,x,x,x},
- {x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, T,x,x,x, x,x,T,T, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,T,T, T,T,T,T, T,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
- {x,T,T,T, T,x,x,x, x,T,x,T, x,x,x,x, x,x,x,x, x,x,x,x, T,x,x,x, T,T,x,x, x,x,x,x, x,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,x,T, x,x,x,x, x,T,T,x, x,x,x,x, T,x,T,x, T,x,x,x, x,x,T,T, x,T,x,x, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,T, x,T,x,x, T,T,T,T, T,T,T,x, x,T,T,T, x,x,x,x},
- {x,T,T,T, T,x,x,x, x,T,x,T, T,x,x,x, x,x,x,x, x,x,x,x, T,x,x,x, T,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,x,T, x,x,x,x, x,x,T,x, x,x,x,x, T,T,T,x, T,x,x,x, x,x,T,T, x,T,x,x, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,T, x,T,x,x, T,T,T,T, T,T,T,x, x,T,T,T, x,x,x,x},
- {x,x,T,T, T,x,x,x, x,x,x,T, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,T,T,T, T,T,T,x, x,x,x,x, x,x,x,x},
+ {x,T,T,T, T,x,x,x, x,T,x,T, x,x,x,x, x,x,x,x, x,x,x,x, x,T,x,x, x,T,T,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,x,T, x,x,x,x, x,x,T,x, x,x,x,x, T,x,T,x, T,x,x,x, x,x,T,T, x,T,x,x, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,T, x,T,x,x, T,T,T,T, T,T,T,x, x,T,T,T, x,x,x,x},
+ {x,T,T,T, T,x,x,x, x,T,x,T, x,T,x,x, x,x,x,x, x,x,x,x, x,T,x,x, x,T,T,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,x,T, x,x,x,x, x,T,T,x, x,x,x,x, T,x,T,x, T,x,x,x, x,x,T,T, x,T,x,x, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,T, x,T,x,x, T,T,T,T, T,T,T,x, x,T,T,T, x,x,x,x},
+ {T,T,T,T, T,x,x,x, x,T,x,T, x,x,x,x, x,x,x,x, x,x,x,x, x,T,x,x, x,T,T,x, x,x,x,x, x,T,x,x, x,x,x,x, x,x,x,x, x,x,x,T, x,x,T,T, x,x,x,x, x,x,x,x, x,x,T,T, x,x,T,x, T,x,x,x, T,x,x,x, T,x,T,T, T,T,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,T,T,T, T,T,T,x, x,x,x,x, x,x,x,x},
+ {x,T,T,T, T,x,x,x, x,T,x,T, x,T,x,x, x,x,x,x, x,x,x,x, x,T,x,x, x,T,T,x, x,x,x,x, x,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,x,T, x,x,x,x, x,x,T,x, x,x,x,x, T,x,T,x, T,x,x,x, x,x,T,T, x,T,x,x, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,T, x,T,x,x, T,T,T,T, T,T,T,x, x,T,T,T, x,x,x,x},
+ {x,T,T,T, T,x,x,x, x,T,x,T, x,T,x,x, x,x,x,x, x,x,x,x, x,T,x,x, x,T,T,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,x,T, x,x,x,x, x,x,T,x, x,x,x,x, T,x,T,x, T,x,x,x, x,x,T,T, x,T,x,x, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,T, x,T,x,x, T,T,T,T, T,T,T,x, x,T,T,T, x,x,x,x},
+ {x,T,T,T, T,x,x,x, x,T,T,T, x,x,x,x, x,x,x,x, x,x,x,x, x,T,x,x, x,T,T,x, x,x,x,x, x,T,x,x, x,x,x,x, x,x,x,x, x,x,x,T, x,x,T,T, x,x,x,x, x,x,x,x, x,x,T,T, x,x,T,x, T,x,x,x, T,x,T,x, T,x,T,T, T,T,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,T,T,T, T,T,T,x, x,x,x,x, x,x,x,x},
+ {x,T,T,T, T,x,x,x, x,T,T,T, x,x,x,x, x,x,x,x, x,x,x,x, x,T,x,x, x,T,T,x, x,x,x,x, x,T,x,x, x,x,x,x, x,x,T,x, T,x,x,T, x,x,T,T, x,x,x,x, x,x,x,x, x,x,T,T, x,x,T,x, T,x,x,x, T,x,T,x, T,x,T,T, T,T,T,T, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,T,T,T, T,T,T,x, x,x,x,x, x,x,x,x},
+ {x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,T,x,x, x,x,T,T, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,T,T, T,T,T,T, T,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
+ {x,T,T,T, T,x,x,x, x,T,x,T, x,x,x,x, x,x,x,x, x,x,x,x, x,T,x,x, x,T,T,x, x,x,x,x, x,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,x,T, x,x,x,x, x,T,T,x, x,x,x,x, T,x,T,x, T,x,x,x, x,x,T,T, x,T,x,x, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,T, x,T,x,x, T,T,T,T, T,T,T,x, x,T,T,T, x,x,x,x},
+ {x,T,T,T, T,x,x,x, x,T,x,T, x,T,x,x, x,x,x,x, x,x,x,x, x,T,x,x, x,T,T,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,x,T, x,x,x,x, x,x,T,x, x,x,x,x, T,T,T,x, T,x,x,x, x,x,T,T, x,T,x,x, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,T, x,T,x,x, T,T,T,T, T,T,T,x, x,T,T,T, x,x,x,x},
+ {x,x,T,T, T,x,x,x, x,x,x,T, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,T,T,T, T,T,T,x, x,x,x,x, x,x,x,x},
{x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,T,T,x, x,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
{x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
{x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
- {x,x,x,x, x,x,x,x, x,x,x,x, x,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, T,x,x,x, x,x,T,T, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,T,T, x,x,x,x, x,x,x,x, x,x,T,T, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
- {x,x,x,x, x,x,x,T, T,T,T,x, T,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, T,x,T,x, T,T,x,x, x,T,T,T, x,x,x,x, x,T,T,x, T,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,T,x,x, x,T,x,x, x,x,x,T, x,T,T,T, x,T,x,x, x,x,x,x, x,x,T,T, T,T,T,T, T,T,T,T, T,T,T,T, T,T,T,T, T,T,T,T, x,x,x,x, x,x,x,T, T,x,x,x, T,T,x,x},
- {x,x,x,x, x,x,x,T, T,T,T,x, T,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, T,x,T,x, T,T,x,x, x,T,T,T, x,x,x,x, x,T,T,x, T,T,x,x, x,x,x,x, x,x,x,x, x,T,x,x, x,T,x,x, x,T,x,x, x,x,T,T, x,T,T,T, x,T,x,x, x,x,x,x, x,x,T,T, T,T,T,T, T,T,T,T, T,T,T,T, T,T,T,T, T,T,T,T, x,x,x,x, x,x,x,T, T,x,x,x, T,T,x,x},
- {x,T,T,T, T,x,T,x, x,T,x,T, x,x,x,x, x,x,x,x, x,x,x,x, T,x,x,x, T,T,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,x,T, x,x,x,x, x,x,T,x, x,x,x,x, T,x,T,x, T,x,x,x, x,x,T,T, x,T,x,x, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,T, x,T,x,x, T,T,T,T, T,T,T,x, x,T,T,T, x,x,x,x}
+ {x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,T,x,x, x,x,T,T, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,T,T, x,x,x,x, x,x,x,x, x,x,T,T, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x},
+ {x,T,T,T, T,x,x,T, T,T,T,T, T,T,T,x, x,x,x,x, x,x,x,x, x,T,x,x, x,T,T,T, x,T,x,x, x,T,T,T, x,x,x,x, x,T,T,x, T,T,x,T, x,x,T,T, x,x,x,x, x,x,x,x, x,T,T,T, x,T,T,x, T,x,x,T, T,T,T,T, T,T,T,T, T,T,T,T, T,x,T,T, T,T,T,T, T,T,T,T, T,T,T,T, T,T,T,T, T,T,T,T, x,T,T,T, T,T,T,T, T,x,x,x, T,T,x,x},
+ {x,T,T,T, T,x,x,T, T,T,T,T, T,T,T,x, x,x,x,x, x,x,x,x, x,T,x,x, x,T,T,T, x,T,x,x, x,T,T,T, x,x,x,x, x,T,T,x, T,T,x,T, x,x,T,T, x,x,x,x, x,T,x,x, x,T,T,T, x,T,T,x, T,x,T,T, T,T,T,T, T,T,T,T, T,T,T,T, T,x,T,T, T,T,T,T, T,T,T,T, T,T,T,T, T,T,T,T, T,T,T,T, x,T,T,T, T,T,T,T, T,x,x,x, T,T,x,x},
+ {x,T,T,T, T,x,T,x, x,T,x,T, x,x,x,x, x,x,x,x, x,x,x,x, x,T,x,x, x,T,T,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,T,T, T,T,x,T, x,x,x,x, x,x,T,x, x,x,x,x, T,x,T,x, T,x,x,x, x,x,T,T, x,T,x,x, T,x,x,x, x,x,x,x, x,x,x,x, x,x,x,x, x,x,x,T, x,T,x,x, T,T,T,T, T,T,T,x, x,T,T,T, x,x,x,x}
};
} // end Parser
@@ -3734,28 +3827,28 @@ public class Errors { case 9: s = "lbrace expected"; break;
case 10: s = "rbrace expected"; break;
case 11: s = "openparen expected"; break;
- case 12: s = "star expected"; break;
- case 13: s = "notIn expected"; break;
- case 14: s = "\"include\" expected"; break;
- case 15: s = "\"abstract\" expected"; break;
- case 16: s = "\"module\" expected"; break;
- case 17: s = "\"refines\" expected"; break;
- case 18: s = "\"import\" expected"; break;
- case 19: s = "\"opened\" expected"; break;
- case 20: s = "\"=\" expected"; break;
- case 21: s = "\"as\" expected"; break;
- case 22: s = "\"default\" expected"; break;
- case 23: s = "\"class\" expected"; break;
- case 24: s = "\"ghost\" expected"; break;
- case 25: s = "\"static\" expected"; break;
- case 26: s = "\"datatype\" expected"; break;
- case 27: s = "\"codatatype\" expected"; break;
- case 28: s = "\"|\" expected"; break;
- case 29: s = "\"var\" expected"; break;
- case 30: s = "\",\" expected"; break;
- case 31: s = "\"type\" expected"; break;
- case 32: s = "\"==\" expected"; break;
- case 33: s = "\")\" expected"; break;
+ case 12: s = "closeparen expected"; break;
+ case 13: s = "star expected"; break;
+ case 14: s = "notIn expected"; break;
+ case 15: s = "\"include\" expected"; break;
+ case 16: s = "\"abstract\" expected"; break;
+ case 17: s = "\"module\" expected"; break;
+ case 18: s = "\"refines\" expected"; break;
+ case 19: s = "\"import\" expected"; break;
+ case 20: s = "\"opened\" expected"; break;
+ case 21: s = "\"=\" expected"; break;
+ case 22: s = "\"as\" expected"; break;
+ case 23: s = "\"default\" expected"; break;
+ case 24: s = "\"class\" expected"; break;
+ case 25: s = "\"ghost\" expected"; break;
+ case 26: s = "\"static\" expected"; break;
+ case 27: s = "\"datatype\" expected"; break;
+ case 28: s = "\"codatatype\" expected"; break;
+ case 29: s = "\"|\" expected"; break;
+ case 30: s = "\"var\" expected"; break;
+ case 31: s = "\",\" expected"; break;
+ case 32: s = "\"type\" expected"; break;
+ case 33: s = "\"==\" expected"; break;
case 34: s = "\"iterator\" expected"; break;
case 35: s = "\"yields\" expected"; break;
case 36: s = "\"returns\" expected"; break;
@@ -3909,48 +4002,51 @@ public class Errors { case 184: s = "invalid IfStmt"; break;
case 185: s = "invalid WhileStmt"; break;
case 186: s = "invalid WhileStmt"; break;
- case 187: s = "invalid ForallStmt"; break;
+ case 187: s = "invalid MatchStmt"; break;
case 188: s = "invalid ForallStmt"; break;
- case 189: s = "this symbol not expected in ModifyStmt"; break;
- case 190: s = "invalid ModifyStmt"; break;
- case 191: s = "invalid ReturnStmt"; break;
- case 192: s = "invalid Rhs"; break;
- case 193: s = "invalid Lhs"; break;
- case 194: s = "invalid Guard"; break;
- case 195: s = "this symbol not expected in LoopSpec"; break;
+ case 189: s = "invalid ForallStmt"; break;
+ case 190: s = "this symbol not expected in ModifyStmt"; break;
+ case 191: s = "invalid ModifyStmt"; break;
+ case 192: s = "invalid ReturnStmt"; break;
+ case 193: s = "invalid Rhs"; break;
+ case 194: s = "invalid Lhs"; break;
+ case 195: s = "invalid Guard"; break;
case 196: s = "this symbol not expected in LoopSpec"; break;
case 197: s = "this symbol not expected in LoopSpec"; break;
case 198: s = "this symbol not expected in LoopSpec"; break;
case 199: s = "this symbol not expected in LoopSpec"; break;
- case 200: s = "this symbol not expected in Invariant"; break;
- case 201: s = "invalid AttributeArg"; break;
- case 202: s = "invalid CalcOp"; break;
- case 203: s = "invalid EquivOp"; break;
- case 204: s = "invalid ImpliesOp"; break;
- case 205: s = "invalid ExpliesOp"; break;
- case 206: s = "invalid AndOp"; break;
- case 207: s = "invalid OrOp"; break;
- case 208: s = "invalid RelOp"; break;
- case 209: s = "invalid AddOp"; break;
- case 210: s = "invalid UnaryExpression"; break;
+ case 200: s = "this symbol not expected in LoopSpec"; break;
+ case 201: s = "this symbol not expected in Invariant"; break;
+ case 202: s = "invalid AttributeArg"; break;
+ case 203: s = "invalid CalcOp"; break;
+ case 204: s = "invalid EquivOp"; break;
+ case 205: s = "invalid ImpliesOp"; break;
+ case 206: s = "invalid ExpliesOp"; break;
+ case 207: s = "invalid AndOp"; break;
+ case 208: s = "invalid OrOp"; break;
+ case 209: s = "invalid RelOp"; break;
+ case 210: s = "invalid AddOp"; break;
case 211: s = "invalid UnaryExpression"; break;
- case 212: s = "invalid MulOp"; break;
- case 213: s = "invalid NegOp"; break;
- case 214: s = "invalid EndlessExpression"; break;
- case 215: s = "invalid Suffix"; break;
+ case 212: s = "invalid UnaryExpression"; break;
+ case 213: s = "invalid MulOp"; break;
+ case 214: s = "invalid NegOp"; break;
+ case 215: s = "invalid EndlessExpression"; break;
case 216: s = "invalid Suffix"; break;
case 217: s = "invalid Suffix"; break;
- case 218: s = "invalid DisplayExpr"; break;
- case 219: s = "invalid MultiSetExpr"; break;
- case 220: s = "invalid ConstAtomExpression"; break;
- case 221: s = "invalid Nat"; break;
- case 222: s = "invalid QSep"; break;
- case 223: s = "invalid QuantifierGuts"; break;
- case 224: s = "invalid StmtInExpr"; break;
- case 225: s = "invalid LetExpr"; break;
- case 226: s = "invalid CasePattern"; break;
- case 227: s = "invalid Forall"; break;
- case 228: s = "invalid Exists"; break;
+ case 218: s = "invalid Suffix"; break;
+ case 219: s = "invalid DisplayExpr"; break;
+ case 220: s = "invalid MultiSetExpr"; break;
+ case 221: s = "invalid ConstAtomExpression"; break;
+ case 222: s = "invalid Nat"; break;
+ case 223: s = "invalid ParensExpression"; break;
+ case 224: s = "invalid QSep"; break;
+ case 225: s = "invalid MatchExpression"; break;
+ case 226: s = "invalid QuantifierGuts"; break;
+ case 227: s = "invalid StmtInExpr"; break;
+ case 228: s = "invalid LetExpr"; break;
+ case 229: s = "invalid CasePattern"; break;
+ case 230: s = "invalid Forall"; break;
+ case 231: s = "invalid Exists"; break;
default: s = "error " + n; break;
}
diff --git a/Source/Dafny/Printer.cs b/Source/Dafny/Printer.cs index 706f751c..3a0ab21c 100644 --- a/Source/Dafny/Printer.cs +++ b/Source/Dafny/Printer.cs @@ -48,7 +48,7 @@ namespace Microsoft.Dafny { Contract.Requires(expr != null);
using (var wr = new System.IO.StringWriter()) {
var pr = new Printer(wr);
- pr.PrintExtendedExpr(expr, 0, true, false);
+ pr.PrintExtendedExpr(expr, 0, true, false);
return wr.ToString();
}
}
@@ -565,7 +565,7 @@ namespace Microsoft.Dafny { }
}
- internal void PrintSpec(string kind, List<MaybeFreeExpression> ee, int indent) {
+ internal void PrintSpec(string kind, List<MaybeFreeExpression> ee, int indent, bool newLine = true) {
Contract.Requires(kind != null);
Contract.Requires(ee != null);
foreach (MaybeFreeExpression e in ee)
@@ -582,7 +582,11 @@ namespace Microsoft.Dafny { wr.Write(" ");
PrintExpression(e.E, true);
- wr.WriteLine(";");
+ if (newLine) {
+ wr.WriteLine(";");
+ } else {
+ wr.Write(";");
+ }
}
}
@@ -735,10 +739,12 @@ namespace Microsoft.Dafny { wr.Write(" ");
} else {
wr.WriteLine();
- PrintSpec("ensures", s.Ens, indent + IndentAmount);
+ PrintSpec("ensures", s.Ens, indent + IndentAmount, s.Body != null);
Indent(indent);
}
- PrintStatement(s.Body, indent);
+ if (s.Body != null) {
+ PrintStatement(s.Body, indent);
+ }
} else if (stmt is ModifyStmt) {
var s = (ModifyStmt)stmt;
@@ -789,9 +795,12 @@ namespace Microsoft.Dafny { MatchStmt s = (MatchStmt)stmt;
wr.Write("match ");
PrintExpression(s.Source, false);
- wr.WriteLine(" {");
- int caseInd = indent + IndentAmount;
+ if (s.UsesOptionalBraces) {
+ wr.Write(" {");
+ }
+ int caseInd = indent + (s.UsesOptionalBraces ? IndentAmount : 0);
foreach (MatchCaseStmt mc in s.Cases) {
+ wr.WriteLine();
Indent(caseInd);
wr.Write("case {0}", mc.Id);
if (mc.Arguments.Count != 0) {
@@ -802,15 +811,18 @@ namespace Microsoft.Dafny { }
wr.Write(")");
}
- wr.WriteLine(" =>");
+ wr.Write(" =>");
foreach (Statement bs in mc.Body) {
+ wr.WriteLine();
Indent(caseInd + IndentAmount);
PrintStatement(bs, caseInd + IndentAmount);
- wr.WriteLine();
}
}
- Indent(indent);
- wr.Write("}");
+ if (s.UsesOptionalBraces) {
+ wr.WriteLine();
+ Indent(indent);
+ wr.Write("}");
+ }
} else if (stmt is ConcreteUpdateStatement) {
var s = (ConcreteUpdateStatement)stmt;
@@ -1082,15 +1094,18 @@ namespace Microsoft.Dafny { } else if (expr is MatchExpr) {
var e = (MatchExpr)expr;
Indent(indent);
- var parensNeeded = !isRightmost;
+ var parensNeeded = !isRightmost && !e.UsesOptionalBraces;
if (parensNeeded) { wr.Write("("); }
wr.Write("match ");
PrintExpression(e.Source, isRightmost && e.Cases.Count == 0, false);
- if (parensNeeded && e.Cases.Count == 0) { wr.WriteLine(")"); } else { wr.WriteLine(); }
+ if (e.UsesOptionalBraces) { wr.WriteLine(" {"); }
+ else if (parensNeeded && e.Cases.Count == 0) { wr.WriteLine(")"); }
+ else { wr.WriteLine(); }
int i = 0;
+ int ind = indent + (e.UsesOptionalBraces ? IndentAmount : 0);
foreach (var mc in e.Cases) {
bool isLastCase = i == e.Cases.Count - 1;
- Indent(indent);
+ Indent(ind);
wr.Write("case {0}", mc.Id);
if (mc.Arguments.Count != 0) {
string sep = "(";
@@ -1101,9 +1116,13 @@ namespace Microsoft.Dafny { wr.Write(")");
}
wr.WriteLine(" =>");
- PrintExtendedExpr(mc.Body, indent + IndentAmount, isLastCase, isLastCase && (parensNeeded || endWithCloseParen));
+ PrintExtendedExpr(mc.Body, ind + IndentAmount, isLastCase, isLastCase && (parensNeeded || endWithCloseParen));
i++;
}
+ if (e.UsesOptionalBraces) {
+ Indent(indent);
+ wr.WriteLine("}");
+ }
} else if (expr is ParensExpression) {
PrintExtendedExpr(((ParensExpression)expr).E, indent, isRightmost, endWithCloseParen);
} else {
@@ -1184,9 +1203,16 @@ namespace Microsoft.Dafny { wr.Write(((IdentifierExpr)expr).Name);
} else if (expr is DatatypeValue) {
- DatatypeValue dtv = (DatatypeValue)expr;
- wr.Write("#{0}.{1}", dtv.DatatypeName, dtv.MemberName);
- if (dtv.Arguments.Count != 0) {
+ var dtv = (DatatypeValue)expr;
+ bool printParens;
+ if (dtv.MemberName == BuiltIns.TupleTypeCtorName) {
+ // we're looking at a tuple, whose printed constructor name is essentially the empty string
+ printParens = true;
+ } else {
+ wr.Write("{0}.{1}", dtv.DatatypeName, dtv.MemberName);
+ printParens = dtv.Arguments.Count != 0;
+ }
+ if (printParens) {
wr.Write("(");
PrintExpressionList(dtv.Arguments, false);
wr.Write(")");
@@ -1651,10 +1677,11 @@ namespace Microsoft.Dafny { } else if (expr is MatchExpr) {
var e = (MatchExpr)expr;
- var parensNeeded = !isRightmost;
+ var parensNeeded = !isRightmost && !e.UsesOptionalBraces;
if (parensNeeded) { wr.Write("("); }
wr.Write("match ");
PrintExpression(e.Source, isRightmost && e.Cases.Count == 0, !parensNeeded && isFollowedBySemicolon);
+ if (e.UsesOptionalBraces) { wr.Write(" {"); }
int i = 0;
foreach (var mc in e.Cases) {
bool isLastCase = i == e.Cases.Count - 1;
@@ -1671,7 +1698,8 @@ namespace Microsoft.Dafny { PrintExpression(mc.Body, isRightmost && isLastCase, !parensNeeded && isFollowedBySemicolon);
i++;
}
- if (parensNeeded) { wr.Write(")"); }
+ if (e.UsesOptionalBraces) { wr.Write(" }"); }
+ else if (parensNeeded) { wr.Write(")"); }
} else if (expr is BoxingCastExpr) {
// this is not expected for a parsed program, but we may be called for /trace purposes in the translator
diff --git a/Source/Dafny/Resolver.cs b/Source/Dafny/Resolver.cs index c1cbd61a..7115a95f 100644 --- a/Source/Dafny/Resolver.cs +++ b/Source/Dafny/Resolver.cs @@ -192,16 +192,17 @@ namespace Microsoft.Dafny var refinementTransformer = new RefinementTransformer(this, AdditionalInformationReporter, prog);
rewriters.Add(refinementTransformer);
rewriters.Add(new AutoContractsRewriter());
- var opaqueRewriter = new OpaqueFunctionRewriter();
+ var opaqueRewriter = new OpaqueFunctionRewriter();
rewriters.Add(new AutoReqFunctionRewriter(this, opaqueRewriter));
rewriters.Add(opaqueRewriter);
systemNameInfo = RegisterTopLevelDecls(prog.BuiltIns.SystemModule, false);
+ prog.CompileModules.Add(prog.BuiltIns.SystemModule);
foreach (var decl in sortedDecls) {
if (decl is LiteralModuleDecl) {
// The declaration is a literal module, so it has members and such that we need
// to resolve. First we do refinement transformation. Then we construct the signature
- // of the module. This is the public, externally visible signature. Then we add in
+ // of the module. This is the public, externally visible signature. Then we add in
// everything that the system defines, as well as any "import" (i.e. "opened" modules)
// directives (currently not supported, but this is where we would do it.) This signature,
// which is only used while resolving the members of the module is stored in the (basically)
@@ -894,7 +895,7 @@ namespace Microsoft.Dafny formals.AddRange(cop.Formals.ConvertAll(cloner.CloneFormal));
List<TypeParameter> tyvars = cop.TypeArgs.ConvertAll(cloner.CloneTypeParam);
-
+
/*
Dictionary<TypeParameter, Type> su = new Dictionary<TypeParameter, Type>();
for (int i = 0; i < tyvars.Count; i++) {
@@ -907,12 +908,12 @@ namespace Microsoft.Dafny // create prefix predicate
cop.PrefixPredicate = new PrefixPredicate(cop.tok, extraName, cop.IsStatic,
tyvars, cop.OpenParen, k, formals,
- cop.Req.ConvertAll(cloner.CloneExpr),
- cop.Reads.ConvertAll(cloner.CloneFrameExpr),
+ cop.Req.ConvertAll(cloner.CloneExpr),
+ cop.Reads.ConvertAll(cloner.CloneFrameExpr),
cop.Ens.ConvertAll(cloner.CloneExpr),
new Specification<Expression>(new List<Expression>() { new IdentifierExpr(cop.tok, k.Name) }, null),
- cop.Body,
- null,
+ cop.Body,
+ null,
cop);
extraMember = cop.PrefixPredicate;
// In the call graph, add an edge from P# to P, since this will have the desired effect of detecting unwanted cycles.
@@ -1035,6 +1036,9 @@ namespace Microsoft.Dafny if (d is ArbitraryTypeDecl) {
var dd = (ArbitraryTypeDecl)d;
return new ArbitraryTypeDecl(dd.tok, dd.Name, m, dd.EqualitySupport, null);
+ } else if (d is TupleTypeDecl) {
+ var dd = (TupleTypeDecl)d;
+ return new TupleTypeDecl(dd.Dims, dd.Module);
} else if (d is IndDatatypeDecl) {
var dd = (IndDatatypeDecl)d;
var tps = dd.TypeArgs.ConvertAll(CloneTypeParam);
@@ -1353,7 +1357,7 @@ namespace Microsoft.Dafny } else if (expr is MatchExpr) {
var e = (MatchExpr)expr;
return new MatchExpr(e.tok, CloneExpr(e.Source),
- e.Cases.ConvertAll(c => new MatchCaseExpr(c.tok, c.Id, c.Arguments.ConvertAll(CloneBoundVar), CloneExpr(c.Body))));
+ e.Cases.ConvertAll(c => new MatchCaseExpr(c.tok, c.Id, c.Arguments.ConvertAll(CloneBoundVar), CloneExpr(c.Body))), e.UsesOptionalBraces);
} else if (expr is NegationExpression) {
var e = (NegationExpression)expr;
@@ -1949,7 +1953,7 @@ namespace Microsoft.Dafny foreach (var p in e.TypeArgumentSubstitutions) {
if (p.Value.Normalize() is TypeProxy) {
Error(e.tok, "type variable '{0}' in the function call to '{1}' could not determined{2}", p.Key.Name, e.Name,
- (e.Name.Contains("reveal_") || e.Name.Contains("_FULL"))
+ (e.Name.Contains("reveal_") || e.Name.Contains("_FULL"))
? ". If you are making an opaque function, make sure that the function can be called."
: ""
);
@@ -1985,7 +1989,7 @@ namespace Microsoft.Dafny return CheckTypeIsDetermined(tok, ((MapType)t).Range, what, aggressive) &&
CheckTypeIsDetermined(tok, ((MapType)t).Domain, what, aggressive);
} else if (aggressive && t is CollectionType) {
- return CheckTypeIsDetermined(tok, ((CollectionType)t).Arg, what, aggressive);
+ return CheckTypeIsDetermined(tok, ((CollectionType)t).Arg, what, aggressive);
} else if (aggressive && t is UserDefinedType) {
return t.TypeArgs.All(rg => CheckTypeIsDetermined(tok, rg, what, aggressive));
} else {
@@ -2011,7 +2015,7 @@ namespace Microsoft.Dafny /// Note, the current implementation is rather conservative in its analysis; upon need, the
/// algorithm could be improved.
/// In the current implementation, "enclosingMethod" is not allowed to be a mutually recursive method.
- ///
+ ///
/// The incoming value of "tailCall" is not used, but it's nevertheless a 'ref' parameter to allow the
/// body to return the incoming value or to omit assignments to it.
/// If the return value is CanBeFollowedByAnything, "tailCall" is unchanged.
@@ -2141,7 +2145,10 @@ namespace Microsoft.Dafny }
} else if (stmt is ForallStmt) {
var s = (ForallStmt)stmt;
- var status = CheckTailRecursive(s.Body, enclosingMethod, ref tailCall, reportErrors);
+ var status = TailRecursionStatus.NotTailRecursive;
+ if (s.Body != null) {
+ status = CheckTailRecursive(s.Body, enclosingMethod, ref tailCall, reportErrors);
+ }
if (status != TailRecursionStatus.CanBeFollowedByAnything) {
if (status == TailRecursionStatus.NotTailRecursive) {
// an error has already been reported
@@ -2848,13 +2855,13 @@ namespace Microsoft.Dafny /// datatype has some value that can be constructed from datatypes in lower stratospheres only.
/// The algorithm used here is quadratic in the number of datatypes in the SCC. Since that number is
/// deemed to be rather small, this seems okay.
- ///
+ ///
/// As a side effect of this checking, the DefaultCtor field is filled in (for every inductive datatype
/// that passes the check). It may be that several constructors could be used as the default, but
/// only the first one encountered as recorded. This particular choice is slightly more than an
/// implementation detail, because it affects how certain cycles among inductive datatypes (having
/// to do with the types used to instantiate type parameters of datatypes) are used.
- ///
+ ///
/// The role of the SCC here is simply to speed up this method. It would still be correct if the
/// equivalence classes in the given SCC were unions of actual SCC's. In particular, this method
/// would still work if "dependencies" consisted of one large SCC containing all the inductive
@@ -3079,7 +3086,7 @@ namespace Microsoft.Dafny if (!allTypeParameters.Push(tp.Name, tp) && emitErrors) {
Error(tp, "Duplicate type-parameter name: {0}", tp.Name);
}
- }
+ }
}
/// <summary>
@@ -3302,8 +3309,9 @@ namespace Microsoft.Dafny void ResolveCtorSignature(DatatypeCtor ctor, List<TypeParameter> dtTypeArguments) {
Contract.Requires(ctor != null);
Contract.Requires(dtTypeArguments != null);
+ ResolveTypeOption option = dtTypeArguments.Count == 0 ? new ResolveTypeOption(ctor) : new ResolveTypeOption(ResolveTypeOptionEnum.AllowPrefix);
foreach (Formal p in ctor.Formals) {
- ResolveType(p.tok, p.Type, ResolveTypeOptionEnum.AllowExact, dtTypeArguments);
+ ResolveType(p.tok, p.Type, option, dtTypeArguments);
}
}
@@ -3551,7 +3559,7 @@ namespace Microsoft.Dafny iter.Member_MoveNext.Decreases.Attributes = iter.Decreases.Attributes;
}
- // Like the ResolveTypeOptionEnum, but iff the case of AllowPrefixExtend, it also
+ // Like the ResolveTypeOptionEnum, but iff the case of AllowPrefixExtend, it also
// contains a pointer to its Parent class, to fill in default type parameters properly.
public class ResolveTypeOption
{
@@ -3592,10 +3600,6 @@ namespace Microsoft.Dafny /// </summary>
InferTypeProxies,
/// <summary>
- /// if exactly defaultTypeArguments.Count type arguments are needed, use defaultTypeArguments
- /// </summary>
- AllowExact,
- /// <summary>
/// if at most defaultTypeArguments.Count type arguments are needed, use a prefix of defaultTypeArguments
/// </summary>
AllowPrefix,
@@ -3610,7 +3614,7 @@ namespace Microsoft.Dafny /// See ResolveTypeOption for a description of the option/defaultTypeArguments parameters.
/// </summary>
public void ResolveType(IToken tok, Type type, ResolveTypeOptionEnum eopt, List<TypeParameter> defaultTypeArguments) {
- Contract.Requires(eopt != ResolveTypeOptionEnum.AllowPrefixExtend);
+ Contract.Requires(eopt != ResolveTypeOptionEnum.AllowPrefixExtend);
ResolveType(tok, type, new ResolveTypeOption(eopt), defaultTypeArguments);
}
@@ -3717,7 +3721,7 @@ namespace Microsoft.Dafny } else {
Error(t.tok, "Type parameter expects no type arguments: {0}", t.Name);
}
- } else if (t.ResolvedClass == null) { // this test is because 'array' is already resolved; TODO: an alternative would be to pre-populate 'classes' with built-in references types like 'array' (and perhaps in the future 'string')
+ } else {
TopLevelDecl d = null;
int j;
@@ -3797,9 +3801,12 @@ namespace Microsoft.Dafny for (int i = 0; i < n; i++) {
typeArgs.Add(new InferredTypeProxy());
}
+ /*
} else if (option.Opt == ResolveTypeOptionEnum.AllowExact && defaultTypeArguments.Count != n) {
// the number of default arguments is not exactly what we need, so don't add anything
} else if (option.Opt == ResolveTypeOptionEnum.AllowPrefix && defaultTypeArguments.Count < n) {
+ */
+ } else if (option.Opt == ResolveTypeOptionEnum.AllowPrefix && defaultTypeArguments.Count < n) {
// there aren't enough default arguments, so don't do anything
} else {
// we'll add arguments
@@ -4074,7 +4081,7 @@ namespace Microsoft.Dafny // set(Arg) or multiset(Arg) or seq(Arg) or map(Arg, anyRange)
// pb is:
// seq(Arg) or multiset(Arg) or map(Domain, Arg), or
- // if AllowArray, array(Arg)
+ // if AllowArray, array(Arg)
// Their intersection is:
if (ib.AllowArray) {
var c = new IndexableTypeProxy(ib.Domain, ib.Range, ib.Arg, false);
@@ -4587,14 +4594,16 @@ namespace Microsoft.Dafny }
s.IsGhost = bodyMustBeSpecOnly;
- // clear the labels for the duration of checking the body, because break statements are not allowed to leave a forall statement
- var prevLblStmts = labeledStatements;
- var prevLoopStack = loopStack;
- labeledStatements = new Scope<Statement>();
- loopStack = new List<Statement>();
- ResolveStatement(s.Body, bodyMustBeSpecOnly, codeContext);
- labeledStatements = prevLblStmts;
- loopStack = prevLoopStack;
+ if (s.Body != null) {
+ // clear the labels for the duration of checking the body, because break statements are not allowed to leave a forall statement
+ var prevLblStmts = labeledStatements;
+ var prevLoopStack = loopStack;
+ labeledStatements = new Scope<Statement>();
+ loopStack = new List<Statement>();
+ ResolveStatement(s.Body, bodyMustBeSpecOnly, codeContext);
+ labeledStatements = prevLblStmts;
+ loopStack = prevLoopStack;
+ }
scope.PopMarker();
if (prevErrorCount == ErrorCount) {
@@ -4631,9 +4640,11 @@ namespace Microsoft.Dafny }
}
}
- CheckForallStatementBodyRestrictions(s.Body, s.Kind);
+ if (s.Body != null) {
+ CheckForallStatementBodyRestrictions(s.Body, s.Kind);
+ }
}
-
+
} else if (stmt is ModifyStmt) {
var s = (ModifyStmt)stmt;
ResolveAttributes(s.Mod.Attributes, true, codeContext);
@@ -4662,14 +4673,14 @@ namespace Microsoft.Dafny if (!UnifyTypes(e0.Type, e1.Type)) {
Error(e1, "all lines in a calculation must have the same type (got {0} after {1})", e1.Type, e0.Type);
} else {
- var step = s.StepOps[i - 1].StepExpr(e0, e1); // Use custom line operator
+ var step = s.StepOps[i - 1].StepExpr(e0, e1); // Use custom line operator
ResolveExpression(step, true, codeContext);
- s.Steps.Add(step);
+ s.Steps.Add(step);
}
e0 = e1;
}
}
-
+
// clear the labels for the duration of checking the hints, because break statements are not allowed to leave a forall statement
var prevLblStmts = labeledStatements;
var prevLoopStack = loopStack;
@@ -4680,7 +4691,7 @@ namespace Microsoft.Dafny CheckHintRestrictions(h);
}
labeledStatements = prevLblStmts;
- loopStack = prevLoopStack;
+ loopStack = prevLoopStack;
}
if (prevErrorCount == ErrorCount && s.Lines.Count > 0) {
@@ -4690,8 +4701,8 @@ namespace Microsoft.Dafny s.Result = CalcStmt.DefaultOp.StepExpr(Expression.CreateIntLiteral(s.Tok, 0), Expression.CreateIntLiteral(s.Tok, 0));
}
ResolveExpression(s.Result, true, codeContext);
- Contract.Assert(s.Result != null);
- Contract.Assert(prevErrorCount != ErrorCount || s.Steps.Count == s.Hints.Count);
+ Contract.Assert(s.Result != null);
+ Contract.Assert(prevErrorCount != ErrorCount || s.Steps.Count == s.Hints.Count);
} else if (stmt is MatchStmt) {
MatchStmt s = (MatchStmt)stmt;
@@ -5417,7 +5428,7 @@ namespace Microsoft.Dafny Contract.Assert(false); // unexpected kind
break;
}
-
+
} else if (stmt is CalcStmt) {
// cool
@@ -5536,7 +5547,7 @@ namespace Microsoft.Dafny Contract.Assert(false); // unexpected kind
break;
}
-
+
} else if (stmt is CalcStmt) {
var s = (CalcStmt)stmt;
foreach (var h in s.Hints) {
@@ -6080,10 +6091,10 @@ namespace Microsoft.Dafny }
else if (e.Seq.Type is UserDefinedType && ((UserDefinedType)e.Seq.Type).IsDatatype)
- {
+ {
DatatypeDecl dt = ((UserDefinedType)e.Seq.Type).AsDatatype;
- if (!(e.Index is IdentifierSequence || (e.Index is LiteralExpr && ((LiteralExpr)e.Index).Value is BigInteger)))
+ if (!(e.Index is IdentifierSequence || (e.Index is LiteralExpr && ((LiteralExpr)e.Index).Value is BigInteger)))
{
Error(expr, "datatype updates must be to datatype destructors");
} else {
@@ -6464,7 +6475,7 @@ namespace Microsoft.Dafny bool _val = true;
bool typeQuantifier = Attributes.ContainsBool(e.Attributes, "typeQuantifier", ref _val);
allTypeParameters.PushMarker();
- ResolveTypeParameters(e.TypeArgs, true, e);
+ ResolveTypeParameters(e.TypeArgs, true, e);
scope.PushMarker();
foreach (BoundVar v in e.BoundVars) {
if (!scope.Push(v.Name, v)) {
@@ -7118,7 +7129,7 @@ namespace Microsoft.Dafny // ----- root is a local variable, parameter, or bound variable
r = new IdentifierExpr(id, id.val);
ResolveExpression(r, twoState, codeContext);
- r = ResolveSuffix(r, e, 1, twoState, codeContext, allowMethodCall, out call);
+ r = ResolveSuffix(r, e, 1, twoState, codeContext, allowMethodCall, out call);
} else if (moduleInfo.TopLevels.TryGetValue(id.val, out decl)) {
if (decl is AmbiguousTopLevelDecl) {
@@ -7126,10 +7137,10 @@ namespace Microsoft.Dafny } else if (e.Tokens.Count == 1 && e.Arguments == null) {
Error(id, "name of type ('{0}') is used as a variable", id.val);
} else if (e.Tokens.Count == 1 && e.Arguments != null) {
- // in
+ // in
// datatype Id = Id
// you cannot refer to the constructor, instead this error message is thrown:
- // (bug?)
+ // (bug?)
Error(id, "name of type ('{0}') is used as a function", id.val);
// resolve the arguments nonetheless
foreach (var arg in e.Arguments) {
@@ -7322,7 +7333,7 @@ namespace Microsoft.Dafny if (p < e.Tokens.Count) {
Contract.Assert(e.Arguments != null);
-
+
bool itIsAMethod = false;
if (allowMethodCall) {
var udt = r.Type.Normalize() as UserDefinedType;
diff --git a/Source/Dafny/Scanner.cs b/Source/Dafny/Scanner.cs index 4b473e9d..87dee5aa 100644 --- a/Source/Dafny/Scanner.cs +++ b/Source/Dafny/Scanner.cs @@ -255,21 +255,21 @@ public class Scanner { for (int i = 92; i <= 92; ++i) start[i] = 1;
for (int i = 95; i <= 95; ++i) start[i] = 1;
for (int i = 98; i <= 122; ++i) start[i] = 1;
- for (int i = 49; i <= 57; ++i) start[i] = 21;
+ for (int i = 49; i <= 57; ++i) start[i] = 22;
for (int i = 34; i <= 34; ++i) start[i] = 11;
- start[97] = 22;
- start[48] = 23;
+ start[97] = 23;
+ start[48] = 24;
start[58] = 64;
start[59] = 13;
start[123] = 14;
start[125] = 15;
start[40] = 16;
- start[42] = 17;
+ start[41] = 17;
+ start[42] = 18;
start[33] = 65;
start[61] = 66;
start[124] = 67;
- start[44] = 30;
- start[41] = 31;
+ start[44] = 31;
start[46] = 68;
start[60] = 69;
start[62] = 70;
@@ -491,21 +491,21 @@ public class Scanner { void CheckLiteral() {
switch (t.val) {
- case "include": t.kind = 14; break;
- case "abstract": t.kind = 15; break;
- case "module": t.kind = 16; break;
- case "refines": t.kind = 17; break;
- case "import": t.kind = 18; break;
- case "opened": t.kind = 19; break;
- case "as": t.kind = 21; break;
- case "default": t.kind = 22; break;
- case "class": t.kind = 23; break;
- case "ghost": t.kind = 24; break;
- case "static": t.kind = 25; break;
- case "datatype": t.kind = 26; break;
- case "codatatype": t.kind = 27; break;
- case "var": t.kind = 29; break;
- case "type": t.kind = 31; break;
+ case "include": t.kind = 15; break;
+ case "abstract": t.kind = 16; break;
+ case "module": t.kind = 17; break;
+ case "refines": t.kind = 18; break;
+ case "import": t.kind = 19; break;
+ case "opened": t.kind = 20; break;
+ case "as": t.kind = 22; break;
+ case "default": t.kind = 23; break;
+ case "class": t.kind = 24; break;
+ case "ghost": t.kind = 25; break;
+ case "static": t.kind = 26; break;
+ case "datatype": t.kind = 27; break;
+ case "codatatype": t.kind = 28; break;
+ case "var": t.kind = 30; break;
+ case "type": t.kind = 32; break;
case "iterator": t.kind = 34; break;
case "yields": t.kind = 35; break;
case "returns": t.kind = 36; break;
@@ -648,65 +648,65 @@ public class Scanner { case 17:
{t.kind = 12; break;}
case 18:
- if (ch == 'n') {AddCh(); goto case 19;}
- else {goto case 0;}
+ {t.kind = 13; break;}
case 19:
- if (ch <= '&' || ch >= '(' && ch <= '/' || ch >= ':' && ch <= '>' || ch == '@' || ch == '[' || ch >= ']' && ch <= '^' || ch == '`' || ch >= '{' && ch <= 65535) {apx++; AddCh(); goto case 20;}
+ if (ch == 'n') {AddCh(); goto case 20;}
else {goto case 0;}
case 20:
+ if (ch <= '&' || ch >= '(' && ch <= '/' || ch >= ':' && ch <= '>' || ch == '@' || ch == '[' || ch >= ']' && ch <= '^' || ch == '`' || ch >= '{' && ch <= 65535) {apx++; AddCh(); goto case 21;}
+ else {goto case 0;}
+ case 21:
{
tlen -= apx;
SetScannerBehindT();
- t.kind = 13; break;}
- case 21:
+ t.kind = 14; break;}
+ case 22:
recEnd = pos; recKind = 2;
- if (ch >= '0' && ch <= '9') {AddCh(); goto case 21;}
+ if (ch >= '0' && ch <= '9') {AddCh(); goto case 22;}
else if (ch == '.') {AddCh(); goto case 9;}
else {t.kind = 2; break;}
- case 22:
+ case 23:
recEnd = pos; recKind = 1;
if (ch == 39 || ch >= '0' && ch <= '9' || ch == '?' || ch >= 'A' && ch <= 'Z' || ch == 92 || ch == '_' || ch >= 'a' && ch <= 'q' || ch >= 's' && ch <= 'z') {AddCh(); goto case 2;}
- else if (ch == 'r') {AddCh(); goto case 25;}
+ else if (ch == 'r') {AddCh(); goto case 26;}
else {t.kind = 1; t.val = new String(tval, 0, tlen); CheckLiteral(); return t;}
- case 23:
+ case 24:
recEnd = pos; recKind = 2;
- if (ch >= '0' && ch <= '9') {AddCh(); goto case 21;}
+ if (ch >= '0' && ch <= '9') {AddCh(); goto case 22;}
else if (ch == 'x') {AddCh(); goto case 7;}
else if (ch == '.') {AddCh(); goto case 9;}
else {t.kind = 2; break;}
- case 24:
+ case 25:
recEnd = pos; recKind = 1;
- if (ch == 39 || ch >= '0' && ch <= '9' || ch == '?' || ch >= 'A' && ch <= 'Z' || ch == 92 || ch == '_' || ch >= 'a' && ch <= 'z') {AddCh(); goto case 24;}
+ if (ch == 39 || ch >= '0' && ch <= '9' || ch == '?' || ch >= 'A' && ch <= 'Z' || ch == 92 || ch == '_' || ch >= 'a' && ch <= 'z') {AddCh(); goto case 25;}
else {t.kind = 1; t.val = new String(tval, 0, tlen); CheckLiteral(); return t;}
- case 25:
+ case 26:
recEnd = pos; recKind = 1;
if (ch == 39 || ch >= '0' && ch <= '9' || ch == '?' || ch >= 'A' && ch <= 'Z' || ch == 92 || ch == '_' || ch >= 'a' && ch <= 'q' || ch >= 's' && ch <= 'z') {AddCh(); goto case 3;}
- else if (ch == 'r') {AddCh(); goto case 26;}
+ else if (ch == 'r') {AddCh(); goto case 27;}
else {t.kind = 1; t.val = new String(tval, 0, tlen); CheckLiteral(); return t;}
- case 26:
+ case 27:
recEnd = pos; recKind = 1;
if (ch == 39 || ch >= '0' && ch <= '9' || ch == '?' || ch >= 'A' && ch <= 'Z' || ch == 92 || ch == '_' || ch >= 'b' && ch <= 'z') {AddCh(); goto case 4;}
- else if (ch == 'a') {AddCh(); goto case 27;}
+ else if (ch == 'a') {AddCh(); goto case 28;}
else {t.kind = 1; t.val = new String(tval, 0, tlen); CheckLiteral(); return t;}
- case 27:
+ case 28:
recEnd = pos; recKind = 1;
if (ch == 39 || ch >= '0' && ch <= '9' || ch == '?' || ch >= 'A' && ch <= 'Z' || ch == 92 || ch == '_' || ch >= 'a' && ch <= 'x' || ch == 'z') {AddCh(); goto case 5;}
- else if (ch == 'y') {AddCh(); goto case 28;}
+ else if (ch == 'y') {AddCh(); goto case 29;}
else {t.kind = 1; t.val = new String(tval, 0, tlen); CheckLiteral(); return t;}
- case 28:
+ case 29:
recEnd = pos; recKind = 5;
if (ch == 39 || ch == '0' || ch == '?' || ch >= 'A' && ch <= 'Z' || ch == 92 || ch == '_' || ch >= 'a' && ch <= 'z') {AddCh(); goto case 6;}
- else if (ch >= '1' && ch <= '9') {AddCh(); goto case 29;}
+ else if (ch >= '1' && ch <= '9') {AddCh(); goto case 30;}
else {t.kind = 5; break;}
- case 29:
+ case 30:
recEnd = pos; recKind = 5;
- if (ch == 39 || ch == '?' || ch >= 'A' && ch <= 'Z' || ch == 92 || ch == '_' || ch >= 'a' && ch <= 'z') {AddCh(); goto case 24;}
- else if (ch >= '0' && ch <= '9') {AddCh(); goto case 29;}
+ if (ch == 39 || ch == '?' || ch >= 'A' && ch <= 'Z' || ch == 92 || ch == '_' || ch >= 'a' && ch <= 'z') {AddCh(); goto case 25;}
+ else if (ch >= '0' && ch <= '9') {AddCh(); goto case 30;}
else {t.kind = 5; break;}
- case 30:
- {t.kind = 30; break;}
case 31:
- {t.kind = 33; break;}
+ {t.kind = 31; break;}
case 32:
{t.kind = 37; break;}
case 33:
@@ -780,18 +780,18 @@ public class Scanner { else {t.kind = 7; break;}
case 65:
recEnd = pos; recKind = 107;
- if (ch == 'i') {AddCh(); goto case 18;}
+ if (ch == 'i') {AddCh(); goto case 19;}
else if (ch == '=') {AddCh(); goto case 41;}
else {t.kind = 107; break;}
case 66:
- recEnd = pos; recKind = 20;
+ recEnd = pos; recKind = 21;
if (ch == '=') {AddCh(); goto case 71;}
else if (ch == '>') {AddCh(); goto case 38;}
- else {t.kind = 20; break;}
+ else {t.kind = 21; break;}
case 67:
- recEnd = pos; recKind = 28;
+ recEnd = pos; recKind = 29;
if (ch == '|') {AddCh(); goto case 53;}
- else {t.kind = 28; break;}
+ else {t.kind = 29; break;}
case 68:
recEnd = pos; recKind = 61;
if (ch == '.') {AddCh(); goto case 72;}
@@ -805,9 +805,9 @@ public class Scanner { if (ch == '=') {AddCh(); goto case 40;}
else {t.kind = 39; break;}
case 71:
- recEnd = pos; recKind = 32;
+ recEnd = pos; recKind = 33;
if (ch == '>') {AddCh(); goto case 47;}
- else {t.kind = 32; break;}
+ else {t.kind = 33; break;}
case 72:
recEnd = pos; recKind = 120;
if (ch == '.') {AddCh(); goto case 32;}
diff --git a/Source/Dafny/Translator.cs b/Source/Dafny/Translator.cs index 548547d2..496633a7 100644 --- a/Source/Dafny/Translator.cs +++ b/Source/Dafny/Translator.cs @@ -18,6 +18,7 @@ namespace Microsoft.Dafny { [NotDelayed]
public Translator() {
+ InsertChecksums = 0 < CommandLineOptions.Clo.VerifySnapshots;
Bpl.Program boogieProgram = ReadPrelude();
if (boogieProgram != null) {
sink = boogieProgram;
@@ -409,13 +410,13 @@ namespace Microsoft.Dafny { var impl = decl as Implementation;
if (impl != null && impl.FindStringAttribute("checksum") == null)
{
- impl.AddAttribute("checksum", "dummy");
+ impl.AddAttribute("checksum", "stable");
}
var func = decl as Bpl.Function;
if (func != null && func.FindStringAttribute("checksum") == null)
{
- func.AddAttribute("checksum", "dummy");
+ func.AddAttribute("checksum", "stable");
}
}
}
@@ -2614,7 +2615,7 @@ namespace Microsoft.Dafny { public void InsertUniqueIdForImplementation(Bpl.Declaration decl)
{
var impl = decl as Bpl.Implementation;
- var prefix = UniqueIdPrefix ?? decl.tok.filename;
+ var prefix = UniqueIdPrefix ?? System.Text.RegularExpressions.Regex.Replace(decl.tok.filename, @".v\d+.dfy", ".dfy");
if (impl != null && !string.IsNullOrEmpty(prefix))
{
decl.AddAttribute("id", prefix + ":" + impl.Name + ":0");
@@ -5858,15 +5859,33 @@ namespace Microsoft.Dafny { // assume $HeapSucc(oldHeap, $Heap);
// (a)
// assume (forall<alpha> o: ref, F: Field alpha ::
+ // { $Heap[o,F] }
// $Heap[o,F] = oldHeap[o,F] ||
// (exists x,y :: Range(x,y) && o == E(x,y) && F = f));
- // assume (forall x,y :: Range ==> $Heap[ E[$Heap:=oldHeap], F] == G[$Heap:=oldHeap]);
+ // assume (forall x,y :: Range ==> $Heap[ E[$Heap:=oldHeap], F] == G[$Heap:=oldHeap]); (**)
// (b)
// assume (forall<alpha> o: ref, F: Field alpha ::
+ // { $Heap[o,F] }
// $Heap[o,F] = oldHeap[o,F] ||
// (exists x,y :: Range(x,y) && o == A(x,y) && F = Index(I0,I1,...)));
- // assume (forall x,y :: Range ==> $Heap[ A[$Heap:=oldHeap], Index(I0,I1,...)] == G[$Heap:=oldHeap]);
+ // assume (forall x,y :: Range ==> $Heap[ A[$Heap:=oldHeap], Index(I0,I1,...)] == G[$Heap:=oldHeap]); (**)
// }
+ //
+ // Note: In order to get a good trigger for the quantifiers (**), we will attempt to make the parameters
+ // that select from $Heap in the LHS of the equalities as plain as possible. This involves taking the inverse
+ // of an expression, which isn't always easy or possible, so we settle for handling some common cases. In
+ // particular, we change:
+ // 0: forall i | R(i) { F(i).f := E(i); }
+ // 1: forall i | R(i) { A[F(i)] := E(i); }
+ // 2: forall i | R(i) { F(i)[N] := E(i); }
+ // where f is some field and A and N are expressions that do not depend on i, into:
+ // 0: forall j | Q(j) { j.f := E(F-1(j)); }
+ // 1: forall j | Q(j) { A[j] := E(F-1(j)); }
+ // 2: forall j | Q(j) { j[N] := E(F-1(j)); }
+ // where we ensure that, for all i and j:
+ // R(i) && j == F(i) <==> Q(j) && F-1(j) == i
+ // If the transformation succeeds, we use, respectively, j.f, A[j], and j[N] (each evaluated in the new heap) as
+ // the trigger of the quantifier generated.
var substMap = SetupBoundVarsAsLocals(s.BoundVars, definedness, locals, etran);
Expression range = Substitute(s.Range, null, substMap);
@@ -5932,6 +5951,7 @@ namespace Microsoft.Dafny { // Here comes:
// assume (forall<alpha> o: ref, f: Field alpha ::
+ // { $Heap[o,f] }
// $Heap[o,f] = oldHeap[o,f] ||
// (exists x,y :: Range(x,y)[$Heap:=oldHeap] &&
// o == Object(x,y)[$Heap:=oldHeap] && f == Field(x,y)[$Heap:=oldHeap]));
@@ -5940,8 +5960,8 @@ namespace Microsoft.Dafny { Bpl.IdentifierExpr o = new Bpl.IdentifierExpr(s.Tok, oVar);
Bpl.BoundVariable fVar = new Bpl.BoundVariable(s.Tok, new Bpl.TypedIdent(s.Tok, "$f", predef.FieldName(s.Tok, alpha)));
Bpl.IdentifierExpr f = new Bpl.IdentifierExpr(s.Tok, fVar);
- Bpl.Expr heapOF = ReadHeap(s.Tok, etran.HeapExpr, o, f);
- Bpl.Expr oldHeapOF = ReadHeap(s.Tok, prevHeap, o, f);
+ Bpl.Expr heapOF = ExpressionTranslator.ReadHeap(s.Tok, etran.HeapExpr, o, f);
+ Bpl.Expr oldHeapOF = ExpressionTranslator.ReadHeap(s.Tok, prevHeap, o, f);
List<Variable> xBvars = new List<Variable>();
var xBody = etran.TrBoundVariables(s.BoundVars, xBvars);
xBody = BplAnd(xBody, prevEtran.TrExpr(s.Range));
@@ -5951,30 +5971,249 @@ namespace Microsoft.Dafny { xBody = BplAnd(xBody, Bpl.Expr.Eq(f, xField));
Bpl.Expr xObjField = new Bpl.ExistsExpr(s.Tok, xBvars, xBody);
Bpl.Expr body = Bpl.Expr.Or(Bpl.Expr.Eq(heapOF, oldHeapOF), xObjField);
- Bpl.Expr qq = new Bpl.ForallExpr(s.Tok, new List<TypeVariable> { alpha }, new List<Variable> { oVar, fVar }, body);
+ var tr = new Trigger(s.Tok, true, new List<Expr>() { heapOF });
+ Bpl.Expr qq = new Bpl.ForallExpr(s.Tok, new List<TypeVariable> { alpha }, new List<Variable> { oVar, fVar }, null, tr, body);
updater.Add(new Bpl.AssumeCmd(s.Tok, qq));
if (s0.Rhs is ExprRhs) {
- // assume (forall x,y :: Range(x,y)[$Heap:=oldHeap] ==>
- // $Heap[ Object(x,y)[$Heap:=oldHeap], Field(x,y)[$Heap:=oldHeap] ] == G[$Heap:=oldHeap] ));
- xBvars = new List<Variable>();
- Bpl.Expr xAnte = etran.TrBoundVariables(s.BoundVars, xBvars);
- xAnte = BplAnd(xAnte, prevEtran.TrExpr(s.Range));
+ Expression Fi = null;
+ Func<Expression,Expression> lhsBuilder = null;
+ lhs = s0.Lhs.Resolved;
+ var i = s.BoundVars[0];
+ if (s.BoundVars.Count == 1) {
+ //var lhsContext = null;
+ // Detect the following cases:
+ // 0: forall i | R(i) { F(i).f := E(i); }
+ // 1: forall i | R(i) { A[F(i)] := E(i); }
+ // 2: forall i | R(i) { F(i)[N] := E(i); }
+ if (lhs is FieldSelectExpr) {
+ var ll = (FieldSelectExpr)lhs;
+ Fi = ll.Obj;
+ lhsBuilder = e => { var l = new FieldSelectExpr(ll.tok, e, ll.FieldName); l.Field = ll.Field; l.Type = ll.Type; return l; };
+ } else if (lhs is SeqSelectExpr) {
+ var ll = (SeqSelectExpr)lhs;
+ Contract.Assert(ll.SelectOne);
+ if (!ContainsFreeVariable(ll.Seq, false, i)) {
+ Fi = ll.E0;
+ lhsBuilder = e => { var l = new SeqSelectExpr(ll.tok, true, ll.Seq, e, null); l.Type = ll.Type; return l; };
+ } else if (!ContainsFreeVariable(ll.E0, false, i)) {
+ Fi = ll.Seq;
+ lhsBuilder = e => { var l = new SeqSelectExpr(ll.tok, true, e, ll.E0, null); l.Type = ll.Type; return l; };
+ }
+ }
+ }
var rhs = ((ExprRhs)s0.Rhs).Expr;
- var g = prevEtran.TrExpr(rhs);
- GetObjFieldDetails(s0.Lhs.Resolved, prevEtran, out xObj, out xField);
- var xHeapOF = ReadHeap(s.Tok, etran.HeapExpr, xObj, xField);
-
- Type lhsType;
- if (lhs is FieldSelectExpr) {
- lhsType = ((FieldSelectExpr)lhs).Type;
- } else {
- lhsType = null;
+ bool usedInversion = false;
+ if (Fi != null) {
+ var j = new BoundVar(i.tok, i.Name + "#inv", Fi.Type);
+ var jj = Expression.CreateIdentExpr(j);
+ var jList = new List<BoundVar>() { j };
+ var vals = InvertExpression(i, j, s.Range, Fi);
+#if DEBUG_PRINT
+ Console.WriteLine("DEBUG: Trying to invert:");
+ Console.WriteLine("DEBUG: " + Printer.ExprToString(s.Range) + " && " + j.Name + " == " + Printer.ExprToString(Fi));
+ if (vals == null) {
+ Console.WriteLine("DEBUG: Can't");
+ } else {
+ Console.WriteLine("DEBUG: The inverse is the disjunction of the following:");
+ foreach (var val in vals) {
+ Console.WriteLine("DEBUG: " + Printer.ExprToString(val.Range) + " && " + Printer.ExprToString(val.FInverse) + " == " + i.Name);
+ }
+ }
+#endif
+ if (vals != null) {
+ foreach (var val in vals) {
+ qq = TrForall_NewValueAssumption(s.Tok, jList, val.Range, lhsBuilder(jj), Substitute(rhs, i, val.FInverse), true, etran, prevEtran);
+ updater.Add(new Bpl.AssumeCmd(s.Tok, qq));
+ }
+ usedInversion = true;
+ }
}
- g = CondApplyBox(rhs.tok, g, rhs.Type, lhsType);
+ if (!usedInversion) {
+ qq = TrForall_NewValueAssumption(s.Tok, s.BoundVars, s.Range, lhs, rhs, false, etran, prevEtran);
+ updater.Add(new Bpl.AssumeCmd(s.Tok, qq));
+ }
+ }
+ }
+
+ /// <summary>
+ /// Generate:
+ /// assume (forall x,y :: Range(x,y)[$Heap:=oldHeap] ==>
+ /// $Heap[ Object(x,y)[$Heap:=oldHeap], Field(x,y)[$Heap:=oldHeap] ] == G[$Heap:=oldHeap] ));
+ /// where
+ /// x,y represent boundVars
+ /// Object(x,y) is the first part of lhs
+ /// Field(x,y) is the second part of lhs
+ /// G is rhs
+ /// If lhsAsTrigger is true, then use the LHS of the equality above as the trigger; otherwise, don't specify any trigger.
+ /// </summary>
+ private Bpl.Expr TrForall_NewValueAssumption(IToken tok, List<BoundVar> boundVars, Expression range, Expression lhs, Expression rhs, bool lhsAsTrigger, ExpressionTranslator etran, ExpressionTranslator prevEtran) {
+ Contract.Requires(tok != null);
+ Contract.Requires(boundVars != null);
+ Contract.Requires(range != null);
+ Contract.Requires(lhs != null);
+ Contract.Requires(rhs != null);
+ Contract.Requires(etran != null);
+ Contract.Requires(prevEtran != null);
+
+ var xBvars = new List<Variable>();
+ Bpl.Expr xAnte = etran.TrBoundVariables(boundVars, xBvars);
+ xAnte = BplAnd(xAnte, prevEtran.TrExpr(range));
+ var g = prevEtran.TrExpr(rhs);
+ Bpl.Expr obj, field;
+ GetObjFieldDetails(lhs, prevEtran, out obj, out field);
+ var xHeapOF = ExpressionTranslator.ReadHeap(tok, etran.HeapExpr, obj, field);
- qq = new Bpl.ForallExpr(s.Tok, xBvars, Bpl.Expr.Imp(xAnte, Bpl.Expr.Eq(xHeapOF, g)));
- updater.Add(new Bpl.AssumeCmd(s.Tok, qq));
+ Type lhsType = lhs is FieldSelectExpr ? ((FieldSelectExpr)lhs).Type : null;
+ g = CondApplyBox(rhs.tok, g, rhs.Type, lhsType);
+
+ Trigger tr = lhsAsTrigger ? new Trigger(tok, true, new List<Bpl.Expr>() { xHeapOF }) : null;
+ return new Bpl.ForallExpr(tok, xBvars, tr, Bpl.Expr.Imp(xAnte, Bpl.Expr.Eq(xHeapOF, g)));
+ }
+
+ class ForallStmtTranslationValues
+ {
+ public readonly Expression Range;
+ public readonly Expression FInverse;
+ public ForallStmtTranslationValues(Expression range, Expression fInverse) {
+ Contract.Requires(range != null);
+ Contract.Requires(fInverse != null);
+ Range = range;
+ FInverse = fInverse;
+ }
+ public ForallStmtTranslationValues Subst(IVariable j, Expression e, Translator translator) {
+ Contract.Requires(j != null);
+ Contract.Requires(e != null);
+ Contract.Requires(translator != null);
+ var substMap = new Dictionary<IVariable, Expression>();
+ substMap.Add(j, e);
+ var v = new ForallStmtTranslationValues(translator.Substitute(Range, null, substMap), translator.Substitute(FInverse, null, substMap));
+ return v;
+ }
+ }
+
+ /// <summary>
+ /// Find piecewise inverse of F under R. More precisely, find lists of expressions P and F-1
+ /// such that
+ /// R(i) && j == F(i)
+ /// holds iff the disjunction of the following predicates holds:
+ /// P_0(j) && F-1_0(j) == i
+ /// ...
+ /// P_{n-1}(j) && F-1_{n-1}(j) == i
+ /// If no such disjunction is found, return null.
+ /// If such a disjunction is found, return for each disjunct:
+ /// * The predicate P_k(j), which is an expression that may have free occurrences of j (but no free occurrences of i)
+ /// * The expression F-1_k(j), which also may have free occurrences of j but not of i
+ /// </summary>
+ private List<ForallStmtTranslationValues> InvertExpression(BoundVar i, BoundVar j, Expression R, Expression F) {
+ Contract.Requires(i != null);
+ Contract.Requires(j != null);
+ Contract.Requires(R != null);
+ Contract.Requires(F != null);
+ var vals = new List<ForallStmtTranslationValues>(InvertExpressionIter(i, j, R, F));
+ if (vals.Count == 0) {
+ return null;
+ } else {
+ return vals;
+ }
+ }
+ /// <summary>
+ /// See InvertExpression.
+ /// </summary>
+ private IEnumerable<ForallStmtTranslationValues> InvertExpressionIter(BoundVar i, BoundVar j, Expression R, Expression F) {
+ Contract.Requires(i != null);
+ Contract.Requires(j != null);
+ Contract.Requires(R != null);
+ Contract.Requires(F != null);
+ F = F.Resolved;
+ if (!ContainsFreeVariable(F, false, i)) {
+ // We're looking at R(i) && j == K.
+ // We cannot invert j == K, but if we're lucky, R(i) contains a conjunct i==G.
+ Expression r = Expression.CreateBoolLiteral(R.tok, true);
+ Expression G = null;
+ foreach (var c in Expression.Conjuncts(R)) {
+ if (G == null && c is BinaryExpr) {
+ var bin = (BinaryExpr)c;
+ if (BinaryExpr.IsEqualityOp(bin.ResolvedOp)) {
+ var id = bin.E0.Resolved as IdentifierExpr;
+ if (id != null && id.Var == i) {
+ G = bin.E1;
+ continue;
+ }
+ id = bin.E1.Resolved as IdentifierExpr;
+ if (id != null && id.Var == i) {
+ G = bin.E0;
+ continue;
+ }
+ }
+ }
+ r = Expression.CreateAnd(r, c);
+ }
+ if (G != null) {
+ var jIsK = Expression.CreateEq(Expression.CreateIdentExpr(j), F, j.Type);
+ var rr = Substitute(r, i, G);
+ yield return new ForallStmtTranslationValues(Expression.CreateAnd(rr, jIsK), G);
+ }
+ } else if (F is IdentifierExpr) {
+ var e = (IdentifierExpr)F;
+ if (e.Var == i) {
+ // We're looking at R(i) && j == i, which is particularly easy to invert: R(j) && j == i
+ var jj = Expression.CreateIdentExpr(j);
+ yield return new ForallStmtTranslationValues(Substitute(R, i, jj), jj);
+ }
+ } else if (F is BinaryExpr) {
+ var bin = (BinaryExpr)F;
+ if (bin.ResolvedOp == BinaryExpr.ResolvedOpcode.Add) {
+ if (!ContainsFreeVariable(bin.E1, false, i)) {
+ // We're looking at: R(i) && j == f(i) + K.
+ // By a recursive call, we'll ask to invert: R(i) && j' == f(i).
+ // For each P_0(j') && f-1_0(j') == i we get back, we yield:
+ // P_0(j - K) && f-1_0(j - K) == i
+ var jMinusK = Expression.CreateSubtract(Expression.CreateIdentExpr(j), bin.E1);
+ foreach (var val in InvertExpression(i, j, R, bin.E0)) {
+ yield return val.Subst(j, jMinusK, this);
+ }
+ } else if (!ContainsFreeVariable(bin.E0, false, i)) {
+ // We're looking at: R(i) && j == K + f(i)
+ // Do as in previous case, but with operands reversed.
+ var jMinusK = Expression.CreateSubtract(Expression.CreateIdentExpr(j), bin.E0);
+ foreach (var val in InvertExpression(i, j, R, bin.E1)) {
+ yield return val.Subst(j, jMinusK, this);
+ }
+ }
+ } else if (bin.ResolvedOp == BinaryExpr.ResolvedOpcode.Sub) {
+ if (!ContainsFreeVariable(bin.E1, false, i)) {
+ // We're looking at: R(i) && j == f(i) - K
+ // Recurse on f(i) and then replace j := j + K
+ var jPlusK = Expression.CreateAdd(Expression.CreateIdentExpr(j), bin.E1);
+ foreach (var val in InvertExpression(i, j, R, bin.E0)) {
+ yield return val.Subst(j, jPlusK, this);
+ }
+ } else if (!ContainsFreeVariable(bin.E0, false, i)) {
+ // We're looking at: R(i) && j == K - f(i)
+ // Recurse on f(i) and then replace j := K - j
+ var kMinusJ = Expression.CreateAdd(Expression.CreateIdentExpr(j), bin.E0);
+ foreach (var val in InvertExpression(i, j, R, bin.E1)) {
+ yield return val.Subst(j, kMinusJ, this);
+ }
+ }
+ }
+ } else if (F is ITEExpr) {
+ var ife = (ITEExpr)F;
+ // We're looking at R(i) && j == if A(i) then B(i) else C(i), which is equivalent to the disjunction of:
+ // R(i) && A(i) && j == B(i)
+ // R(i) && !A(i) && j == C(i)
+ // We recurse on each one, yielding the results
+ var r = Expression.CreateAnd(R, ife.Test);
+ var valsThen = InvertExpression(i, j, r, ife.Thn);
+ if (valsThen != null) {
+ r = Expression.CreateAnd(R, Expression.CreateNot(ife.tok, ife.Test));
+ var valsElse = InvertExpression(i, j, r, ife.Els);
+ if (valsElse != null) {
+ foreach (var val in valsThen) { yield return val; }
+ foreach (var val in valsElse) { yield return val; }
+ }
+ }
}
}
@@ -6164,16 +6403,17 @@ namespace Microsoft.Dafny { TrStmt_CheckWellformed(s.Range, definedness, locals, etran, false);
definedness.Add(new Bpl.AssumeCmd(s.Range.tok, etran.TrExpr(s.Range)));
- TrStmt(s.Body, definedness, locals, etran);
+ if (s.Body != null) {
+ TrStmt(s.Body, definedness, locals, etran);
- // check that postconditions hold
- foreach (var ens in s.Ens) {
- TrStmt_CheckWellformed(ens.E, definedness, locals, etran, false);
- if (!ens.IsFree) {
- bool splitHappened; // we actually don't care
- foreach (var split in TrSplitExpr(ens.E, etran, true, out splitHappened)) {
- if (split.IsChecked) {
- definedness.Add(Assert(split.E.tok, split.E, "possible violation of postcondition of forall statement"));
+ // check that postconditions hold
+ foreach (var ens in s.Ens) {
+ if (!ens.IsFree) {
+ bool splitHappened; // we actually don't care
+ foreach (var split in TrSplitExpr(ens.E, etran, true, out splitHappened)) {
+ if (split.IsChecked) {
+ definedness.Add(Assert(split.E.tok, split.E, "possible violation of postcondition of forall statement"));
+ }
}
}
}
@@ -8289,10 +8529,16 @@ namespace Microsoft.Dafny { } else if (expr is SeqDisplayExpr) {
SeqDisplayExpr e = (SeqDisplayExpr)expr;
Bpl.Expr s = translator.FunctionCall(expr.tok, BuiltinFunction.SeqEmpty, predef.BoxType);
- foreach (Expression ee in e.Elements) {
- Bpl.Expr elt = BoxIfNecessary(expr.tok, TrExpr(ee), cce.NonNull(ee.Type));
+ bool isLit = true;
+ foreach (Expression ee in e.Elements) {
+ var rawElement = TrExpr(ee);
+ isLit = isLit && translator.IsLit(rawElement);
+ Bpl.Expr elt = BoxIfNecessary(expr.tok, rawElement, ee.Type);
s = translator.FunctionCall(expr.tok, BuiltinFunction.SeqBuild, predef.BoxType, s, elt);
}
+ if (isLit) {
+ s = translator.Lit(s, predef.BoxType);
+ }
return s;
} else if (expr is MapDisplayExpr) {
@@ -8313,14 +8559,15 @@ namespace Microsoft.Dafny { Bpl.Expr result;
if (e.Field.IsMutable) {
result = ReadHeap(expr.tok, HeapExpr, obj, new Bpl.IdentifierExpr(expr.tok, translator.GetField(e.Field)));
- } else {
- result = new Bpl.NAryExpr(expr.tok, new Bpl.FunctionCall(translator.GetReadonlyField(e.Field)), new List<Bpl.Expr> { obj });
- if (translator.IsLit(obj)) {
- result = translator.Lit(result, translator.TrType(expr.Type));
- }
+ return translator.CondApplyUnbox(expr.tok, result, e.Field.Type, expr.Type);
+ } else {
+ result = new Bpl.NAryExpr(expr.tok, new Bpl.FunctionCall(translator.GetReadonlyField(e.Field)), new List<Bpl.Expr> { obj });
+ result = translator.CondApplyUnbox(expr.tok, result, e.Field.Type, expr.Type);
+ if (translator.IsLit(obj)) {
+ result = translator.Lit(result, translator.TrType(expr.Type));
+ }
+ return result;
}
- return translator.CondApplyUnbox(expr.tok, result, e.Field.Type, cce.NonNull(expr.Type));
-
} else if (expr is SeqSelectExpr) {
SeqSelectExpr e = (SeqSelectExpr)expr;
Bpl.Expr seq = TrExpr(e.Seq);
@@ -8366,13 +8613,20 @@ namespace Microsoft.Dafny { if (e.Seq.Type.IsArrayType) {
seq = translator.FunctionCall(expr.tok, BuiltinFunction.SeqFromArray, elType, HeapExpr, seq);
}
+ var isLit = translator.IsLit(seq);
if (e1 != null) {
+ isLit = isLit && translator.IsLit(e1);
seq = translator.FunctionCall(expr.tok, BuiltinFunction.SeqTake, elType, seq, e1);
}
if (e0 != null) {
+ isLit = isLit && translator.IsLit(e0);
seq = translator.FunctionCall(expr.tok, BuiltinFunction.SeqDrop, elType, seq, e0);
}
// if e0 == null && e1 == null, then we have the identity operation seq[..] == seq;
+ if (isLit && (e0 != null || e1 != null)) {
+ // Lit-lift the expression
+ seq = translator.Lit(seq, translator.TrType(expr.Type));
+ }
return seq;
}
@@ -8446,12 +8700,13 @@ namespace Microsoft.Dafny { var id = new Bpl.IdentifierExpr(e.tok, e.Function.FullSanitizedName, ty);
bool returnLit;
var args = FunctionInvocationArguments(e, layerArgument, out returnLit);
+
Expr result = new Bpl.NAryExpr(e.tok, new Bpl.FunctionCall(id), args);
+ result = translator.CondApplyUnbox(e.tok, result, e.Function.ResultType, e.Type);
if (returnLit && !translator.IsOpaqueFunction(e.Function)) {
result = translator.Lit(result, ty);
}
- return translator.CondApplyUnbox(e.tok, result, e.Function.ResultType, e.Type);
-
+ return result;
} else if (expr is DatatypeValue) {
DatatypeValue dtv = (DatatypeValue)expr;
Contract.Assert(dtv.Ctor != null); // since dtv has been successfully resolved
@@ -8465,7 +8720,7 @@ namespace Microsoft.Dafny { args.Add(translator.CondApplyBox(expr.tok, bArg, cce.NonNull(arg.Type), t));
}
Bpl.IdentifierExpr id = new Bpl.IdentifierExpr(dtv.tok, dtv.Ctor.FullName, predef.DatatypeType);
- Expr ret = new Bpl.NAryExpr(dtv.tok, new Bpl.FunctionCall(id), args);
+ Bpl.Expr ret = new Bpl.NAryExpr(dtv.tok, new Bpl.FunctionCall(id), args);
if (isLit) {
ret = translator.Lit(ret, predef.DatatypeType);
}
@@ -8621,13 +8876,13 @@ namespace Microsoft.Dafny { typ = Bpl.Type.Bool;
bOpcode = BinaryOperator.Opcode.Gt; break;
case BinaryExpr.ResolvedOpcode.Add:
- typ = Bpl.Type.Int;
+ typ = isReal ? Bpl.Type.Real : Bpl.Type.Int;
bOpcode = BinaryOperator.Opcode.Add; break;
case BinaryExpr.ResolvedOpcode.Sub:
- typ = Bpl.Type.Int;
+ typ = isReal ? Bpl.Type.Real : Bpl.Type.Int;
bOpcode = BinaryOperator.Opcode.Sub; break;
case BinaryExpr.ResolvedOpcode.Mul:
- typ = Bpl.Type.Int;
+ typ = isReal ? Bpl.Type.Real : Bpl.Type.Int;
bOpcode = BinaryOperator.Opcode.Mul; break;
case BinaryExpr.ResolvedOpcode.Div:
if (isReal) {
@@ -8862,9 +9117,9 @@ namespace Microsoft.Dafny { } else if (expr is ITEExpr) {
ITEExpr e = (ITEExpr)expr;
- Bpl.Expr g = translator.RemoveLit(TrExpr(e.Test));
- Bpl.Expr thn = translator.RemoveLit(TrExpr(e.Thn));
- Bpl.Expr els = translator.RemoveLit(TrExpr(e.Els));
+ var g = translator.RemoveLit(TrExpr(e.Test));
+ var thn = translator.RemoveLit(TrExpr(e.Thn));
+ var els = translator.RemoveLit(TrExpr(e.Els));
return new NAryExpr(expr.tok, new IfThenElse(expr.tok), new List<Bpl.Expr> { g, thn, els });
} else if (expr is MatchExpr) {
@@ -9032,6 +9287,24 @@ namespace Microsoft.Dafny { return translator.BoxIfNecessary(tok, e, fromType);
}
+ public static Bpl.NAryExpr ReadHeap(IToken tok, Expr heap, Expr r, Expr f) {
+ Contract.Requires(tok != null);
+ Contract.Requires(heap != null);
+ Contract.Requires(r != null);
+ Contract.Requires(f != null);
+ Contract.Ensures(Contract.Result<Bpl.NAryExpr>() != null);
+
+ List<Bpl.Expr> args = new List<Bpl.Expr>();
+ args.Add(heap);
+ args.Add(r);
+ args.Add(f);
+ Bpl.Type t = (f.Type != null) ? f.Type : f.ShallowType;
+ return new Bpl.NAryExpr(tok,
+ new Bpl.FunctionCall(new Bpl.IdentifierExpr(tok, "read", t.AsCtor.Arguments[0])),
+ args);
+ }
+
+
public static Bpl.NAryExpr UpdateHeap(IToken tok, Expr heap, Expr r, Expr f, Expr v) {
Contract.Requires(tok != null);
Contract.Requires(heap != null);
@@ -9193,8 +9466,10 @@ namespace Microsoft.Dafny { enum BuiltinFunction
{
Lit,
+ LitInt,
+ LitReal,
LayerSucc,
-
+
Is, IsBox,
IsAlloc, IsAllocBox,
@@ -9273,9 +9548,21 @@ namespace Microsoft.Dafny { }
Bpl.Expr Lit(Bpl.Expr expr, Bpl.Type typ) {
- return FunctionCall(expr.tok, BuiltinFunction.Lit, typ, expr);
+ Contract.Requires(expr != null);
+ Contract.Requires(typ != null);
+ // To avoid Boogie's int_2_U and U_2_int conversions, which seem to cause problems with
+ // arithmetic reasoning, we use several Lit functions. In particular, we use one for
+ // integers, one for reals, and one for everything else.
+ if (typ.IsInt) {
+ return FunctionCall(expr.tok, BuiltinFunction.LitInt, null, expr);
+ } else if (typ.IsReal) {
+ return FunctionCall(expr.tok, BuiltinFunction.LitReal, null, expr);
+ } else {
+ return FunctionCall(expr.tok, BuiltinFunction.Lit, typ, expr);
+ }
}
+
Bpl.Expr Lit(Bpl.Expr expr) {
return Lit(expr, expr.Type);
}
@@ -9283,19 +9570,20 @@ namespace Microsoft.Dafny { Bpl.Expr GetLit(Bpl.Expr expr) {
if (expr is NAryExpr) {
NAryExpr app = (NAryExpr)expr;
- if (app.Fun.FunctionName == "Lit") {
- return app.Args[0];
+ switch (app.Fun.FunctionName) {
+ case "LitInt":
+ case "LitReal":
+ case "Lit":
+ return app.Args[0];
+ default:
+ break;
}
}
return null;
}
Bpl.Expr RemoveLit(Bpl.Expr expr) {
- var e = GetLit(expr);
- if (e == null) {
- e = expr;
- }
- return e;
+ return GetLit(expr) ?? expr;
}
bool IsLit(Bpl.Expr expr) {
@@ -9311,6 +9599,14 @@ namespace Microsoft.Dafny { Contract.Ensures(Contract.Result<Bpl.NAryExpr>() != null);
switch (f) {
+ case BuiltinFunction.LitInt:
+ Contract.Assert(args.Length == 1);
+ Contract.Assert(typeInstantiation == null);
+ return FunctionCall(tok, "LitInt", Bpl.Type.Int, args);
+ case BuiltinFunction.LitReal:
+ Contract.Assert(args.Length == 1);
+ Contract.Assert(typeInstantiation == null);
+ return FunctionCall(tok, "LitReal", Bpl.Type.Real, args);
case BuiltinFunction.Lit:
Contract.Assert(args.Length == 1);
Contract.Assert(typeInstantiation != null);
@@ -10528,6 +10824,19 @@ namespace Microsoft.Dafny { }
}
+ /// <summary>
+ /// Returns an expression like "expr", but where free occurrences of "v" have been replaced by "e".
+ /// </summary>
+ public Expression Substitute(Expression expr, IVariable v, Expression e) {
+ Contract.Requires(expr != null);
+ Contract.Requires(v != null);
+ Contract.Requires(e != null);
+ Contract.Ensures(Contract.Result<Expression>() != null);
+ var substMap = new Dictionary<IVariable, Expression>();
+ substMap.Add(v, e);
+ return Substitute(expr, null, substMap);
+ }
+
public Expression Substitute(Expression expr, Expression receiverReplacement, Dictionary<IVariable, Expression/*!*/>/*!*/ substMap, Dictionary<TypeParameter, Type>/*?*/ typeMap = null) {
Contract.Requires(expr != null);
Contract.Requires(cce.NonNullDictionaryAndValues(substMap));
@@ -10836,7 +11145,7 @@ namespace Microsoft.Dafny { cases.Add(newCaseExpr);
}
if (anythingChanged) {
- var newME = new MatchExpr(expr.tok, src, cases);
+ var newME = new MatchExpr(expr.tok, src, cases, e.UsesOptionalBraces);
newME.MissingCases.AddRange(e.MissingCases);
newExpr = newME;
}
@@ -11133,7 +11442,7 @@ namespace Microsoft.Dafny { r = rr;
} else if (stmt is MatchStmt) {
var s = (MatchStmt)stmt;
- var rr = new MatchStmt(s.Tok, s.EndTok, Substitute(s.Source), s.Cases.ConvertAll(SubstMatchCaseStmt));
+ var rr = new MatchStmt(s.Tok, s.EndTok, Substitute(s.Source), s.Cases.ConvertAll(SubstMatchCaseStmt), s.UsesOptionalBraces);
rr.MissingCases.AddRange(s.MissingCases);
r = rr;
} else if (stmt is AssignSuchThatStmt) {
diff --git a/Source/DafnyDriver/DafnyDriver.cs b/Source/DafnyDriver/DafnyDriver.cs index 8f5b5300..01ee269e 100644 --- a/Source/DafnyDriver/DafnyDriver.cs +++ b/Source/DafnyDriver/DafnyDriver.cs @@ -99,7 +99,7 @@ namespace Microsoft.Dafny }
- static ExitValue ProcessFiles(List<string/*!*/>/*!*/ fileNames)
+ static ExitValue ProcessFiles(List<string/*!*/>/*!*/ fileNames, bool lookForSnapshots = true)
{
Contract.Requires(cce.NonNullElements(fileNames));
@@ -110,7 +110,21 @@ namespace Microsoft.Dafny {
Console.WriteLine();
Console.WriteLine("-------------------- {0} --------------------", f);
- var ev = ProcessFiles(new List<string> { f });
+ var ev = ProcessFiles(new List<string> { f }, lookForSnapshots);
+ if (exitValue != ev && ev != ExitValue.VERIFIED)
+ {
+ exitValue = ev;
+ }
+ }
+ return exitValue;
+ }
+
+ if (0 < CommandLineOptions.Clo.VerifySnapshots && lookForSnapshots)
+ {
+ var snapshotsByVersion = ExecutionEngine.LookForSnapshots(fileNames);
+ foreach (var s in snapshotsByVersion)
+ {
+ var ev = ProcessFiles(new List<string>(s), false);
if (exitValue != ev && ev != ExitValue.VERIFIED)
{
exitValue = ev;
@@ -213,7 +227,7 @@ namespace Microsoft.Dafny ExecutionEngine.CollectModSets(program);
ExecutionEngine.CoalesceBlocks(program);
ExecutionEngine.Inline(program);
- return ExecutionEngine.InferAndVerify(program, stats);
+ return ExecutionEngine.InferAndVerify(program, stats, 1 < Dafny.DafnyOptions.Clo.VerifySnapshots ? "main_program_id" : null);
default:
Contract.Assert(false); throw new cce.UnreachableException(); // unexpected outcome
diff --git a/Source/DafnyDriver/DafnyDriver.csproj b/Source/DafnyDriver/DafnyDriver.csproj index 631b0194..cf664364 100644 --- a/Source/DafnyDriver/DafnyDriver.csproj +++ b/Source/DafnyDriver/DafnyDriver.csproj @@ -20,7 +20,7 @@ <OldToolsVersion>3.5</OldToolsVersion>
<UpgradeBackupLocation />
<IsWebBootstrapper>false</IsWebBootstrapper>
- <TargetFrameworkProfile>Client</TargetFrameworkProfile>
+ <TargetFrameworkProfile></TargetFrameworkProfile>
<PublishUrl>publish\</PublishUrl>
<Install>true</Install>
<InstallFrom>Disk</InstallFrom>
diff --git a/Source/DafnyExtension/DafnyDriver.cs b/Source/DafnyExtension/DafnyDriver.cs index f4eb4fb7..ea21f12b 100644 --- a/Source/DafnyExtension/DafnyDriver.cs +++ b/Source/DafnyExtension/DafnyDriver.cs @@ -45,7 +45,7 @@ namespace DafnyLanguage ExecutionEngine.printer = new DummyPrinter();
ExecutionEngine.errorInformationFactory = new DafnyErrorInformationFactory();
- ToggleIncrementalVerification();
+ ChangeIncrementalVerification(1);
}
}
@@ -215,11 +215,30 @@ namespace DafnyLanguage }
}
- public static bool ToggleIncrementalVerification()
+ public static int IncrementalVerificationMode()
{
- // TODO(wuestholz): Change this once there are more than two options.
- Dafny.DafnyOptions.Clo.VerifySnapshots = (Dafny.DafnyOptions.Clo.VerifySnapshots + 1) % 2;
- return 0 < Dafny.DafnyOptions.Clo.VerifySnapshots;
+ return Dafny.DafnyOptions.Clo.VerifySnapshots;
+ }
+
+ public static int ChangeIncrementalVerification(int mode)
+ {
+ var old = Dafny.DafnyOptions.Clo.VerifySnapshots;
+ if (mode == 1 && old != 0)
+ {
+ // Disable mode 1.
+ Dafny.DafnyOptions.Clo.VerifySnapshots = 0;
+ }
+ else if (mode == 2 && old == 2)
+ {
+ // Disable mode 2.
+ Dafny.DafnyOptions.Clo.VerifySnapshots = 1;
+ }
+ else
+ {
+ // Enable mode.
+ Dafny.DafnyOptions.Clo.VerifySnapshots = mode;
+ }
+ return Dafny.DafnyOptions.Clo.VerifySnapshots;
}
public static bool Verify(Dafny.Program dafnyProgram, ResolverTagger resolver, string uniqueIdPrefix, string requestId, ErrorReporterDelegate er) {
@@ -230,7 +249,8 @@ namespace DafnyLanguage resolver.ReInitializeVerificationErrors(requestId, boogieProgram.TopLevelDeclarations);
- PipelineOutcome oc = BoogiePipeline(boogieProgram, requestId, er);
+ // TODO(wuestholz): Maybe we should use a fixed program ID to limit the memory overhead due to the program cache in Boogie.
+ PipelineOutcome oc = BoogiePipeline(boogieProgram, 1 < Dafny.DafnyOptions.Clo.VerifySnapshots ? uniqueIdPrefix : null, requestId, er);
switch (oc) {
case PipelineOutcome.Done:
case PipelineOutcome.VerificationCompleted:
@@ -248,7 +268,7 @@ namespace DafnyLanguage /// else. Hence, any resolution errors and type checking errors are due to errors in
/// the translation.
/// </summary>
- static PipelineOutcome BoogiePipeline(Bpl.Program/*!*/ program, string requestId, ErrorReporterDelegate er)
+ static PipelineOutcome BoogiePipeline(Bpl.Program/*!*/ program, string programId, string requestId, ErrorReporterDelegate er)
{
Contract.Requires(program != null);
@@ -257,8 +277,8 @@ namespace DafnyLanguage ExecutionEngine.EliminateDeadVariables(program);
ExecutionEngine.CollectModSets(program);
ExecutionEngine.CoalesceBlocks(program);
- ExecutionEngine.Inline(program);
- return ExecutionEngine.InferAndVerify(program, new PipelineStatistics(), er, requestId);
+ ExecutionEngine.Inline(program);
+ return ExecutionEngine.InferAndVerify(program, new PipelineStatistics(), programId, er, requestId);
}
return oc;
}
diff --git a/Source/DafnyExtension/MenuProxy.cs b/Source/DafnyExtension/MenuProxy.cs index a67ba602..11e1287f 100644 --- a/Source/DafnyExtension/MenuProxy.cs +++ b/Source/DafnyExtension/MenuProxy.cs @@ -17,9 +17,20 @@ namespace DafnyLanguage this.DafnyMenuPackage = DafnyMenuPackage;
}
- public bool ToggleSnapshotVerification(IWpfTextView activeTextView)
+ public int ToggleSnapshotVerification(IWpfTextView activeTextView)
{
- return DafnyDriver.ToggleIncrementalVerification();
+ return DafnyDriver.ChangeIncrementalVerification(1);
+ }
+
+ public int ToggleMoreAdvancedSnapshotVerification(IWpfTextView activeTextView)
+ {
+ return DafnyDriver.ChangeIncrementalVerification(2);
+ }
+
+ public bool MoreAdvancedSnapshotVerificationCommandEnabled(IWpfTextView activeTextView)
+ {
+ return activeTextView != null
+ && 0 < DafnyDriver.IncrementalVerificationMode();
}
public bool StopVerifierCommandEnabled(IWpfTextView activeTextView)
diff --git a/Source/DafnyExtension/TokenTagger.cs b/Source/DafnyExtension/TokenTagger.cs index 48f5d1b4..5068354a 100644 --- a/Source/DafnyExtension/TokenTagger.cs +++ b/Source/DafnyExtension/TokenTagger.cs @@ -5,6 +5,7 @@ using System.Linq; using Microsoft.VisualStudio.Text;
using Microsoft.VisualStudio.Text.Tagging;
using Microsoft.VisualStudio.Utilities;
+using System.Diagnostics.Contracts;
namespace DafnyLanguage
@@ -69,11 +70,12 @@ namespace DafnyLanguage }
}
- internal sealed class DafnyTokenTagger : ITagger<DafnyTokenTag>
+ internal sealed class DafnyTokenTagger : ITagger<DafnyTokenTag>, IDisposable
{
ITextBuffer _buffer;
ITextSnapshot _snapshot;
List<TokenRegion> _regions;
+ bool _disposed;
internal DafnyTokenTagger(ITextBuffer buffer) {
_buffer = buffer;
@@ -83,6 +85,19 @@ namespace DafnyLanguage _buffer.Changed += new EventHandler<TextContentChangedEventArgs>(ReparseFile);
}
+ public void Dispose() {
+ lock (this) {
+ if (!_disposed) {
+ _buffer.Changed -= ReparseFile;
+ _buffer = null;
+ _snapshot = null;
+ _regions = null;
+ _disposed = true;
+ }
+ }
+ GC.SuppressFinalize(this);
+ }
+
public event EventHandler<SnapshotSpanEventArgs> TagsChanged;
public IEnumerable<ITagSpan<DafnyTokenTag>> GetTags(NormalizedSnapshotSpanCollection spans) {
@@ -148,20 +163,24 @@ namespace DafnyLanguage private static List<TokenRegion> Rescan(ITextSnapshot newSnapshot) {
List<TokenRegion> newRegions = new List<TokenRegion>();
- bool stillScanningLongComment = false;
- SnapshotPoint commentStart = new SnapshotPoint(); // used only when stillScanningLongComment
- SnapshotPoint commentEndAsWeKnowIt = new SnapshotPoint(); // used only when stillScanningLongComment
+ int longCommentDepth = 0;
+ SnapshotPoint commentStart = new SnapshotPoint(); // used only when longCommentDepth != 0
+ SnapshotPoint commentEndAsWeKnowIt = new SnapshotPoint(); // used only when longCommentDepth != 0
foreach (ITextSnapshotLine line in newSnapshot.Lines) {
string txt = line.GetText(); // the current line (without linebreak characters)
int N = txt.Length; // length of the current line
int cur = 0; // offset into the current line
- if (stillScanningLongComment) {
- if (ScanForEndOfComment(txt, ref cur)) {
+ if (longCommentDepth != 0) {
+ ScanForEndOfComment(txt, ref longCommentDepth, ref cur);
+ if (longCommentDepth == 0) {
+ // we just finished parsing a long comment
newRegions.Add(new TokenRegion(commentStart, new SnapshotPoint(newSnapshot, line.Start + cur), DafnyTokenKind.Comment));
- stillScanningLongComment = false;
} else {
+ // we're still parsing the long comment
+ Contract.Assert(cur == txt.Length);
commentEndAsWeKnowIt = new SnapshotPoint(newSnapshot, line.Start + cur);
+ goto OUTER_CONTINUE;
}
}
@@ -179,9 +198,9 @@ namespace DafnyLanguage if ('a' <= ch && ch <= 'z') break;
if ('A' <= ch && ch <= 'Z') break;
if ('0' <= ch && ch <= '9') { ty = DafnyTokenKind.Number; break; }
+ if (ch == '\'' || ch == '_' || ch == '?' || ch == '\\') break; // parts of identifiers
if (ch == '"') { ty = DafnyTokenKind.String; break; }
if (ch == '/') { ty = DafnyTokenKind.Comment; break; }
- if (ch == '\'' || ch == '_' || ch == '?' || ch == '\\') break; // parts of identifiers
}
// advance to the end of the token
@@ -211,7 +230,7 @@ namespace DafnyLanguage }
}
} else if (ty == DafnyTokenKind.Comment) {
- if (end == N) continue; // this was not the start of a comment
+ if (end == N) continue; // this was not the start of a comment; it was just a single "/" and we don't care to color it
char ch = txt[end];
if (ch == '/') {
// a short comment
@@ -220,15 +239,18 @@ namespace DafnyLanguage // a long comment; find the matching "*/"
end++;
commentStart = new SnapshotPoint(newSnapshot, line.Start + cur);
- if (ScanForEndOfComment(txt, ref end)) {
+ Contract.Assert(longCommentDepth == 0);
+ longCommentDepth = 1;
+ ScanForEndOfComment(txt, ref longCommentDepth, ref end);
+ if (longCommentDepth == 0) {
+ // we finished scanning a long comment, and "end" is set to right after it
newRegions.Add(new TokenRegion(commentStart, new SnapshotPoint(newSnapshot, line.Start + end), DafnyTokenKind.Comment));
} else {
- stillScanningLongComment = true;
commentEndAsWeKnowIt = new SnapshotPoint(newSnapshot, line.Start + end);
}
continue;
} else {
- // not a comment
+ // not a comment; it was just a single "/" and we don't care to color it
continue;
}
} else {
@@ -322,7 +344,7 @@ namespace DafnyLanguage #endregion
break;
default:
- continue; // it was an identifier
+ continue; // it was an identifier, so we don't color it
}
}
}
@@ -332,26 +354,40 @@ namespace DafnyLanguage OUTER_CONTINUE: ;
}
- if (stillScanningLongComment) {
+ if (longCommentDepth != 0) {
+ // This was a malformed comment, running to the end of the buffer. Above, we let "commentEndAsWeKnowIt" be the end of the
+ // last line, so we can use it here.
newRegions.Add(new TokenRegion(commentStart, commentEndAsWeKnowIt, DafnyTokenKind.Comment));
}
return newRegions;
}
- private static bool ScanForEndOfComment(string txt, ref int end) {
- int N = txt.Length;
- for (; end < N; end++) {
+ /// <summary>
+ /// Scans "txt" beginning with depth "depth", which is assumed to be non-0. Any occurrences of "/*" or "*/"
+ /// increment or decrement "depth". If "depth" ever reaches 0, then "end" returns as the number of characters
+ /// consumed from "txt" (including the last "*/"). If "depth" is still non-0 when the entire "txt" has
+ /// been consumed, then "end" returns as the length of "txt". (Note, "end" may return as the length of "txt"
+ /// if "depth" is still non-0 or if "depth" became 0 from reading the last characters of "txt".)
+ /// </summary>
+ private static void ScanForEndOfComment(string txt, ref int depth, ref int end) {
+ Contract.Requires(depth > 0);
+
+ int Nminus1 = txt.Length - 1; // no reason ever to look at the last character of the line, unless the second-to-last character is '*' or '/'
+ for (; end < Nminus1; ) {
char ch = txt[end];
- if (ch == '*' && end + 1 < N) {
- ch = txt[end + 1];
- if (ch == '/') {
- end += 2;
- return true;
- }
+ if (ch == '*' && txt[end + 1] == '/') {
+ end += 2;
+ depth--;
+ if (depth == 0) { return; }
+ } else if (ch == '/' && txt[end + 1] == '*') {
+ end += 2;
+ depth++;
+ } else {
+ end++;
}
}
- return false; // hit end-of-line without finding end-of-comment
+ end = txt.Length; // we didn't look at the last character, but we still consumed all the output
}
}
diff --git a/Source/DafnyExtension/source.extension.vsixmanifest b/Source/DafnyExtension/source.extension.vsixmanifest index 3b2316b9..f4f66193 100644 --- a/Source/DafnyExtension/source.extension.vsixmanifest +++ b/Source/DafnyExtension/source.extension.vsixmanifest @@ -6,7 +6,7 @@ <Description xml:space="preserve">This is a language mode for using the Dafny language inside Visual Studio.</Description>
</Metadata>
<Installation InstalledByMsi="false">
- <InstallationTarget Version="[11.0,12.0)" Id="Microsoft.VisualStudio.Pro" />
+ <InstallationTarget Version="[11.0,13.0)" Id="Microsoft.VisualStudio.Pro" />
</Installation>
<Dependencies>
<Dependency Id="Microsoft.Framework.NDP" DisplayName="Microsoft .NET Framework" d:Source="Manual" Version="4.5" />
diff --git a/Source/DafnyMenu/DafnyMenu.vsct b/Source/DafnyMenu/DafnyMenu.vsct index 0e8c7855..813ccd23 100644 --- a/Source/DafnyMenu/DafnyMenu.vsct +++ b/Source/DafnyMenu/DafnyMenu.vsct @@ -103,6 +103,16 @@ </Strings>
</Button>
+ <Button guid="guidDafnyMenuCmdSet" id="cmdidToggleMoreAdvancedSnapshotVerification" priority="0x0105" type="Button">
+ <Parent guid="guidDafnyMenuCmdSet" id="DafnyMenuGroup" />
+ <CommandFlag>DefaultInvisible</CommandFlag>
+ <CommandFlag>DynamicVisibility</CommandFlag>
+ <CommandFlag>TextChanges</CommandFlag>
+ <Strings>
+ <ButtonText>Enable more advanced on-demand re-verification</ButtonText>
+ </Strings>
+ </Button>
+
<Button guid="guidDafnyMenuCmdSet" id="cmdidToggleBVD" priority="0x010a" type="Button">
<Parent guid="guidDafnyMenuCmdSet" id="DafnyMenuGroup" />
<CommandFlag>DynamicVisibility</CommandFlag>
@@ -144,6 +154,7 @@ <IDSymbol name="cmdidStopVerifier" value="0x0102" />
<IDSymbol name="cmdidToggleSnapshotVerification" value="0x0103" />
<IDSymbol name="cmdidToggleBVD" value="0x0104" />
+ <IDSymbol name="cmdidToggleMoreAdvancedSnapshotVerification" value="0x0105" />
</GuidSymbol>
<!--
diff --git a/Source/DafnyMenu/DafnyMenuPackage.cs b/Source/DafnyMenu/DafnyMenuPackage.cs index 114ddf10..58bf2a26 100644 --- a/Source/DafnyMenu/DafnyMenuPackage.cs +++ b/Source/DafnyMenu/DafnyMenuPackage.cs @@ -19,7 +19,13 @@ namespace DafnyLanguage.DafnyMenu public interface IMenuProxy
{
- bool ToggleSnapshotVerification(IWpfTextView activeTextView);
+ int ToggleSnapshotVerification(IWpfTextView activeTextView);
+
+
+ int ToggleMoreAdvancedSnapshotVerification(IWpfTextView activeTextView);
+
+
+ bool MoreAdvancedSnapshotVerificationCommandEnabled(IWpfTextView activeTextView);
bool StopVerifierCommandEnabled(IWpfTextView activeTextView);
@@ -80,6 +86,7 @@ namespace DafnyLanguage.DafnyMenu private OleMenuCommand runVerifierCommand;
private OleMenuCommand stopVerifierCommand;
private OleMenuCommand toggleSnapshotVerificationCommand;
+ private OleMenuCommand toggleMoreAdvancedSnapshotVerificationCommand;
private OleMenuCommand toggleBVDCommand;
bool BVDDisabled;
@@ -138,6 +145,11 @@ namespace DafnyLanguage.DafnyMenu toggleSnapshotVerificationCommand = new OleMenuCommand(ToggleSnapshotVerificationCallback, toggleSnapshotVerificationCommandID);
mcs.AddCommand(toggleSnapshotVerificationCommand);
+ var toggleMoreAdvancedSnapshotVerificationCommandID = new CommandID(GuidList.guidDafnyMenuCmdSet, (int)PkgCmdIDList.cmdidToggleMoreAdvancedSnapshotVerification);
+ toggleMoreAdvancedSnapshotVerificationCommand = new OleMenuCommand(ToggleMoreAdvancedSnapshotVerificationCallback, toggleMoreAdvancedSnapshotVerificationCommandID);
+ toggleMoreAdvancedSnapshotVerificationCommand.BeforeQueryStatus += toggleMoreAdvancedSnapshotVerificationCommand_BeforeQueryStatus;
+ mcs.AddCommand(toggleMoreAdvancedSnapshotVerificationCommand);
+
var showErrorModelCommandID = new CommandID(GuidList.guidDafnyMenuCmdSet, (int)PkgCmdIDList.cmdidToggleBVD);
toggleBVDCommand = new OleMenuCommand(ToggleBVDCallback, showErrorModelCommandID);
toggleBVDCommand.Enabled = true;
@@ -191,8 +203,20 @@ namespace DafnyLanguage.DafnyMenu var atv = ActiveTextView;
if (MenuProxy != null && atv != null)
{
- var on = MenuProxy.ToggleSnapshotVerification(atv);
- toggleSnapshotVerificationCommand.Text = (on ? "Disable" : "Enable") + " on-demand re-verification";
+ var mode = MenuProxy.ToggleSnapshotVerification(atv);
+ toggleSnapshotVerificationCommand.Text = (mode == 1 ? "Disable" : "Enable") + " on-demand re-verification";
+ toggleMoreAdvancedSnapshotVerificationCommand.Text = (mode == 2 ? "Disable" : "Enable") + " more advanced on-demand re-verification";
+ }
+ }
+
+ void ToggleMoreAdvancedSnapshotVerificationCallback(object sender, EventArgs e)
+ {
+ var atv = ActiveTextView;
+ if (MenuProxy != null && atv != null)
+ {
+ var mode = MenuProxy.ToggleMoreAdvancedSnapshotVerification(atv);
+ toggleSnapshotVerificationCommand.Text = (mode != 0 ? "Disable" : "Enable") + " on-demand re-verification";
+ toggleMoreAdvancedSnapshotVerificationCommand.Text = (mode == 2 ? "Disable" : "Enable") + " more advanced on-demand re-verification";
}
}
@@ -276,6 +300,16 @@ namespace DafnyLanguage.DafnyMenu }
}
+ private void toggleMoreAdvancedSnapshotVerificationCommand_BeforeQueryStatus(object sender, EventArgs e)
+ {
+ var atv = ActiveTextView;
+ if (MenuProxy != null && atv != null)
+ {
+ var visible = MenuProxy.MoreAdvancedSnapshotVerificationCommandEnabled(atv);
+ toggleMoreAdvancedSnapshotVerificationCommand.Visible = visible;
+ }
+ }
+
void ToggleBVDCallback(object sender, EventArgs e)
{
BVDDisabled = !BVDDisabled;
diff --git a/Source/DafnyMenu/PkgCmdID.cs b/Source/DafnyMenu/PkgCmdID.cs index f3452cb9..b6f30145 100644 --- a/Source/DafnyMenu/PkgCmdID.cs +++ b/Source/DafnyMenu/PkgCmdID.cs @@ -12,5 +12,6 @@ namespace DafnyLanguage.DafnyMenu public const uint cmdidMenu = 0x1021;
public static uint cmdidToggleSnapshotVerification = 0x103;
public const uint cmdidToggleBVD = 0x104;
+ public static uint cmdidToggleMoreAdvancedSnapshotVerification = 0x105;
};
}
\ No newline at end of file diff --git a/Source/DafnyMenu/source.extension.vsixmanifest b/Source/DafnyMenu/source.extension.vsixmanifest index 508078d4..7beeb69e 100644 --- a/Source/DafnyMenu/source.extension.vsixmanifest +++ b/Source/DafnyMenu/source.extension.vsixmanifest @@ -6,7 +6,7 @@ <Description xml:space="preserve">This is a menu for interacting with Dafny.</Description>
</Metadata>
<Installation InstalledByMsi="false">
- <InstallationTarget Version="[11.0,12.0)" Id="Microsoft.VisualStudio.Pro" />
+ <InstallationTarget Version="[11.0,13.0)" Id="Microsoft.VisualStudio.Pro" />
</Installation>
<Dependencies>
<Dependency Id="Microsoft.Framework.NDP" DisplayName="Microsoft .NET Framework" d:Source="Manual" Version="4.5" />
diff --git a/Test/Makefile b/Test/Makefile deleted file mode 100644 index 6e02aed0..00000000 --- a/Test/Makefile +++ /dev/null @@ -1,17 +0,0 @@ -TESTS_FILE = alltests.txt -LONG = $(shell awk '{ if (tolower($$2) ~ /^long$$/) print $$1 }' $(TESTS_FILE)) -NORMAL = $(shell awk '{ if (tolower($$2) ~ /^use$$/) print $$1 }' $(TESTS_FILE)) -TESTS = $(NORMAL) - -all: dafny - -dafny: $(addprefix rundfy-, $(TESTS)) - -rundfy-%: - @cmd /c "runtest.bat $* $(FLAGS)" || : - -long: - $(MAKE) TESTS="$(NORMAL) $(LONG)" all - -show: - @echo $(TESTS) diff --git a/Test/VSComp2010/Answer b/Test/VSComp2010/Answer deleted file mode 100644 index ff491aa5..00000000 --- a/Test/VSComp2010/Answer +++ /dev/null @@ -1,20 +0,0 @@ - --------------------- Problem1-SumMax.dfy --------------------
-
-Dafny program verifier finished with 4 verified, 0 errors
- --------------------- Problem2-Invert.dfy --------------------
-
-Dafny program verifier finished with 7 verified, 0 errors
- --------------------- Problem3-FindZero.dfy --------------------
-
-Dafny program verifier finished with 7 verified, 0 errors
- --------------------- Problem4-Queens.dfy --------------------
-
-Dafny program verifier finished with 9 verified, 0 errors
- --------------------- Problem5-DoubleEndedQueue.dfy --------------------
-
-Dafny program verifier finished with 21 verified, 0 errors
diff --git a/Test/VSComp2010/runtest.bat b/Test/VSComp2010/runtest.bat deleted file mode 100644 index 2cfcdafb..00000000 --- a/Test/VSComp2010/runtest.bat +++ /dev/null @@ -1,15 +0,0 @@ -@echo off
-setlocal
-
-set BINARIES=..\..\Binaries
-set DAFNY_EXE=%BINARIES%\Dafny.exe
-
-%DAFNY_EXE% /compile:0 /verifySeparately %* Problem1-SumMax.dfy Problem2-Invert.dfy Problem3-FindZero.dfy Problem4-Queens.dfy Problem5-DoubleEndedQueue.dfy
-
-rem for %%f in (Problem1-SumMax.dfy Problem2-Invert.dfy
-rem Problem3-FindZero.dfy Problem4-Queens.dfy
-rem Problem5-DoubleEndedQueue.dfy) do (
-rem echo.
-rem echo -------------------- %%f --------------------
-rem %DAFNY_EXE% /compile:0 %* %%f
-rem )
diff --git a/Test/VSI-Benchmarks/Answer b/Test/VSI-Benchmarks/Answer deleted file mode 100644 index 2a4587f4..00000000 --- a/Test/VSI-Benchmarks/Answer +++ /dev/null @@ -1,32 +0,0 @@ -
--------------------- b1.dfy --------------------
-
-Dafny program verifier finished with 10 verified, 0 errors
-
--------------------- b2.dfy --------------------
-
-Dafny program verifier finished with 6 verified, 0 errors
-
--------------------- b3.dfy --------------------
-
-Dafny program verifier finished with 10 verified, 0 errors
-
--------------------- b4.dfy --------------------
-
-Dafny program verifier finished with 11 verified, 0 errors
-
--------------------- b5.dfy --------------------
-
-Dafny program verifier finished with 22 verified, 0 errors
-
--------------------- b6.dfy --------------------
-
-Dafny program verifier finished with 21 verified, 0 errors
-
--------------------- b7.dfy --------------------
-
-Dafny program verifier finished with 23 verified, 0 errors
-
--------------------- b8.dfy --------------------
-
-Dafny program verifier finished with 42 verified, 0 errors
diff --git a/Test/VSI-Benchmarks/runtest.bat b/Test/VSI-Benchmarks/runtest.bat deleted file mode 100644 index f950cf2a..00000000 --- a/Test/VSI-Benchmarks/runtest.bat +++ /dev/null @@ -1,13 +0,0 @@ -@echo off
-setlocal
-
-set BINARIES=..\..\Binaries
-set DAFNY_EXE=%BINARIES%\Dafny.exe
-
-%DAFNY_EXE% /compile:0 /verifySeparately %* b1.dfy b2.dfy b3.dfy b4.dfy b5.dfy b6.dfy b7.dfy b8.dfy
-
-rem for %%f in (b1.dfy b2.dfy b3.dfy b4.dfy b5.dfy b6.dfy b7.dfy b8.dfy) do (
-rem echo.
-rem echo -------------------- %%f --------------------
-rem %DAFNY_EXE% /compile:0 %* %%f
-rem )
diff --git a/Test/alltests.txt b/Test/alltests.txt deleted file mode 100644 index c586a561..00000000 --- a/Test/alltests.txt +++ /dev/null @@ -1,10 +0,0 @@ -dafny0 Use Dafny functionality tests
-dafny1 Use Various Dafny examples
-dafny2 Use More Dafny examples
-dafny3 Use And more Dafny examples
-dafny4 Use More, more, more!
-cloudmake Use CloudMake formalization and proofs
-VSI-Benchmarks Use Solutions to Verified Software Initiative verification challenges
-vacid0 Use Dafny attempts to VACID Edition 0 benchmarks
-vstte2012 Use Dafny solutions for the VSTTE 2012 program verification competition
-VSComp2010 Use Dafny solutions to VSComp (verified software competition) problems
diff --git a/Test/cloudmake/Answer b/Test/cloudmake/Answer deleted file mode 100644 index 3758853e..00000000 --- a/Test/cloudmake/Answer +++ /dev/null @@ -1,12 +0,0 @@ -
--------------------- CloudMake-ParallelBuilds.dfy --------------------
-
-Dafny program verifier finished with 244 verified, 0 errors
-
--------------------- CloudMake-CachedBuilds.dfy --------------------
-
-Dafny program verifier finished with 104 verified, 0 errors
-
--------------------- CloudMake-ConsistentBuilds.dfy --------------------
-
-Dafny program verifier finished with 59 verified, 0 errors
diff --git a/Test/cloudmake/runtest.bat b/Test/cloudmake/runtest.bat deleted file mode 100644 index 8fc7ccbb..00000000 --- a/Test/cloudmake/runtest.bat +++ /dev/null @@ -1,7 +0,0 @@ -@echo off
-setlocal
-
-set BINARIES=..\..\Binaries
-set DAFNY_EXE=%BINARIES%\Dafny.exe
-
-%DAFNY_EXE% /compile:0 /verifySeparately /dprint:out.dfy.tmp %* CloudMake-ParallelBuilds.dfy CloudMake-CachedBuilds.dfy CloudMake-ConsistentBuilds.dfy
diff --git a/Test/dafny0/Answer b/Test/dafny0/Answer deleted file mode 100644 index c15049ba..00000000 --- a/Test/dafny0/Answer +++ /dev/null @@ -1,2609 +0,0 @@ -
--------------------- Simple.dfy --------------------
-// Simple.dfy
-
-class MyClass<T, U> {
- var x: int;
-
- method M(s: bool, lotsaObjects: set<object>)
- returns (t: object, u: set<int>, v: seq<MyClass<bool,U>>)
- requires s;
- modifies this, lotsaObjects;
- ensures t == t;
- ensures old(null) != this;
- {
- x := 12;
- while x < 100
- invariant x <= 100;
- {
- x := x + 17;
- if x % 20 == 3 {
- x := this.x + 1;
- } else {
- this.x := x + 0;
- }
- t, u, v := M(true, lotsaObjects);
- var to: MyClass<T,U>;
- to, u, v := this.M(true, lotsaObjects);
- to, u, v := to.M(true, lotsaObjects);
- assert v[x] != null ==> null !in v[2 .. x][1..][5 := v[this.x]][..10];
- }
- }
-
- function F(x: int, y: int, h: WildData, k: WildData): WildData
- {
- if x < 0 then
- h
- else if x == 0 then
- if if h == k then true else false then
- h
- else if y == 0 then
- k
- else
- h
- else
- k
- }
-}
-
-datatype List<T> = Nil | Cons(T, List<T>)
-
-datatype WildData = Something | JustAboutAnything(bool, myName: set<int>, int, WildData) | More(List<int>)
-
-class C {
- var w: WildData;
- var list: List<bool>;
-}
-
-lemma M(x: int)
- ensures x < 8;
-{
-}
-
-colemma M'(x': int)
- ensures true;
-{
-}
-
-Dafny program verifier finished with 0 verified, 0 errors
-
--------------------- TypeTests.dfy --------------------
-TypeTests.dfy(7,13): Error: incorrect type of function argument 0 (expected C, got D)
-TypeTests.dfy(7,13): Error: incorrect type of function argument 1 (expected D, got C)
-TypeTests.dfy(8,13): Error: incorrect type of function argument 0 (expected C, got int)
-TypeTests.dfy(8,13): Error: incorrect type of function argument 1 (expected D, got int)
-TypeTests.dfy(14,15): Error: incorrect type of method in-parameter 0 (expected int, got bool)
-TypeTests.dfy(15,11): Error: incorrect type of method out-parameter 0 (expected int, got C)
-TypeTests.dfy(15,11): Error: incorrect type of method out-parameter 1 (expected C, got int)
-TypeTests.dfy(47,9): Error: Assignment to array element is not allowed in this context (because this is a ghost method or because the statement is guarded by a specification-only expression)
-TypeTests.dfy(56,6): Error: Duplicate local-variable name: z
-TypeTests.dfy(58,6): Error: Duplicate local-variable name: x
-TypeTests.dfy(61,8): Error: Duplicate local-variable name: x
-TypeTests.dfy(64,6): Error: Duplicate local-variable name: y
-TypeTests.dfy(70,11): Error: unresolved identifier: x
-TypeTests.dfy(72,28): Error: unresolved identifier: z
-TypeTests.dfy(73,29): Error: unresolved identifier: w1
-TypeTests.dfy(73,47): Error: unresolved identifier: w0
-TypeTests.dfy(76,28): Error: unresolved identifier: e
-TypeTests.dfy(91,17): Error: member F in type C does not refer to a method
-TypeTests.dfy(92,17): Error: a method called as an initialization method must not have any result arguments
-TypeTests.dfy(101,3): Error: cannot assign to a range of array elements (try the 'forall' statement)
-TypeTests.dfy(102,3): Error: cannot assign to a range of array elements (try the 'forall' statement)
-TypeTests.dfy(103,3): Error: cannot assign to a range of array elements (try the 'forall' statement)
-TypeTests.dfy(105,3): Error: cannot assign to a range of array elements (try the 'forall' statement)
-TypeTests.dfy(106,3): Error: cannot assign to a range of array elements (try the 'forall' statement)
-TypeTests.dfy(107,3): Error: cannot assign to a range of array elements (try the 'forall' statement)
-TypeTests.dfy(113,6): Error: sorry, cannot instantiate collection type with a subrange type
-TypeTests.dfy(114,9): Error: sorry, cannot instantiate type parameter with a subrange type
-TypeTests.dfy(115,8): Error: sorry, cannot instantiate 'array' type with a subrange type
-TypeTests.dfy(116,8): Error: sorry, cannot instantiate 'array' type with a subrange type
-TypeTests.dfy(128,15): Error: ghost variables are allowed only in specification contexts
-TypeTests.dfy(138,4): Error: cannot assign to non-ghost variable in a ghost context
-TypeTests.dfy(139,7): Error: cannot assign to non-ghost variable in a ghost context
-TypeTests.dfy(21,9): Error: because of cyclic dependencies among constructor argument types, no instances of datatype 'NeverendingList' can be constructed
-33 resolution/type errors detected in TypeTests.dfy
-
--------------------- NatTypes.dfy --------------------
-NatTypes.dfy(10,5): Error: value assigned to a nat must be non-negative
-Execution trace:
- (0,0): anon0
-NatTypes.dfy(34,10): Error: value assigned to a nat must be non-negative
-Execution trace:
- (0,0): anon0
- NatTypes.dfy(22,3): anon10_LoopHead
- (0,0): anon10_LoopBody
- NatTypes.dfy(22,3): anon11_Else
- (0,0): anon12_Then
-NatTypes.dfy(41,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon4_Then
-NatTypes.dfy(43,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon4_Then
-NatTypes.dfy(60,16): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Then
-NatTypes.dfy(74,16): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Else
- (0,0): anon6_Then
-NatTypes.dfy(92,19): Error: value assigned to a nat must be non-negative
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Then
-NatTypes.dfy(107,45): Error: value assigned to a nat must be non-negative
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Else
- (0,0): anon7_Else
- (0,0): anon8_Then
-NatTypes.dfy(130,21): Error: value assigned to a nat must be non-negative
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Then
-
-Dafny program verifier finished with 15 verified, 9 errors
-
--------------------- RealTypes.dfy --------------------
-RealTypes.dfy(8,23): Error: assertion violation
-Execution trace:
- (0,0): anon0
-RealTypes.dfy(14,12): Error: possible division by zero
-Execution trace:
- (0,0): anon0
- RealTypes.dfy(13,23): anon3_Else
- (0,0): anon2
-RealTypes.dfy(14,20): Error: assertion violation
-Execution trace:
- (0,0): anon0
- RealTypes.dfy(13,23): anon3_Else
- (0,0): anon2
-RealTypes.dfy(22,12): Error: assertion violation
-Execution trace:
- (0,0): anon0
-
-Dafny program verifier finished with 6 verified, 4 errors
-
--------------------- Definedness.dfy --------------------
-Definedness.dfy(11,7): Error: possible division by zero
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-Definedness.dfy(18,16): Error: possible division by zero
-Execution trace:
- (0,0): anon0
-Definedness.dfy(27,16): Error: target object may be null
-Execution trace:
- (0,0): anon0
-Definedness.dfy(28,21): Error: target object may be null
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Then
-Definedness.dfy(29,17): Error: possible division by zero
-Execution trace:
- (0,0): anon0
-Definedness.dfy(36,16): Error: target object may be null
-Execution trace:
- (0,0): anon0
-Definedness.dfy(45,16): Error: target object may be null
-Execution trace:
- (0,0): anon0
-Definedness.dfy(53,18): Error: target object may be null
-Execution trace:
- (0,0): anon0
-Definedness.dfy(54,3): Error BP5003: A postcondition might not hold on this return path.
-Definedness.dfy(53,22): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
-Definedness.dfy(60,18): Error: target object may be null
-Execution trace:
- (0,0): anon0
-Definedness.dfy(61,3): Error BP5003: A postcondition might not hold on this return path.
-Definedness.dfy(60,22): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
-Definedness.dfy(68,3): Error BP5003: A postcondition might not hold on this return path.
-Definedness.dfy(67,22): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
-Definedness.dfy(88,7): Error: target object may be null
-Execution trace:
- (0,0): anon0
-Definedness.dfy(89,5): Error: possible violation of function precondition
-Definedness.dfy(79,16): Related location
-Execution trace:
- (0,0): anon0
-Definedness.dfy(89,10): Error: assignment may update an object not in the enclosing context's modifies clause
-Execution trace:
- (0,0): anon0
-Definedness.dfy(89,10): Error: target object may be null
-Execution trace:
- (0,0): anon0
-Definedness.dfy(90,10): Error: possible violation of function precondition
-Definedness.dfy(79,16): Related location
-Execution trace:
- (0,0): anon0
-Definedness.dfy(95,14): Error: possible division by zero
-Execution trace:
- (0,0): anon0
-Definedness.dfy(95,23): Error: possible division by zero
-Execution trace:
- (0,0): anon0
-Definedness.dfy(96,15): Error: possible division by zero
-Execution trace:
- (0,0): anon0
-Definedness.dfy(101,12): Error: possible division by zero
-Execution trace:
- (0,0): anon0
-Definedness.dfy(108,15): Error: possible division by zero
-Execution trace:
- Definedness.dfy(108,5): anon7_LoopHead
- (0,0): anon7_LoopBody
- Definedness.dfy(108,5): anon8_Else
-Definedness.dfy(117,23): Error: possible violation of function precondition
-Definedness.dfy(79,16): Related location
-Execution trace:
- (0,0): anon0
- Definedness.dfy(116,5): anon12_LoopHead
- (0,0): anon12_LoopBody
- (0,0): anon13_Then
-Definedness.dfy(123,17): Error: possible violation of function precondition
-Definedness.dfy(79,16): Related location
-Execution trace:
- (0,0): anon0
- Definedness.dfy(116,5): anon12_LoopHead
- (0,0): anon12_LoopBody
- Definedness.dfy(116,5): anon13_Else
- (0,0): anon14_Then
- Definedness.dfy(122,5): anon15_LoopHead
- (0,0): anon15_LoopBody
- (0,0): anon16_Then
-Definedness.dfy(133,17): Error: possible violation of function precondition
-Definedness.dfy(79,16): Related location
-Execution trace:
- (0,0): anon0
- Definedness.dfy(132,5): anon6_LoopHead
- (0,0): anon6_LoopBody
- (0,0): anon7_Then
-Definedness.dfy(133,22): Error BP5004: This loop invariant might not hold on entry.
-Execution trace:
- (0,0): anon0
-Definedness.dfy(134,17): Error: possible violation of function precondition
-Definedness.dfy(79,16): Related location
-Execution trace:
- (0,0): anon0
- Definedness.dfy(132,5): anon6_LoopHead
- (0,0): anon6_LoopBody
- (0,0): anon7_Then
-Definedness.dfy(143,15): Error: possible division by zero
-Execution trace:
- (0,0): anon0
- Definedness.dfy(143,5): anon8_LoopHead
- (0,0): anon8_LoopBody
- Definedness.dfy(143,5): anon9_Else
-Definedness.dfy(162,15): Error: possible division by zero
-Execution trace:
- (0,0): anon0
- Definedness.dfy(156,5): anon16_LoopHead
- (0,0): anon16_LoopBody
- Definedness.dfy(156,5): anon17_Else
- (0,0): anon18_Then
- (0,0): anon5
- (0,0): anon19_Then
- Definedness.dfy(162,5): anon20_LoopHead
- (0,0): anon20_LoopBody
- Definedness.dfy(162,5): anon21_Else
-Definedness.dfy(175,28): Error BP5004: This loop invariant might not hold on entry.
-Execution trace:
- (0,0): anon0
-Definedness.dfy(181,17): Error: possible violation of function precondition
-Definedness.dfy(79,16): Related location
-Execution trace:
- (0,0): anon0
- Definedness.dfy(173,5): anon18_LoopHead
- (0,0): anon18_LoopBody
- Definedness.dfy(173,5): anon19_Else
- (0,0): anon20_Then
- Definedness.dfy(180,5): anon21_LoopHead
- (0,0): anon21_LoopBody
- (0,0): anon22_Then
- (0,0): anon23_Then
- (0,0): anon11
-Definedness.dfy(196,19): Error: possible division by zero
-Execution trace:
- (0,0): anon0
- Definedness.dfy(194,5): anon6_LoopHead
- (0,0): anon6_LoopBody
- (0,0): anon7_Then
-Definedness.dfy(196,23): Error BP5004: This loop invariant might not hold on entry.
-Execution trace:
- (0,0): anon0
-Definedness.dfy(196,28): Error: possible division by zero
-Execution trace:
- (0,0): anon0
- Definedness.dfy(194,5): anon6_LoopHead
- (0,0): anon6_LoopBody
- (0,0): anon7_Then
-Definedness.dfy(215,10): Error BP5003: A postcondition might not hold on this return path.
-Definedness.dfy(217,46): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Else
-Definedness.dfy(224,22): Error: target object may be null
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Then
- (0,0): anon2
- (0,0): anon6_Then
-Definedness.dfy(237,10): Error BP5003: A postcondition might not hold on this return path.
-Definedness.dfy(240,24): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon7_Then
- (0,0): anon2
- (0,0): anon8_Else
-
-Dafny program verifier finished with 21 verified, 37 errors
-
--------------------- FunctionSpecifications.dfy --------------------
-FunctionSpecifications.dfy(35,25): Error BP5003: A postcondition might not hold on this return path.
-FunctionSpecifications.dfy(31,13): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon8_Else
- (0,0): anon9_Else
- (0,0): anon10_Then
- (0,0): anon11_Else
-FunctionSpecifications.dfy(45,3): Error BP5003: A postcondition might not hold on this return path.
-FunctionSpecifications.dfy(40,24): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon11_Else
- (0,0): anon14_Else
- (0,0): anon15_Then
-FunctionSpecifications.dfy(53,11): Error: cannot prove termination; try supplying a decreases clause
-Execution trace:
- (0,0): anon0
- (0,0): anon8_Then
- (0,0): anon3
-FunctionSpecifications.dfy(59,10): Error BP5003: A postcondition might not hold on this return path.
-FunctionSpecifications.dfy(60,22): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Else
-FunctionSpecifications.dfy(108,23): Error: assertion violation
-Execution trace:
- (0,0): anon0
-FunctionSpecifications.dfy(111,23): Error: assertion violation
-Execution trace:
- (0,0): anon0
-FunctionSpecifications.dfy(126,27): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Then
-FunctionSpecifications.dfy(130,27): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-FunctionSpecifications.dfy(153,15): Error: assertion violation
-Execution trace:
- (0,0): anon0
-FunctionSpecifications.dfy(165,3): Error: cannot prove termination; try supplying a decreases clause
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-FunctionSpecifications.dfy(172,15): Error: assertion violation
-Execution trace:
- (0,0): anon0
-FunctionSpecifications.dfy(181,3): Error: cannot prove termination; try supplying a decreases clause
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-FunctionSpecifications.dfy(135,20): Error BP5003: A postcondition might not hold on this return path.
-FunctionSpecifications.dfy(137,29): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Then
- (0,0): anon2
- (0,0): anon6_Else
-FunctionSpecifications.dfy(146,3): Error: failure to decrease termination measure
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-FunctionSpecifications.dfy(160,3): Error: failure to decrease termination measure
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-FunctionSpecifications.dfy(188,3): Error: cannot prove termination; try supplying a decreases clause
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-FunctionSpecifications.dfy(185,20): Error: cannot prove termination; try supplying a decreases clause
-Execution trace:
- (0,0): anon0
-
-Dafny program verifier finished with 19 verified, 17 errors
-
--------------------- ResolutionErrors.dfy --------------------
-ResolutionErrors.dfy(499,7): Error: RHS (of type List<A>) not assignable to LHS (of type List<B>)
-ResolutionErrors.dfy(504,7): Error: RHS (of type List<A>) not assignable to LHS (of type List<B>)
-ResolutionErrors.dfy(518,23): Error: type of case bodies do not agree (found Tree<_T1,_T0>, previous types Tree<_T0,_T1>)
-ResolutionErrors.dfy(530,24): Error: Wrong number of type arguments (0 instead of 2) passed to class/datatype: Tree
-ResolutionErrors.dfy(565,18): Error: type of bound variable 'z' could not determined; please specify the type explicitly
-ResolutionErrors.dfy(578,13): Error: 'new' is not allowed in ghost contexts
-ResolutionErrors.dfy(579,9): Error: 'new' is not allowed in ghost contexts
-ResolutionErrors.dfy(586,14): Error: new allocation not supported in forall statements
-ResolutionErrors.dfy(591,11): Error: the body of the enclosing forall statement is not allowed to update heap locations
-ResolutionErrors.dfy(591,14): Error: new allocation not allowed in ghost context
-ResolutionErrors.dfy(601,23): Error: 'new' is not allowed in ghost contexts
-ResolutionErrors.dfy(608,15): Error: 'new' is not allowed in ghost contexts
-ResolutionErrors.dfy(608,15): Error: only ghost methods can be called from this context
-ResolutionErrors.dfy(608,10): Error: ghost variables are allowed only in specification contexts
-ResolutionErrors.dfy(617,17): Error: 'new' is not allowed in ghost contexts
-ResolutionErrors.dfy(619,20): Error: only ghost methods can be called from this context
-ResolutionErrors.dfy(621,8): Error: calls to methods with side-effects are not allowed inside a hint
-ResolutionErrors.dfy(639,21): Error: the type of this expression is underspecified, but it cannot be an arbitrary type.
-ResolutionErrors.dfy(639,21): Error: the type of this expression is underspecified, but it cannot be an arbitrary type.
-ResolutionErrors.dfy(676,8): Error: calls to methods with side-effects are not allowed inside a hint
-ResolutionErrors.dfy(686,8): Error: only ghost methods can be called from this context
-ResolutionErrors.dfy(689,20): Error: 'decreases *' is not allowed on ghost loops
-ResolutionErrors.dfy(700,16): Error: Assignment to non-ghost field is not allowed in this context (because this is a ghost method or because the statement is guarded by a specification-only expression)
-ResolutionErrors.dfy(700,16): Error: a hint is not allowed to update heap locations
-ResolutionErrors.dfy(701,21): Error: a hint is not allowed to update heap locations
-ResolutionErrors.dfy(702,8): Error: calls to methods with side-effects are not allowed inside a hint
-ResolutionErrors.dfy(705,19): Error: a while statement used inside a hint is not allowed to have a modifies clause
-ResolutionErrors.dfy(724,8): Error: only ghost methods can be called from this context
-ResolutionErrors.dfy(727,20): Error: 'decreases *' is not allowed on ghost loops
-ResolutionErrors.dfy(732,16): Error: Assignment to non-ghost field is not allowed in this context (because this is a ghost method or because the statement is guarded by a specification-only expression)
-ResolutionErrors.dfy(732,16): Error: a hint is not allowed to update heap locations
-ResolutionErrors.dfy(733,21): Error: a hint is not allowed to update heap locations
-ResolutionErrors.dfy(734,8): Error: calls to methods with side-effects are not allowed inside a hint
-ResolutionErrors.dfy(737,19): Error: a while statement used inside a hint is not allowed to have a modifies clause
-ResolutionErrors.dfy(762,4): Error: calls to methods with side-effects are not allowed inside a statement expression
-ResolutionErrors.dfy(763,4): Error: only ghost methods can be called from this context
-ResolutionErrors.dfy(764,4): Error: wrong number of method result arguments (got 0, expected 1)
-ResolutionErrors.dfy(775,23): Error: function calls are allowed only in specification contexts (consider declaring the function a 'function method')
-ResolutionErrors.dfy(785,4): Error: ghost variables are allowed only in specification contexts
-ResolutionErrors.dfy(796,36): Error: ghost variables are allowed only in specification contexts
-ResolutionErrors.dfy(805,17): Error: function calls are allowed only in specification contexts (consider declaring the function a 'function method')
-ResolutionErrors.dfy(819,6): Error: RHS (of type B) not assignable to LHS (of type object)
-ResolutionErrors.dfy(820,6): Error: RHS (of type int) not assignable to LHS (of type object)
-ResolutionErrors.dfy(821,6): Error: RHS (of type B) not assignable to LHS (of type object)
-ResolutionErrors.dfy(826,6): Error: RHS (of type G) not assignable to LHS (of type object)
-ResolutionErrors.dfy(827,6): Error: RHS (of type Dt) not assignable to LHS (of type object)
-ResolutionErrors.dfy(828,6): Error: RHS (of type CoDt) not assignable to LHS (of type object)
-ResolutionErrors.dfy(890,4): Error: LHS of array assignment must denote an array element (found seq<int>)
-ResolutionErrors.dfy(891,4): Error: LHS of array assignment must denote an array element (found seq<int>)
-ResolutionErrors.dfy(896,10): Error: LHS of assignment must denote a mutable field
-ResolutionErrors.dfy(897,10): Error: LHS of assignment must denote a mutable field
-ResolutionErrors.dfy(898,9): Error: cannot assign to a range of array elements (try the 'forall' statement)
-ResolutionErrors.dfy(899,9): Error: cannot assign to a range of array elements (try the 'forall' statement)
-ResolutionErrors.dfy(900,5): Error: cannot assign to a range of array elements (try the 'forall' statement)
-ResolutionErrors.dfy(901,5): Error: cannot assign to a range of array elements (try the 'forall' statement)
-ResolutionErrors.dfy(429,2): Error: More than one default constructor
-ResolutionErrors.dfy(50,13): Error: 'this' is not allowed in a 'static' context
-ResolutionErrors.dfy(111,9): Error: ghost variables are allowed only in specification contexts
-ResolutionErrors.dfy(112,9): Error: function calls are allowed only in specification contexts (consider declaring the function a 'function method')
-ResolutionErrors.dfy(116,11): Error: ghost variables are allowed only in specification contexts
-ResolutionErrors.dfy(117,9): Error: actual out-parameter 0 is required to be a ghost variable
-ResolutionErrors.dfy(124,15): Error: ghost variables are allowed only in specification contexts
-ResolutionErrors.dfy(128,23): Error: ghost variables are allowed only in specification contexts
-ResolutionErrors.dfy(135,4): Error: ghost variables are allowed only in specification contexts
-ResolutionErrors.dfy(139,21): Error: ghost variables are allowed only in specification contexts
-ResolutionErrors.dfy(140,35): Error: ghost variables are allowed only in specification contexts
-ResolutionErrors.dfy(149,9): Error: only ghost methods can be called from this context
-ResolutionErrors.dfy(155,16): Error: 'decreases *' is not allowed on ghost loops
-ResolutionErrors.dfy(196,27): Error: ghost-context break statement is not allowed to break out of non-ghost structure
-ResolutionErrors.dfy(219,12): Error: ghost-context break statement is not allowed to break out of non-ghost loop
-ResolutionErrors.dfy(231,12): Error: trying to break out of more loop levels than there are enclosing loops
-ResolutionErrors.dfy(235,12): Error: ghost-context break statement is not allowed to break out of non-ghost loop
-ResolutionErrors.dfy(240,8): Error: return statement is not allowed in this context (because it is guarded by a specification-only expression)
-ResolutionErrors.dfy(435,14): Error: when allocating an object of type 'YHWH', one of its constructor methods must be called
-ResolutionErrors.dfy(440,6): Error: when allocating an object of type 'Lucifer', one of its constructor methods must be called
-ResolutionErrors.dfy(441,6): Error: when allocating an object of type 'Lucifer', one of its constructor methods must be called
-ResolutionErrors.dfy(443,9): Error: class Lamb does not have a default constructor
-ResolutionErrors.dfy(839,11): Error: a modifies-clause expression must denote an object or a collection of objects (instead got int)
-ResolutionErrors.dfy(843,14): Error: in a ghost context, only ghost fields can be mentioned as frame targets (x)
-ResolutionErrors.dfy(846,12): Error: in a ghost context, only ghost fields can be mentioned as frame targets (x)
-ResolutionErrors.dfy(854,14): Error: in a ghost context, only ghost fields can be mentioned as frame targets (x)
-ResolutionErrors.dfy(864,18): Error: in a ghost context, only ghost fields can be mentioned as frame targets (x)
-ResolutionErrors.dfy(875,16): Error: in a ghost context, only ghost fields can be mentioned as frame targets (x)
-ResolutionErrors.dfy(12,16): Error: 'decreases *' is not allowed on ghost loops
-ResolutionErrors.dfy(24,11): Error: array selection requires an array2 (got array3<T>)
-ResolutionErrors.dfy(25,12): Error: sequence/array/multiset/map selection requires a sequence, array, multiset, or map (got array3<T>)
-ResolutionErrors.dfy(26,11): Error: array selection requires an array4 (got array<T>)
-ResolutionErrors.dfy(56,14): Error: a field must be selected via an object, not just a class name
-ResolutionErrors.dfy(57,7): Error: unresolved identifier: F
-ResolutionErrors.dfy(58,14): Error: an instance function must be selected via an object, not just a class name
-ResolutionErrors.dfy(58,7): Error: call to instance function requires an instance
-ResolutionErrors.dfy(59,7): Error: unresolved identifier: G
-ResolutionErrors.dfy(61,7): Error: unresolved identifier: M
-ResolutionErrors.dfy(62,7): Error: call to instance method requires an instance
-ResolutionErrors.dfy(63,7): Error: unresolved identifier: N
-ResolutionErrors.dfy(66,8): Error: non-function expression is called with parameters
-ResolutionErrors.dfy(67,14): Error: member z does not exist in class Global
-ResolutionErrors.dfy(86,12): Error: the name 'Benny' denotes a datatype constructor, but does not do so uniquely; add an explicit qualification (for example, 'Abc.Benny')
-ResolutionErrors.dfy(91,12): Error: the name 'David' denotes a datatype constructor, but does not do so uniquely; add an explicit qualification (for example, 'Abc.David')
-ResolutionErrors.dfy(92,12): Error: the name 'David' denotes a datatype constructor, but does not do so uniquely; add an explicit qualification (for example, 'Abc.David')
-ResolutionErrors.dfy(94,12): Error: the name 'David' denotes a datatype constructor, but does not do so uniquely; add an explicit qualification (for example, 'Abc.David')
-ResolutionErrors.dfy(96,12): Error: wrong number of arguments to datatype constructor Abc (found 2, expected 1)
-ResolutionErrors.dfy(258,4): Error: label shadows an enclosing label
-ResolutionErrors.dfy(263,2): Error: duplicate label
-ResolutionErrors.dfy(289,4): Error: when allocating an object of type 'ClassWithConstructor', one of its constructor methods must be called
-ResolutionErrors.dfy(290,4): Error: when allocating an object of type 'ClassWithConstructor', one of its constructor methods must be called
-ResolutionErrors.dfy(292,4): Error: a constructor is only allowed to be called when an object is being allocated
-ResolutionErrors.dfy(306,16): Error: arguments must have the same type (got int and DTD_List)
-ResolutionErrors.dfy(307,16): Error: arguments must have the same type (got DTD_List and int)
-ResolutionErrors.dfy(308,25): Error: arguments must have the same type (got bool and int)
-ResolutionErrors.dfy(311,18): Error: ghost fields are allowed only in specification contexts
-ResolutionErrors.dfy(320,15): Error: ghost variables are allowed only in specification contexts
-ResolutionErrors.dfy(345,2): Error: incorrect type of method in-parameter 1 (expected GenericClass<int>, got GenericClass<bool>)
-ResolutionErrors.dfy(357,18): Error: incorrect type of datatype constructor argument (found GList<_T0>, expected GList<int>)
-ResolutionErrors.dfy(365,6): Error: arguments to + must be int or real or a collection type (instead got bool)
-ResolutionErrors.dfy(370,6): Error: all lines in a calculation must have the same type (got int after bool)
-ResolutionErrors.dfy(373,6): Error: first argument to ==> must be of type bool (instead got int)
-ResolutionErrors.dfy(373,6): Error: second argument to ==> must be of type bool (instead got int)
-ResolutionErrors.dfy(374,10): Error: first argument to ==> must be of type bool (instead got int)
-ResolutionErrors.dfy(374,10): Error: second argument to ==> must be of type bool (instead got int)
-ResolutionErrors.dfy(379,10): Error: first argument to ==> must be of type bool (instead got int)
-ResolutionErrors.dfy(379,10): Error: second argument to ==> must be of type bool (instead got int)
-ResolutionErrors.dfy(384,6): Error: print statement is not allowed in this context (because this is a ghost method or because the statement is guarded by a specification-only expression)
-ResolutionErrors.dfy(406,6): Error: calls to methods with side-effects are not allowed inside a hint
-ResolutionErrors.dfy(408,12): Error: a hint is not allowed to update heap locations
-ResolutionErrors.dfy(410,8): Error: a hint is not allowed to update a variable declared outside the hint
-ResolutionErrors.dfy(467,7): Error: ghost variables are allowed only in specification contexts
-ResolutionErrors.dfy(473,12): Error: ghost variables are allowed only in specification contexts
-ResolutionErrors.dfy(541,7): Error: let-such-that expressions are allowed only in ghost contexts
-ResolutionErrors.dfy(543,7): Error: let-such-that expressions are allowed only in ghost contexts
-ResolutionErrors.dfy(543,20): Error: ghost variables are allowed only in specification contexts
-ResolutionErrors.dfy(545,7): Error: let-such-that expressions are allowed only in ghost contexts
-ResolutionErrors.dfy(546,18): Error: unresolved identifier: w
-ResolutionErrors.dfy(653,11): Error: lemmas are not allowed to have modifies clauses
-134 resolution/type errors detected in ResolutionErrors.dfy
-
--------------------- ParseErrors.dfy --------------------
-ParseErrors.dfy(7,19): error: a chain cannot have more than one != operator
-ParseErrors.dfy(9,37): error: this operator chain cannot continue with a descending operator
-ParseErrors.dfy(10,38): error: this operator chain cannot continue with an ascending operator
-ParseErrors.dfy(15,24): error: this operator chain cannot continue with a descending operator
-ParseErrors.dfy(18,18): error: this operator cannot be part of a chain
-ParseErrors.dfy(19,19): error: this operator cannot be part of a chain
-ParseErrors.dfy(20,18): error: this operator cannot be part of a chain
-ParseErrors.dfy(21,18): error: chaining not allowed from the previous operator
-ParseErrors.dfy(49,8): error: the main operator of a calculation must be transitive
-ParseErrors.dfy(65,2): error: this operator cannot continue this calculation
-ParseErrors.dfy(66,2): error: this operator cannot continue this calculation
-ParseErrors.dfy(71,2): error: this operator cannot continue this calculation
-ParseErrors.dfy(72,2): error: this operator cannot continue this calculation
-ParseErrors.dfy(78,2): error: this operator cannot continue this calculation
-14 parse errors detected in ParseErrors.dfy
-
--------------------- Array.dfy --------------------
-Array.dfy(13,8): Error: assignment may update an array element not in the enclosing context's modifies clause
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Then
- (0,0): anon2
- (0,0): anon6_Then
-Array.dfy(20,16): Error: target object may be null
-Execution trace:
- (0,0): anon0
-Array.dfy(27,6): Error: index out of range
-Execution trace:
- (0,0): anon0
-Array.dfy(51,20): Error: assertion violation
-Execution trace:
- (0,0): anon0
-Array.dfy(59,8): Error: assignment may update an array element not in the enclosing context's modifies clause
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Then
- (0,0): anon2
- (0,0): anon6_Then
-Array.dfy(66,8): Error: assignment may update an array element not in the enclosing context's modifies clause
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Then
- (0,0): anon2
- (0,0): anon6_Then
-Array.dfy(110,21): Error: upper bound below lower bound or above length of array
-Execution trace:
- (0,0): anon0
- (0,0): anon14_Else
- (0,0): anon18_Then
- (0,0): anon19_Then
- (0,0): anon20_Then
- (0,0): anon11
-Array.dfy(120,8): Error: insufficient reads clause to read the indicated range of array elements
-Execution trace:
- (0,0): anon0
- (0,0): anon9_Else
- (0,0): anon10_Then
- (0,0): anon11_Then
- (0,0): anon12_Then
-Array.dfy(122,8): Error: insufficient reads clause to read the indicated range of array elements
-Execution trace:
- (0,0): anon0
- (0,0): anon9_Else
- (0,0): anon10_Then
- (0,0): anon11_Then
- (0,0): anon12_Else
-Array.dfy(123,8): Error: insufficient reads clause to read the indicated range of array elements
-Execution trace:
- (0,0): anon0
- (0,0): anon9_Else
- (0,0): anon10_Then
- (0,0): anon11_Then
- (0,0): anon12_Else
-Array.dfy(124,8): Error: insufficient reads clause to read the indicated range of array elements
-Execution trace:
- (0,0): anon0
- (0,0): anon9_Else
- (0,0): anon10_Then
- (0,0): anon11_Then
- (0,0): anon12_Else
-Array.dfy(150,6): Error: insufficient reads clause to read array element
-Execution trace:
- (0,0): anon0
- (0,0): anon7_Else
- (0,0): anon8_Then
- (0,0): anon9_Then
-Array.dfy(158,6): Error: insufficient reads clause to read array element
-Execution trace:
- (0,0): anon0
- (0,0): anon7_Else
- (0,0): anon8_Then
- (0,0): anon9_Then
-Array.dfy(174,6): Error: assignment may update an array element not in the enclosing context's modifies clause
-Execution trace:
- (0,0): anon0
-Array.dfy(181,6): Error: assignment may update an array element not in the enclosing context's modifies clause
-Execution trace:
- (0,0): anon0
-Array.dfy(206,1): Error BP5003: A postcondition might not hold on this return path.
-Array.dfy(205,11): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
-Array.dfy(230,1): Error BP5003: A postcondition might not hold on this return path.
-Array.dfy(229,11): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
-Array.dfy(236,1): Error BP5003: A postcondition might not hold on this return path.
-Array.dfy(235,11): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
-Array.dfy(251,10): Error: value assigned to a nat must be non-negative
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Then
- (0,0): anon2
- (0,0): anon6_Then
-Array.dfy(252,5): Error: value assigned to a nat must be non-negative
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Then
- (0,0): anon2
- (0,0): anon6_Then
-
-Dafny program verifier finished with 41 verified, 20 errors
-
--------------------- MultiDimArray.dfy --------------------
-MultiDimArray.dfy(56,21): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon11_Then
- (0,0): anon12_Then
-MultiDimArray.dfy(83,25): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Then
- (0,0): anon6_Then
-
-Dafny program verifier finished with 8 verified, 2 errors
-
--------------------- NonGhostQuantifiers.dfy --------------------
-NonGhostQuantifiers.dfy(149,4): Error: a quantifier involved in a function definition is not allowed to depend on the set of allocated references; Dafny's heuristics can't figure out a bound for the values of 'c'
-NonGhostQuantifiers.dfy(153,4): Error: a quantifier involved in a function definition is not allowed to depend on the set of allocated references; Dafny's heuristics can't figure out a bound for the values of 'c'
-NonGhostQuantifiers.dfy(158,4): Error: a quantifier involved in a function definition is not allowed to depend on the set of allocated references; Dafny's heuristics can't figure out a bound for the values of 'c'
-NonGhostQuantifiers.dfy(163,4): Error: a quantifier involved in a function definition is not allowed to depend on the set of allocated references; Dafny's heuristics can't figure out a bound for the values of 'c'
-NonGhostQuantifiers.dfy(167,4): Error: a quantifier involved in a function definition is not allowed to depend on the set of allocated references; Dafny's heuristics can't figure out a bound for the values of 'c'
-NonGhostQuantifiers.dfy(171,4): Error: a quantifier involved in a function definition is not allowed to depend on the set of allocated references; Dafny's heuristics can't figure out a bound for the values of 'c'
-NonGhostQuantifiers.dfy(176,4): Error: a quantifier involved in a function definition is not allowed to depend on the set of allocated references; Dafny's heuristics can't figure out a bound for the values of 'c'
-NonGhostQuantifiers.dfy(181,4): Error: a quantifier involved in a function definition is not allowed to depend on the set of allocated references; Dafny's heuristics can't figure out a bound for the values of 'c'
-NonGhostQuantifiers.dfy(186,13): Error: quantifiers in non-ghost contexts must be compilable, but Dafny's heuristics can't figure out how to produce a bounded set of values for 'c'
-NonGhostQuantifiers.dfy(16,5): Error: quantifiers in non-ghost contexts must be compilable, but Dafny's heuristics can't figure out how to produce a bounded set of values for 'n'
-NonGhostQuantifiers.dfy(45,4): Error: quantifiers in non-ghost contexts must be compilable, but Dafny's heuristics can't figure out how to produce a bounded set of values for 'n'
-NonGhostQuantifiers.dfy(49,4): Error: quantifiers in non-ghost contexts must be compilable, but Dafny's heuristics can't figure out how to produce a bounded set of values for 'd'
-NonGhostQuantifiers.dfy(53,4): Error: quantifiers in non-ghost contexts must be compilable, but Dafny's heuristics can't figure out how to produce a bounded set of values for 'n'
-NonGhostQuantifiers.dfy(77,5): Error: quantifiers in non-ghost contexts must be compilable, but Dafny's heuristics can't figure out how to produce a bounded set of values for 'i'
-NonGhostQuantifiers.dfy(81,5): Error: quantifiers in non-ghost contexts must be compilable, but Dafny's heuristics can't figure out how to produce a bounded set of values for 'j'
-NonGhostQuantifiers.dfy(91,5): Error: quantifiers in non-ghost contexts must be compilable, but Dafny's heuristics can't figure out how to produce a bounded set of values for 'j'
-NonGhostQuantifiers.dfy(106,5): Error: quantifiers in non-ghost contexts must be compilable, but Dafny's heuristics can't figure out how to produce a bounded set of values for 'j'
-NonGhostQuantifiers.dfy(114,10): Error: quantifiers in non-ghost contexts must be compilable, but Dafny's heuristics can't figure out how to produce a bounded set of values for 'y'
-NonGhostQuantifiers.dfy(123,8): Error: quantifiers in non-ghost contexts must be compilable, but Dafny's heuristics can't figure out how to produce a bounded set of values for 'x'
-NonGhostQuantifiers.dfy(140,8): Error: Assignment to non-ghost variable is not allowed in this context (because this is a ghost method or because the statement is guarded by a specification-only expression)
-20 resolution/type errors detected in NonGhostQuantifiers.dfy
-
--------------------- AdvancedLHS.dfy --------------------
-AdvancedLHS.dfy(34,23): Error: target object may be null
-Execution trace:
- (0,0): anon0
- (0,0): anon15_Else
-
-Dafny program verifier finished with 7 verified, 1 error
-
--------------------- ModulesCycle.dfy --------------------
-ModulesCycle.dfy(5,9): Error: module T does not exist
-ModulesCycle.dfy(8,7): Error: module definition contains a cycle (note: parent modules implicitly depend on submodules): A -> D -> C -> B
-2 resolution/type errors detected in ModulesCycle.dfy
-
--------------------- Modules0.dfy --------------------
-Modules0.dfy(8,8): Error: Duplicate name of top-level declaration: WazzupA
-Modules0.dfy(9,11): Error: Duplicate name of top-level declaration: WazzupA
-Modules0.dfy(10,7): Error: Duplicate name of top-level declaration: WazzupA
-Modules0.dfy(13,7): Error: Duplicate name of top-level declaration: WazzupB
-Modules0.dfy(14,8): Error: Duplicate name of top-level declaration: WazzupB
-Modules0.dfy(15,11): Error: Duplicate name of top-level declaration: WazzupB
-Modules0.dfy(56,18): Error: Undeclared top-level type or type parameter: MyClass1 (did you forget to qualify a name?)
-Modules0.dfy(57,18): Error: Undeclared top-level type or type parameter: MyClass2 (did you forget to qualify a name?)
-Modules0.dfy(68,18): Error: Undeclared top-level type or type parameter: MyClass2 (did you forget to qualify a name?)
-Modules0.dfy(75,20): Error: Undeclared top-level type or type parameter: MyClass1 (did you forget to qualify a name?)
-Modules0.dfy(75,34): Error: Undeclared top-level type or type parameter: MyClass0 (did you forget to qualify a name?)
-Modules0.dfy(78,23): Error: Undeclared top-level type or type parameter: MyClass0 (did you forget to qualify a name?)
-Modules0.dfy(83,24): Error: Undeclared top-level type or type parameter: MyClassY (did you forget to qualify a name?)
-Modules0.dfy(92,16): Error: Undeclared top-level type or type parameter: ClassG (did you forget to qualify a name?)
-Modules0.dfy(224,15): Error: Undeclared top-level type or type parameter: X (did you forget to qualify a name?)
-Modules0.dfy(224,8): Error: new can be applied only to reference types (got X)
-Modules0.dfy(233,13): Error: Undeclared type X in module B
-Modules0.dfy(243,13): Error: unresolved identifier: X
-Modules0.dfy(244,15): Error: member DoesNotExist does not exist in class X
-Modules0.dfy(283,19): Error: Undeclared top-level type or type parameter: D (did you forget to qualify a name?)
-Modules0.dfy(283,12): Error: new can be applied only to reference types (got D)
-Modules0.dfy(286,25): Error: type of the receiver is not fully determined at this program point
-Modules0.dfy(287,16): Error: type of the receiver is not fully determined at this program point
-Modules0.dfy(287,6): Error: expected method call, found expression
-Modules0.dfy(288,16): Error: type of the receiver is not fully determined at this program point
-Modules0.dfy(288,6): Error: expected method call, found expression
-Modules0.dfy(310,24): Error: module Q_Imp does not exist
-Modules0.dfy(100,14): Error: Undeclared top-level type or type parameter: MyClassY (did you forget to qualify a name?)
-28 resolution/type errors detected in Modules0.dfy
-
--------------------- Modules1.dfy --------------------
-Modules1.dfy(79,16): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Then
-Modules1.dfy(92,16): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Then
-Modules1.dfy(94,18): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-Modules1.dfy(56,3): Error: decreases expression must be bounded below by 0
-Execution trace:
- (0,0): anon0
-Modules1.dfy(62,3): Error: failure to decrease termination measure
-Execution trace:
- (0,0): anon0
-
-Dafny program verifier finished with 26 verified, 5 errors
-
--------------------- Modules2.dfy --------------------
-Modules2.dfy(46,17): Error: The name C ambiguously refers to a type in one of the modules A, B (try qualifying the type name with the module name)
-Modules2.dfy(46,10): Error: new can be applied only to reference types (got C)
-Modules2.dfy(49,14): Error: the name 'E' denotes a datatype constructor, but does not do so uniquely; add an explicit qualification (for example, 'D.E')
-Modules2.dfy(50,14): Error: The name D ambiguously refers to a type in one of the modules A, B
-Modules2.dfy(52,11): Error: The name f ambiguously refers to a static member in one of the modules A, B
-5 resolution/type errors detected in Modules2.dfy
-
--------------------- BadFunction.dfy --------------------
-BadFunction.dfy(9,3): Error: failure to decrease termination measure
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-
-Dafny program verifier finished with 2 verified, 1 error
-
--------------------- Comprehensions.dfy --------------------
-Comprehensions.dfy(12,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon9_Then
- (0,0): anon10_Then
- (0,0): anon4
- (0,0): anon11_Then
- (0,0): anon12_Then
- (0,0): anon8
-
-Dafny program verifier finished with 6 verified, 1 error
-
--------------------- Basics.dfy --------------------
-Basics.dfy(45,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-Basics.dfy(69,42): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon13_Then
- (0,0): anon14_Then
- (0,0): anon15_Then
- Basics.dfy(69,72): anon16_Else
- Basics.dfy(69,82): anon17_Else
- Basics.dfy(69,95): anon18_Else
- (0,0): anon12
-Basics.dfy(113,16): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon10_Then
-Basics.dfy(132,10): Error: when left-hand sides 0 and 1 may refer to the same location, they must be assigned the same value
-Execution trace:
- (0,0): anon0
- (0,0): anon10_Then
- (0,0): anon3
- (0,0): anon11_Then
- (0,0): anon6
- (0,0): anon12_Then
- (0,0): anon9
-Basics.dfy(146,10): Error: when left-hand sides 0 and 1 refer to the same location, they must be assigned the same value
-Execution trace:
- (0,0): anon0
-Basics.dfy(158,19): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon11_Then
-Basics.dfy(160,10): Error: assignment may update an object not in the enclosing context's modifies clause
-Execution trace:
- (0,0): anon0
- (0,0): anon3
-Basics.dfy(160,10): Error: target object may be null
-Execution trace:
- (0,0): anon0
- (0,0): anon3
-Basics.dfy(165,12): Error: left-hand sides 0 and 1 may refer to the same location
-Execution trace:
- (0,0): anon0
- (0,0): anon11_Then
- (0,0): anon3
- (0,0): anon12_Then
-Basics.dfy(176,15): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon11_Then
- (0,0): anon3
- (0,0): anon12_Else
- (0,0): anon6
- (0,0): anon13_Then
- (0,0): anon8
- (0,0): anon14_Then
-Basics.dfy(238,10): Error: when left-hand sides 0 and 1 refer to the same location, they must be assigned the same value
-Execution trace:
- (0,0): anon0
-Basics.dfy(429,12): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon4_Then
- (0,0): anon3
-Basics.dfy(440,19): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon4_Else
-Basics.dfy(442,12): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon4_Then
- (0,0): anon3
-
-Dafny program verifier finished with 61 verified, 14 errors
-
--------------------- ControlStructures.dfy --------------------
-ControlStructures.dfy(8,3): Error: missing case in case statement: Purple
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Else
- (0,0): anon7_Else
- (0,0): anon8_Then
-ControlStructures.dfy(8,3): Error: missing case in case statement: Blue
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Else
- (0,0): anon7_Else
- (0,0): anon8_Else
- (0,0): anon9_Then
-ControlStructures.dfy(17,3): Error: missing case in case statement: Purple
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Else
- (0,0): anon7_Else
- (0,0): anon8_Then
-ControlStructures.dfy(46,5): Error: missing case in case statement: Red
-Execution trace:
- (0,0): anon0
- (0,0): anon8_Then
- (0,0): anon9_Else
- (0,0): anon10_Then
-ControlStructures.dfy(54,3): Error: missing case in case statement: Red
-Execution trace:
- (0,0): anon0
- (0,0): anon8_Else
- (0,0): anon9_Else
- (0,0): anon10_Else
- (0,0): anon11_Else
- (0,0): anon12_Then
-ControlStructures.dfy(75,3): Error: alternative cases fail to cover all possibilties
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Else
-ControlStructures.dfy(218,18): Error: assertion violation
-Execution trace:
- (0,0): anon0
- ControlStructures.dfy(197,3): anon59_LoopHead
- (0,0): anon59_LoopBody
- ControlStructures.dfy(197,3): anon60_Else
- ControlStructures.dfy(197,3): anon61_Else
- ControlStructures.dfy(201,5): anon62_LoopHead
- (0,0): anon62_LoopBody
- ControlStructures.dfy(201,5): anon63_Else
- ControlStructures.dfy(201,5): anon64_Else
- (0,0): anon68_Then
- ControlStructures.dfy(213,9): anon69_LoopHead
- (0,0): anon69_LoopBody
- ControlStructures.dfy(213,9): anon70_Else
- (0,0): anon71_Then
-ControlStructures.dfy(235,21): Error: assertion violation
-Execution trace:
- (0,0): anon0
- ControlStructures.dfy(197,3): anon59_LoopHead
- (0,0): anon59_LoopBody
- ControlStructures.dfy(197,3): anon60_Else
- ControlStructures.dfy(197,3): anon61_Else
- ControlStructures.dfy(201,5): anon62_LoopHead
- (0,0): anon62_LoopBody
- ControlStructures.dfy(201,5): anon63_Else
- ControlStructures.dfy(201,5): anon64_Else
- (0,0): anon68_Then
- ControlStructures.dfy(213,9): anon69_LoopHead
- (0,0): anon69_LoopBody
- ControlStructures.dfy(213,9): anon70_Else
- ControlStructures.dfy(213,9): anon71_Else
- (0,0): anon72_Then
- (0,0): after_4
- ControlStructures.dfy(224,7): anon74_LoopHead
- (0,0): anon74_LoopBody
- ControlStructures.dfy(224,7): anon75_Else
- ControlStructures.dfy(224,7): anon76_Else
- (0,0): anon78_Then
- (0,0): anon38
- (0,0): anon83_Then
- (0,0): anon52
-ControlStructures.dfy(238,30): Error: assertion violation
-Execution trace:
- (0,0): anon0
- ControlStructures.dfy(197,3): anon59_LoopHead
- (0,0): anon59_LoopBody
- ControlStructures.dfy(197,3): anon60_Else
- ControlStructures.dfy(197,3): anon61_Else
- ControlStructures.dfy(201,5): anon62_LoopHead
- (0,0): anon62_LoopBody
- ControlStructures.dfy(201,5): anon63_Else
- ControlStructures.dfy(201,5): anon64_Else
- (0,0): anon65_Then
- (0,0): anon84_Then
- (0,0): anon85_Then
- (0,0): anon56
-ControlStructures.dfy(241,17): Error: assertion violation
-Execution trace:
- (0,0): anon0
- ControlStructures.dfy(197,3): anon59_LoopHead
- (0,0): anon59_LoopBody
- ControlStructures.dfy(197,3): anon60_Else
- ControlStructures.dfy(197,3): anon61_Else
- ControlStructures.dfy(201,5): anon62_LoopHead
- (0,0): anon62_LoopBody
- ControlStructures.dfy(201,5): anon63_Else
- ControlStructures.dfy(201,5): anon64_Else
- (0,0): anon68_Then
- ControlStructures.dfy(213,9): anon69_LoopHead
- (0,0): anon69_LoopBody
- ControlStructures.dfy(213,9): anon70_Else
- ControlStructures.dfy(213,9): anon71_Else
- (0,0): anon72_Then
- (0,0): after_4
- ControlStructures.dfy(224,7): anon74_LoopHead
- (0,0): anon74_LoopBody
- ControlStructures.dfy(224,7): anon75_Else
- ControlStructures.dfy(224,7): anon76_Else
- (0,0): anon79_Then
- (0,0): anon82_Then
- (0,0): anon86_Then
- (0,0): anon58
-
-Dafny program verifier finished with 22 verified, 10 errors
-
--------------------- Termination.dfy --------------------
-Termination.dfy(359,47): Error: failure to decrease termination measure
-Execution trace:
- (0,0): anon0
- (0,0): anon7_Else
- (0,0): anon8_Then
- (0,0): anon9_Else
-Termination.dfy(108,3): Error: cannot prove termination; try supplying a decreases clause for the loop
-Execution trace:
- (0,0): anon0
- Termination.dfy(108,3): anon6_LoopHead
- (0,0): anon6_LoopBody
- Termination.dfy(108,3): anon7_Else
- Termination.dfy(108,3): anon8_Else
-Termination.dfy(116,3): Error: cannot prove termination; try supplying a decreases clause for the loop
-Execution trace:
- (0,0): anon0
- Termination.dfy(116,3): anon8_LoopHead
- (0,0): anon8_LoopBody
- Termination.dfy(116,3): anon9_Else
- (0,0): anon10_Then
- (0,0): anon5
- Termination.dfy(116,3): anon11_Else
-Termination.dfy(125,3): Error: decreases expression might not decrease
-Execution trace:
- (0,0): anon0
- Termination.dfy(125,3): anon8_LoopHead
- (0,0): anon8_LoopBody
- Termination.dfy(125,3): anon9_Else
- (0,0): anon10_Then
- (0,0): anon5
- Termination.dfy(125,3): anon11_Else
-Termination.dfy(126,17): Error: decreases expression must be bounded below by 0 at end of loop iteration
-Execution trace:
- (0,0): anon0
- Termination.dfy(125,3): anon8_LoopHead
- (0,0): anon8_LoopBody
- Termination.dfy(125,3): anon9_Else
- (0,0): anon10_Then
- (0,0): anon5
- Termination.dfy(125,3): anon11_Else
-Termination.dfy(254,35): Error: cannot prove termination; try supplying a decreases clause
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Else
- (0,0): anon7_Else
- (0,0): anon8_Then
-Termination.dfy(294,3): Error: decreases expression might not decrease
-Execution trace:
- Termination.dfy(294,3): anon9_LoopHead
- (0,0): anon9_LoopBody
- Termination.dfy(294,3): anon10_Else
- Termination.dfy(294,3): anon11_Else
- (0,0): anon12_Else
-
-Dafny program verifier finished with 59 verified, 7 errors
-
--------------------- DTypes.dfy --------------------
-DTypes.dfy(18,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
-DTypes.dfy(56,18): Error: assertion violation
-Execution trace:
- (0,0): anon0
-DTypes.dfy(120,13): Error: assertion violation
-DTypes.dfy(92,30): Related location
-Execution trace:
- (0,0): anon0
-DTypes.dfy(126,13): Error: assertion violation
-DTypes.dfy(92,20): Related location
-Execution trace:
- (0,0): anon0
-DTypes.dfy(136,12): Error: assertion violation
-DTypes.dfy(131,6): Related location
-DTypes.dfy(92,20): Related location
-Execution trace:
- (0,0): anon0
-DTypes.dfy(157,12): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Then
- (0,0): anon6_Then
- (0,0): anon4
-
-Dafny program verifier finished with 27 verified, 6 errors
-
--------------------- ParallelResolveErrors.dfy --------------------
-ParallelResolveErrors.dfy(10,9): Error: Assignment to non-ghost field is not allowed in this context (because this is a ghost method or because the statement is guarded by a specification-only expression)
-ParallelResolveErrors.dfy(21,4): Error: LHS of assignment must denote a mutable variable
-ParallelResolveErrors.dfy(26,6): Error: body of forall statement is attempting to update a variable declared outside the forall statement
-ParallelResolveErrors.dfy(44,6): Error: Assignment to non-ghost variable is not allowed in this context (because this is a ghost method or because the statement is guarded by a specification-only expression)
-ParallelResolveErrors.dfy(56,13): Error: new allocation not supported in forall statements
-ParallelResolveErrors.dfy(61,13): Error: new allocation not allowed in ghost context
-ParallelResolveErrors.dfy(62,13): Error: new allocation not allowed in ghost context
-ParallelResolveErrors.dfy(63,13): Error: new allocation not allowed in ghost context
-ParallelResolveErrors.dfy(64,13): Error: new allocation not allowed in ghost context
-ParallelResolveErrors.dfy(65,6): Error: the body of the enclosing forall statement is not allowed to update heap locations, so any call must be to a method with an empty modifies clause
-ParallelResolveErrors.dfy(66,6): Error: the body of the enclosing forall statement is not allowed to call non-ghost methods
-ParallelResolveErrors.dfy(73,19): Error: trying to break out of more loop levels than there are enclosing loops
-ParallelResolveErrors.dfy(77,18): Error: return statement is not allowed inside a forall statement
-ParallelResolveErrors.dfy(84,21): Error: trying to break out of more loop levels than there are enclosing loops
-ParallelResolveErrors.dfy(85,20): Error: trying to break out of more loop levels than there are enclosing loops
-ParallelResolveErrors.dfy(86,20): Error: break label is undefined or not in scope: OutsideLoop
-ParallelResolveErrors.dfy(95,24): Error: trying to break out of more loop levels than there are enclosing loops
-ParallelResolveErrors.dfy(96,24): Error: break label is undefined or not in scope: OutsideLoop
-ParallelResolveErrors.dfy(107,9): Error: the body of the enclosing forall statement is not allowed to update heap locations
-ParallelResolveErrors.dfy(115,6): Error: the body of the enclosing forall statement is not allowed to update heap locations, so any call must be to a method with an empty modifies clause
-ParallelResolveErrors.dfy(120,6): Error: the body of the enclosing forall statement is not allowed to update heap locations, so any call must be to a method with an empty modifies clause
-21 resolution/type errors detected in ParallelResolveErrors.dfy
-
--------------------- Parallel.dfy --------------------
-Parallel.dfy(34,5): Error BP5002: A precondition for this call might not hold.
-Parallel.dfy(60,14): Related location: This is the precondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon29_Else
- (0,0): anon32_Else
- (0,0): anon33_Then
- (0,0): anon34_Then
- (0,0): anon35_Then
- (0,0): anon14
-Parallel.dfy(38,5): Error: target object may be null
-Execution trace:
- (0,0): anon0
- (0,0): anon29_Else
- (0,0): anon32_Else
- (0,0): anon33_Else
- (0,0): anon36_Then
- (0,0): anon37_Then
- (0,0): anon38_Then
- (0,0): anon20
-Parallel.dfy(42,18): Error: possible violation of postcondition of forall statement
-Execution trace:
- (0,0): anon0
- (0,0): anon29_Else
- (0,0): anon32_Else
- (0,0): anon33_Else
- (0,0): anon36_Else
- (0,0): anon39_Then
- (0,0): anon40_Then
- (0,0): anon26
-Parallel.dfy(47,19): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon29_Else
- (0,0): anon32_Else
- (0,0): anon33_Else
- (0,0): anon36_Else
- (0,0): anon39_Then
- (0,0): anon40_Then
-Parallel.dfy(93,19): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon10_Else
- (0,0): anon11_Then
-Parallel.dfy(99,20): Error: possible violation of postcondition of forall statement
-Execution trace:
- (0,0): anon0
- (0,0): anon10_Else
- (0,0): anon11_Then
- (0,0): anon12_Then
-Parallel.dfy(122,12): Error: value assigned to a nat must be non-negative
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Then
- (0,0): anon7_Then
- (0,0): anon3
-Parallel.dfy(185,12): Error: left-hand sides for different forall-statement bound variables may refer to the same location
-Execution trace:
- (0,0): anon0
- (0,0): anon19_Then
- (0,0): anon20_Then
- (0,0): anon5
-Parallel.dfy(296,10): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon4_Else
-
-Dafny program verifier finished with 43 verified, 9 errors
-
--------------------- TypeParameters.dfy --------------------
-TypeParameters.dfy(47,22): Error: assertion violation
-Execution trace:
- (0,0): anon0
-TypeParameters.dfy(69,27): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Then
- (0,0): anon2
-TypeParameters.dfy(156,12): Error: assertion violation
-TypeParameters.dfy(156,28): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon20_Then
- TypeParameters.dfy(156,32): anon21_Else
- (0,0): anon5
-TypeParameters.dfy(158,12): Error: assertion violation
-TypeParameters.dfy(158,33): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon23_Then
- TypeParameters.dfy(158,37): anon24_Else
- (0,0): anon11
-TypeParameters.dfy(160,12): Error: assertion violation
-TypeParameters.dfy(160,20): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon25_Then
-TypeParameters.dfy(162,12): Error: assertion violation
-TypeParameters.dfy(147,5): Related location
-TypeParameters.dfy(162,21): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon26_Then
-TypeParameters.dfy(164,12): Error: assertion violation
-TypeParameters.dfy(149,8): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon27_Then
-TypeParameters.dfy(178,15): Error BP5005: This loop invariant might not be maintained by the loop.
-TypeParameters.dfy(178,38): Related location
-Execution trace:
- (0,0): anon0
- TypeParameters.dfy(171,3): anon16_LoopHead
- (0,0): anon16_LoopBody
- TypeParameters.dfy(171,3): anon17_Else
- (0,0): anon19_Then
- TypeParameters.dfy(177,3): anon20_LoopHead
- (0,0): anon20_LoopBody
- TypeParameters.dfy(177,3): anon21_Else
- TypeParameters.dfy(177,3): anon23_Else
-
-Dafny program verifier finished with 58 verified, 8 errors
-
--------------------- Datatypes.dfy --------------------
-Datatypes.dfy(297,10): Error BP5003: A postcondition might not hold on this return path.
-Datatypes.dfy(295,15): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon13_Then
- (0,0): anon14_Else
- (0,0): anon15_Then
- (0,0): anon6
-Datatypes.dfy(298,12): Error: missing case in case statement: Appendix
-Execution trace:
- (0,0): anon0
- (0,0): anon13_Then
- (0,0): anon14_Else
- (0,0): anon15_Else
- (0,0): anon16_Then
-Datatypes.dfy(349,5): Error: missing case in case statement: Cons
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Else
- (0,0): anon7_Then
-Datatypes.dfy(349,5): Error: missing case in case statement: Nil
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Else
- (0,0): anon7_Else
- (0,0): anon8_Then
-Datatypes.dfy(356,8): Error: missing case in case statement: Cons
-Execution trace:
- (0,0): anon0
- (0,0): anon9_Else
- (0,0): anon10_Then
- (0,0): anon11_Then
-Datatypes.dfy(356,8): Error: missing case in case statement: Nil
-Execution trace:
- (0,0): anon0
- (0,0): anon9_Else
- (0,0): anon10_Then
- (0,0): anon11_Else
- (0,0): anon12_Then
-Datatypes.dfy(82,20): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon20_Else
- (0,0): anon21_Then
- (0,0): anon4
- (0,0): anon22_Else
- (0,0): anon23_Then
- (0,0): anon24_Else
- (0,0): anon25_Then
-Datatypes.dfy(170,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon4_Then
-Datatypes.dfy(172,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon4_Else
- (0,0): anon5_Then
-Datatypes.dfy(201,13): Error: destructor 'Car' can only be applied to datatype values constructed by 'XCons'
-Execution trace:
- (0,0): anon0
-Datatypes.dfy(204,17): Error: destructor 'Car' can only be applied to datatype values constructed by 'XCons'
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Then
-Datatypes.dfy(225,17): Error: destructor 'c' can only be applied to datatype values constructed by 'T''
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Then
-
-Dafny program verifier finished with 44 verified, 12 errors
-
--------------------- StatementExpressions.dfy --------------------
-StatementExpressions.dfy(55,11): Error: cannot prove termination; try supplying a decreases clause
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Then
- (0,0): anon8_Then
-StatementExpressions.dfy(59,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Then
- StatementExpressions.dfy(53,7): anon8_Else
-StatementExpressions.dfy(77,6): Error: possible division by zero
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-StatementExpressions.dfy(88,5): Error: value assigned to a nat must be non-negative
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-StatementExpressions.dfy(98,11): Error: cannot prove termination; try supplying a decreases clause
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Then
-
-Dafny program verifier finished with 17 verified, 5 errors
-
--------------------- Coinductive.dfy --------------------
-Coinductive.dfy(13,11): Error: because of cyclic dependencies among constructor argument types, no instances of datatype 'Rec_Forever' can be constructed
-Coinductive.dfy(16,11): Error: because of cyclic dependencies among constructor argument types, no instances of datatype 'D' can be constructed
-Coinductive.dfy(38,11): Error: because of cyclic dependencies among constructor argument types, no instances of datatype 'K' can be constructed
-Coinductive.dfy(64,11): Error: because of cyclic dependencies among constructor argument types, no instances of datatype 'NotFiniteEnough_Dt' can be constructed
-Coinductive.dfy(93,8): Error: a copredicate can be called recursively only in positive positions
-Coinductive.dfy(94,8): Error: a copredicate can be called recursively only in positive positions
-Coinductive.dfy(95,8): Error: a copredicate can be called recursively only in positive positions and cannot sit inside an unbounded existential quantifier
-Coinductive.dfy(95,21): Error: a copredicate can be called recursively only in positive positions and cannot sit inside an unbounded existential quantifier
-Coinductive.dfy(101,5): Error: a copredicate can be called recursively only in positive positions
-Coinductive.dfy(104,27): Error: a copredicate can be called recursively only in positive positions and cannot sit inside an unbounded existential quantifier
-Coinductive.dfy(105,28): Error: a copredicate can be called recursively only in positive positions and cannot sit inside an unbounded existential quantifier
-Coinductive.dfy(106,17): Error: a copredicate can be called recursively only in positive positions and cannot sit inside an unbounded existential quantifier
-Coinductive.dfy(116,24): Error: a copredicate can be called recursively only in positive positions and cannot sit inside an unbounded existential quantifier
-Coinductive.dfy(122,15): Error: a copredicate can be called recursively only in positive positions and cannot sit inside an unbounded existential quantifier
-Coinductive.dfy(123,10): Error: a copredicate can be called recursively only in positive positions and cannot sit inside an unbounded existential quantifier
-Coinductive.dfy(148,5): Error: a recursive call from a copredicate can go only to other copredicates
-16 resolution/type errors detected in Coinductive.dfy
-
--------------------- Corecursion.dfy --------------------
-Corecursion.dfy(17,13): Error: cannot prove termination; try supplying a decreases clause (note that only functions without side effects can be called co-recursively)
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-Corecursion.dfy(23,13): Error: cannot prove termination; try supplying a decreases clause (note that only functions without any ensures clause can be called co-recursively)
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-Corecursion.dfy(58,5): Error: cannot prove termination; try supplying a decreases clause
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-Corecursion.dfy(71,16): Error: cannot prove termination; try supplying a decreases clause (note that calls cannot be co-recursive in this context)
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Else
-Corecursion.dfy(93,15): Error: cannot prove termination; try supplying a decreases clause (note that a call can be co-recursive only if all intra-cluster calls are in non-destructive contexts)
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Else
- (0,0): anon6_Then
-Corecursion.dfy(103,15): Error: cannot prove termination; try supplying a decreases clause (note that a call can be co-recursive only if all intra-cluster calls are in non-destructive contexts)
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Else
- (0,0): anon6_Then
-Corecursion.dfy(148,13): Error: failure to decrease termination measure (note that a call can be co-recursive only if all intra-cluster calls are in non-destructive contexts)
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-Corecursion.dfy(161,13): Error: failure to decrease termination measure (note that a call can be co-recursive only if all intra-cluster calls are in non-destructive contexts)
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-
-Dafny program verifier finished with 20 verified, 8 errors
-
--------------------- CoResolution.dfy --------------------
-CoResolution.dfy(17,9): Error: member Undeclared# does not exist in class _default
-CoResolution.dfy(18,4): Error: unresolved identifier: Undeclared#
-CoResolution.dfy(21,7): Error: unresolved identifier: _k
-CoResolution.dfy(39,8): Error: == can only be applied to expressions of types that support equality (got Stream<_T0>)
-CoResolution.dfy(50,8): Error: Assignment to non-ghost variable is not allowed in this context (because this is a ghost method or because the statement is guarded by a specification-only expression)
-CoResolution.dfy(67,10): Error: a copredicate is not allowed to declare any reads clause
-CoResolution.dfy(73,31): Error: a copredicate is not allowed to declare any ensures clause
-CoResolution.dfy(82,20): Error: a recursive call from a copredicate can go only to other copredicates
-CoResolution.dfy(86,20): Error: a recursive call from a copredicate can go only to other copredicates
-CoResolution.dfy(95,4): Error: a recursive call from a colemma can go only to other colemmas and prefix lemmas
-CoResolution.dfy(109,13): Error: a recursive call from a colemma can go only to other colemmas and prefix lemmas
-CoResolution.dfy(110,13): Error: a recursive call from a colemma can go only to other colemmas and prefix lemmas
-CoResolution.dfy(115,17): Error: a recursive call from a copredicate can go only to other copredicates
-CoResolution.dfy(121,17): Error: a recursive call from a copredicate can go only to other copredicates
-CoResolution.dfy(129,13): Error: a recursive call from a colemma can go only to other colemmas and prefix lemmas
-CoResolution.dfy(130,13): Error: a recursive call from a colemma can go only to other colemmas and prefix lemmas
-CoResolution.dfy(135,17): Error: a recursive call from a copredicate can go only to other copredicates
-CoResolution.dfy(141,17): Error: a recursive call from a copredicate can go only to other copredicates
-CoResolution.dfy(149,4): Error: a recursive call from a copredicate can go only to other copredicates
-CoResolution.dfy(151,4): Error: a recursive call from a copredicate can go only to other copredicates
-CoResolution.dfy(167,13): Error: a recursive call from a colemma can go only to other colemmas and prefix lemmas
-21 resolution/type errors detected in CoResolution.dfy
-
--------------------- CoPrefix.dfy --------------------
-CoPrefix.dfy(164,3): Error BP5003: A postcondition might not hold on this return path.
-CoPrefix.dfy(163,15): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-CoPrefix.dfy(169,3): Error BP5003: A postcondition might not hold on this return path.
-CoPrefix.dfy(168,15): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-CoPrefix.dfy(176,5): Error: cannot prove termination; try supplying a decreases clause
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Then
-CoPrefix.dfy(63,7): Error: failure to decrease termination measure
-Execution trace:
- (0,0): anon0
- (0,0): anon7_Then
- (0,0): anon8_Else
- (0,0): anon9_Then
-CoPrefix.dfy(76,7): Error: cannot prove termination; try supplying a decreases clause
-Execution trace:
- (0,0): anon0
- (0,0): anon7_Then
- (0,0): anon8_Else
- (0,0): anon9_Then
-CoPrefix.dfy(114,1): Error BP5003: A postcondition might not hold on this return path.
-CoPrefix.dfy(113,11): Related location: This is the postcondition that might not hold.
-CoPrefix.dfy(101,17): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Then
-CoPrefix.dfy(138,25): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon9_Then
- (0,0): anon10_Then
-CoPrefix.dfy(142,25): Error: assertion violation
-CoPrefix.dfy(117,23): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon9_Then
- (0,0): anon12_Then
-CoPrefix.dfy(151,1): Error BP5003: A postcondition might not hold on this return path.
-CoPrefix.dfy(150,11): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-
-Dafny program verifier finished with 41 verified, 9 errors
-
--------------------- CoinductiveProofs.dfy --------------------
-CoinductiveProofs.dfy(29,12): Error: assertion violation
-CoinductiveProofs.dfy(13,17): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Then
- (0,0): anon6_Then
-CoinductiveProofs.dfy(59,1): Error BP5003: A postcondition might not hold on this return path.
-CoinductiveProofs.dfy(58,11): Related location: This is the postcondition that might not hold.
-CoinductiveProofs.dfy(54,3): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Then
-CoinductiveProofs.dfy(74,12): Error: assertion violation
-CoinductiveProofs.dfy(54,3): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Then
- (0,0): anon6_Then
-CoinductiveProofs.dfy(91,1): Error BP5003: A postcondition might not hold on this return path.
-CoinductiveProofs.dfy(90,11): Related location: This is the postcondition that might not hold.
-CoinductiveProofs.dfy(80,3): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Then
-CoinductiveProofs.dfy(100,12): Error: assertion violation
-CoinductiveProofs.dfy(80,3): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Then
- (0,0): anon6_Then
-CoinductiveProofs.dfy(111,1): Error BP5003: A postcondition might not hold on this return path.
-CoinductiveProofs.dfy(110,11): Related location: This is the postcondition that might not hold.
-CoinductiveProofs.dfy(106,3): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Then
-CoinductiveProofs.dfy(150,1): Error BP5003: A postcondition might not hold on this return path.
-CoinductiveProofs.dfy(149,22): Related location: This is the postcondition that might not hold.
-CoinductiveProofs.dfy(4,24): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Then
-CoinductiveProofs.dfy(156,1): Error BP5003: A postcondition might not hold on this return path.
-CoinductiveProofs.dfy(155,22): Related location: This is the postcondition that might not hold.
-CoinductiveProofs.dfy(4,24): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Then
-
-Dafny program verifier finished with 35 verified, 8 errors
-
--------------------- TypeAntecedents.dfy --------------------
-TypeAntecedents.dfy(35,13): Error: assertion violation
-Execution trace:
- (0,0): anon0
-TypeAntecedents.dfy(58,1): Error BP5003: A postcondition might not hold on this return path.
-TypeAntecedents.dfy(57,15): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon25_Then
- (0,0): anon6
- (0,0): anon28_Then
- (0,0): anon8
- (0,0): anon29_Else
- (0,0): anon31_Else
- (0,0): anon33_Then
- (0,0): anon20
- (0,0): anon34_Then
- (0,0): anon35_Then
- (0,0): anon24
-TypeAntecedents.dfy(66,16): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon25_Else
- (0,0): anon26_Then
- (0,0): anon27_Else
-
-Dafny program verifier finished with 12 verified, 3 errors
-
--------------------- NoTypeArgs.dfy --------------------
-
-Dafny program verifier finished with 15 verified, 0 errors
-
--------------------- EqualityTypes.dfy --------------------
-EqualityTypes.dfy(34,13): Error: a type declaration that requires equality support cannot be replaced by a codatatype
-EqualityTypes.dfy(35,11): Error: datatype 'Y' is used to refine an arbitrary type with equality support, but 'Y' does not support equality
-EqualityTypes.dfy(40,11): Error: arbitrary type 'X' is not allowed to be replaced by a datatype that takes a different number of type parameters
-EqualityTypes.dfy(41,8): Error: arbitrary type 'Y' is not allowed to be replaced by a class that takes a different number of type parameters
-EqualityTypes.dfy(45,11): Error: datatype 'X' is used to refine an arbitrary type with equality support, but 'X' does not support equality
-EqualityTypes.dfy(46,11): Error: datatype 'Y' is used to refine an arbitrary type with equality support, but 'Y' does not support equality
-EqualityTypes.dfy(66,7): Error: == can only be applied to expressions of types that support equality (got Dt<T>)
-EqualityTypes.dfy(85,8): Error: type parameter 0 (T) passed to method M must support equality (got _T0)
-EqualityTypes.dfy(109,7): Error: == can only be applied to expressions of types that support equality (got D)
-EqualityTypes.dfy(114,13): Error: == can only be applied to expressions of types that support equality (got D)
-EqualityTypes.dfy(118,16): Error: == can only be applied to expressions of types that support equality (got D)
-11 resolution/type errors detected in EqualityTypes.dfy
-
--------------------- SplitExpr.dfy --------------------
-SplitExpr.dfy(92,15): Error: loop invariant violation
-SplitExpr.dfy(86,44): Related location
-Execution trace:
- SplitExpr.dfy(91,3): anon7_LoopHead
-
-Dafny program verifier finished with 10 verified, 1 error
-
--------------------- LoopModifies.dfy --------------------
-LoopModifies.dfy(8,5): Error: assignment may update an array element not in the enclosing context's modifies clause
-Execution trace:
- (0,0): anon0
-LoopModifies.dfy(19,8): Error: assignment may update an array element not in the enclosing context's modifies clause
-Execution trace:
- (0,0): anon0
- LoopModifies.dfy(16,4): anon8_LoopHead
- (0,0): anon8_LoopBody
- LoopModifies.dfy(16,4): anon9_Else
- LoopModifies.dfy(16,4): anon11_Else
-LoopModifies.dfy(48,8): Error: assignment may update an array element not in the enclosing context's modifies clause
-Execution trace:
- (0,0): anon0
- LoopModifies.dfy(44,4): anon8_LoopHead
- (0,0): anon8_LoopBody
- LoopModifies.dfy(44,4): anon9_Else
- LoopModifies.dfy(44,4): anon11_Else
-LoopModifies.dfy(63,8): Error: assignment may update an array element not in the enclosing context's modifies clause
-Execution trace:
- (0,0): anon0
- LoopModifies.dfy(59,4): anon9_LoopHead
- (0,0): anon9_LoopBody
- LoopModifies.dfy(59,4): anon10_Else
- LoopModifies.dfy(59,4): anon12_Else
-LoopModifies.dfy(76,4): Error: loop modifies clause may violate context's modifies clause
-Execution trace:
- (0,0): anon0
-LoopModifies.dfy(100,8): Error: assignment may update an array element not in the enclosing context's modifies clause
-Execution trace:
- (0,0): anon0
- LoopModifies.dfy(92,4): anon8_LoopHead
- (0,0): anon8_LoopBody
- LoopModifies.dfy(92,4): anon9_Else
- LoopModifies.dfy(92,4): anon11_Else
-LoopModifies.dfy(148,11): Error: assignment may update an array element not in the enclosing context's modifies clause
-Execution trace:
- (0,0): anon0
- LoopModifies.dfy(136,4): anon17_LoopHead
- (0,0): anon17_LoopBody
- LoopModifies.dfy(136,4): anon18_Else
- LoopModifies.dfy(136,4): anon20_Else
- LoopModifies.dfy(141,7): anon21_LoopHead
- (0,0): anon21_LoopBody
- LoopModifies.dfy(141,7): anon22_Else
- LoopModifies.dfy(141,7): anon24_Else
-LoopModifies.dfy(199,10): Error: assignment may update an array element not in the enclosing context's modifies clause
-Execution trace:
- (0,0): anon0
- LoopModifies.dfy(195,4): anon8_LoopHead
- (0,0): anon8_LoopBody
- LoopModifies.dfy(195,4): anon9_Else
- LoopModifies.dfy(195,4): anon11_Else
-LoopModifies.dfy(287,13): Error: assignment may update an array element not in the enclosing context's modifies clause
-Execution trace:
- (0,0): anon0
- LoopModifies.dfy(275,4): anon16_LoopHead
- (0,0): anon16_LoopBody
- LoopModifies.dfy(275,4): anon17_Else
- LoopModifies.dfy(275,4): anon19_Else
- LoopModifies.dfy(283,7): anon20_LoopHead
- (0,0): anon20_LoopBody
- LoopModifies.dfy(283,7): anon21_Else
- LoopModifies.dfy(283,7): anon23_Else
-
-Dafny program verifier finished with 23 verified, 9 errors
-
--------------------- Refinement.dfy --------------------
-Refinement.dfy(15,5): Error BP5003: A postcondition might not hold on this return path.
-Refinement.dfy(14,17): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
-Refinement.dfy[B](15,5): Error BP5003: A postcondition might not hold on this return path.
-Refinement.dfy(33,20): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
-Refinement.dfy(64,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
-Refinement.dfy(74,17): Error: assertion violation
-Execution trace:
- (0,0): anon0
-Refinement.dfy(93,12): Error BP5003: A postcondition might not hold on this return path.
-Refinement.dfy(72,15): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-Refinement.dfy(96,3): Error BP5003: A postcondition might not hold on this return path.
-Refinement.dfy(77,15): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
-Refinement.dfy(183,5): Error BP5003: A postcondition might not hold on this return path.
-Refinement.dfy[IncorrectConcrete](115,15): Related location: This is the postcondition that might not hold.
-Refinement.dfy(180,9): Related location
-Execution trace:
- (0,0): anon0
-Refinement.dfy(187,5): Error BP5003: A postcondition might not hold on this return path.
-Refinement.dfy[IncorrectConcrete](123,15): Related location: This is the postcondition that might not hold.
-Refinement.dfy(180,9): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon4_Then
- (0,0): anon3
-Refinement.dfy(193,7): Error: assertion violation
-Refinement.dfy[IncorrectConcrete](131,24): Related location
-Execution trace:
- (0,0): anon0
-
-Dafny program verifier finished with 48 verified, 9 errors
-
--------------------- RefinementErrors.dfy --------------------
-RefinementErrors.dfy(30,17): Error: a refining method is not allowed to add preconditions
-RefinementErrors.dfy(31,15): Error: a refining method is not allowed to extend the modifies clause
-RefinementErrors.dfy(34,14): Error: a predicate declaration (abc) can only refine a predicate
-RefinementErrors.dfy(35,8): Error: a field re-declaration (xyz) must be to ghostify the field
-RefinementErrors.dfy(37,13): Error: a function method cannot be changed into a (ghost) function in a refining module: F
-RefinementErrors.dfy(38,9): Error: type parameters are not allowed to be renamed from the names given in the function in the module being refined (expected 'A', found 'C')
-RefinementErrors.dfy(38,11): Error: type parameters are not allowed to be renamed from the names given in the function in the module being refined (expected 'B', found 'A')
-RefinementErrors.dfy(38,13): Error: type parameters are not allowed to be renamed from the names given in the function in the module being refined (expected 'C', found 'B')
-RefinementErrors.dfy(39,23): Error: the type of parameter 'z' is different from the type of the same parameter in the corresponding function in the module it refines ('seq<C>' instead of 'set<C>')
-RefinementErrors.dfy(40,9): Error: there is a difference in name of parameter 3 ('k' versus 'b') of function F compared to corresponding function in the module it refines
-RefinementErrors.dfy(57,20): Error: a function can be changed into a function method in a refining module only if the function has not yet been given a body: G
-11 resolution/type errors detected in RefinementErrors.dfy
-
--------------------- ReturnErrors.dfy --------------------
-ReturnErrors.dfy(32,10): Error: cannot have method call in return statement.
-ReturnErrors.dfy(38,10): Error: cannot have effectful parameter in multi-return statement.
-ReturnErrors.dfy(43,10): Error: can only have initialization methods which modify at most 'this'.
-3 resolution/type errors detected in ReturnErrors.dfy
-
--------------------- ReturnTests.dfy --------------------
-
-Dafny program verifier finished with 20 verified, 0 errors
-
--------------------- ChainingDisjointTests.dfy --------------------
-
-Dafny program verifier finished with 6 verified, 0 errors
-
--------------------- CallStmtTests.dfy --------------------
-CallStmtTests.dfy(6,3): Error: LHS of assignment must denote a mutable variable
-CallStmtTests.dfy(17,8): Error: actual out-parameter 0 is required to be a ghost variable
-2 resolution/type errors detected in CallStmtTests.dfy
-
--------------------- MultiSets.dfy --------------------
-MultiSets.dfy(159,3): Error BP5003: A postcondition might not hold on this return path.
-MultiSets.dfy(158,15): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
-MultiSets.dfy(165,3): Error BP5003: A postcondition might not hold on this return path.
-MultiSets.dfy(164,15): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
-MultiSets.dfy(178,11): Error: new number of occurrences might be negative
-Execution trace:
- (0,0): anon0
- (0,0): anon4_Then
- (0,0): anon3
-MultiSets.dfy(269,24): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon11_Then
- (0,0): anon3
- (0,0): anon12_Then
- (0,0): anon14_Else
-
-Dafny program verifier finished with 54 verified, 4 errors
-
--------------------- PredExpr.dfy --------------------
-PredExpr.dfy(7,12): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-PredExpr.dfy(39,15): Error: value assigned to a nat must be non-negative
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Else
- (0,0): anon6_Else
-PredExpr.dfy(52,17): Error: assertion violation
-Execution trace:
- (0,0): anon0
-PredExpr.dfy(77,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon8_Else
- (0,0): anon3
- PredExpr.dfy(76,20): anon10_Else
- (0,0): anon6
-
-Dafny program verifier finished with 11 verified, 4 errors
-
--------------------- Predicates.dfy --------------------
-Predicates.dfy[B](21,5): Error BP5003: A postcondition might not hold on this return path.
-Predicates.dfy[B](20,15): Related location: This is the postcondition that might not hold.
-Predicates.dfy(31,9): Related location
-Execution trace:
- (0,0): anon0
-Predicates.dfy(88,16): Error: assertion violation
-Execution trace:
- (0,0): anon0
-Predicates.dfy(92,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
-Predicates.dfy[Tricky_Full](126,5): Error BP5003: A postcondition might not hold on this return path.
-Predicates.dfy[Tricky_Full](125,15): Related location: This is the postcondition that might not hold.
-Predicates.dfy(136,7): Related location
-Predicates.dfy[Tricky_Full](116,9): Related location
-Execution trace:
- (0,0): anon0
-Predicates.dfy(164,5): Error BP5003: A postcondition might not hold on this return path.
-Predicates.dfy(163,15): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
-Predicates.dfy[Q1](154,5): Error BP5003: A postcondition might not hold on this return path.
-Predicates.dfy[Q1](153,15): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
-
-Dafny program verifier finished with 52 verified, 6 errors
-
--------------------- Skeletons.dfy --------------------
-Skeletons.dfy(45,3): Error BP5003: A postcondition might not hold on this return path.
-Skeletons.dfy(44,15): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
- Skeletons.dfy[C0](32,5): anon11_LoopHead
- (0,0): anon11_LoopBody
- Skeletons.dfy[C0](32,5): anon12_Else
- (0,0): anon13_Then
- Skeletons.dfy[C0](37,19): anon15_Else
- (0,0): anon10
-
-Dafny program verifier finished with 9 verified, 1 error
-
--------------------- OpaqueFunctions.dfy --------------------
-OpaqueFunctions.dfy(27,16): Error: assertion violation
-Execution trace:
- (0,0): anon0
-OpaqueFunctions.dfy(52,7): Error BP5002: A precondition for this call might not hold.
-OpaqueFunctions.dfy(24,16): Related location: This is the precondition that might not hold.
-Execution trace:
- (0,0): anon0
-OpaqueFunctions.dfy(58,20): Error: assertion violation
-Execution trace:
- (0,0): anon0
-OpaqueFunctions.dfy(60,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Then
-OpaqueFunctions.dfy(63,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Then
-OpaqueFunctions.dfy(66,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Else
-OpaqueFunctions.dfy(77,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Then
-OpaqueFunctions.dfy(79,9): Error BP5002: A precondition for this call might not hold.
-OpaqueFunctions.dfy[A'](24,16): Related location: This is the precondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-OpaqueFunctions.dfy(86,20): Error: assertion violation
-Execution trace:
- (0,0): anon0
-OpaqueFunctions.dfy(88,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Then
-OpaqueFunctions.dfy(91,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Then
-OpaqueFunctions.dfy(94,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Else
-OpaqueFunctions.dfy(105,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Then
-OpaqueFunctions.dfy(107,9): Error BP5002: A precondition for this call might not hold.
-OpaqueFunctions.dfy[A'](24,16): Related location: This is the precondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-OpaqueFunctions.dfy(114,20): Error: assertion violation
-Execution trace:
- (0,0): anon0
-OpaqueFunctions.dfy(116,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Then
-OpaqueFunctions.dfy(119,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Then
-OpaqueFunctions.dfy(122,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Else
-OpaqueFunctions.dfy(138,12): Error: assertion violation
-Execution trace:
- (0,0): anon0
-
-Dafny program verifier finished with 43 verified, 19 errors
-
--------------------- Maps.dfy --------------------
-Maps.dfy(78,8): Error: element may not be in domain
-Execution trace:
- (0,0): anon0
-Maps.dfy(128,13): Error: assertion violation
-Execution trace:
- (0,0): anon0
-
-Dafny program verifier finished with 32 verified, 2 errors
-
--------------------- LiberalEquality.dfy --------------------
-LiberalEquality.dfy(20,14): Error: arguments must have the same type (got T and U)
-LiberalEquality.dfy(39,14): Error: arguments must have the same type (got Weird<T,int,V> and Weird<T,bool,V>)
-LiberalEquality.dfy(54,14): Error: arguments must have the same type (got array<int> and array<bool>)
-3 resolution/type errors detected in LiberalEquality.dfy
-
--------------------- RefinementModificationChecking.dfy --------------------
-RefinementModificationChecking.dfy(19,4): Error: cannot assign to variable defined previously
-RefinementModificationChecking.dfy(20,4): Error: cannot assign to variable defined previously
-2 resolution/type errors detected in RefinementModificationChecking.dfy
-
--------------------- TailCalls.dfy --------------------
-TailCalls.dfy(21,15): Error: this recursive call is not recognized as being tail recursive, because it is followed by non-ghost code
-TailCalls.dfy(33,12): Error: 'decreases *' is allowed only on tail-recursive methods
-TailCalls.dfy(40,12): Error: 'decreases *' is allowed only on tail-recursive methods
-TailCalls.dfy(45,12): Error: 'decreases *' is allowed only on tail-recursive methods
-TailCalls.dfy(67,12): Error: 'decreases *' is allowed only on tail-recursive methods
-5 resolution/type errors detected in TailCalls.dfy
-
--------------------- IteratorResolution.dfy --------------------
-IteratorResolution.dfy(62,9): Error: LHS of assignment must denote a mutable field
-IteratorResolution.dfy(67,18): Error: arguments must have the same type (got _T0 and int)
-IteratorResolution.dfy(79,19): Error: RHS (of type bool) not assignable to LHS (of type int)
-IteratorResolution.dfy(82,13): Error: when allocating an object of type 'GenericIteratorResult', one of its constructor methods must be called
-IteratorResolution.dfy(86,15): Error: logical negation expects a boolean argument (instead got int)
-IteratorResolution.dfy(20,9): Error: LHS of assignment must denote a mutable field
-IteratorResolution.dfy(22,9): Error: LHS of assignment must denote a mutable field
-IteratorResolution.dfy(126,9): Error: unresolved identifier: _decreases3
-IteratorResolution.dfy(127,21): Error: arguments must have the same type (got int and ?)
-IteratorResolution.dfy(128,2): Error: LHS of assignment must denote a mutable field
-IteratorResolution.dfy(135,9): Error: unresolved identifier: _decreases1
-IteratorResolution.dfy(140,9): Error: unresolved identifier: _decreases0
-12 resolution/type errors detected in IteratorResolution.dfy
-
--------------------- Iterators.dfy --------------------
-Iterators.dfy(251,9): Error: failure to decrease termination measure
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Else
- (0,0): anon6_Else
-Iterators.dfy(274,9): Error: failure to decrease termination measure
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Else
- (0,0): anon6_Else
-Iterators.dfy(284,24): Error: failure to decrease termination measure
-Execution trace:
- (0,0): anon0
-Iterators.dfy(296,9): Error: cannot prove termination; try supplying a decreases clause
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Else
- (0,0): anon6_Else
-Iterators.dfy(317,9): Error: cannot prove termination; try supplying a decreases clause
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Else
- (0,0): anon6_Else
-Iterators.dfy(326,24): Error: cannot prove termination; try supplying a decreases clause
-Execution trace:
- (0,0): anon0
-Iterators.dfy(343,9): Error: failure to decrease termination measure
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Else
- (0,0): anon6_Else
-Iterators.dfy(353,24): Error: cannot prove termination; try supplying a decreases clause
-Execution trace:
- (0,0): anon0
-Iterators.dfy(370,9): Error: failure to decrease termination measure
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Else
- (0,0): anon6_Else
-Iterators.dfy(103,22): Error: assertion violation
-Execution trace:
- (0,0): anon0
-Iterators.dfy(106,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon4_Then
- (0,0): anon3
-Iterators.dfy(177,28): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon15_Then
-Iterators.dfy(208,7): Error: an assignment to _new is only allowed to shrink the set
-Execution trace:
- (0,0): anon0
- Iterators.dfy(197,3): anon16_LoopHead
- (0,0): anon16_LoopBody
- Iterators.dfy(197,3): anon17_Else
- Iterators.dfy(197,3): anon19_Else
- (0,0): anon20_Then
-Iterators.dfy(212,21): Error: assertion violation
-Execution trace:
- (0,0): anon0
- Iterators.dfy(197,3): anon16_LoopHead
- (0,0): anon16_LoopBody
- Iterators.dfy(197,3): anon17_Else
- Iterators.dfy(197,3): anon19_Else
- (0,0): anon21_Then
-Iterators.dfy(40,14): Error BP5002: A precondition for this call might not hold.
-Iterators.dfy(4,10): Related location: This is the precondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon35_Then
- (0,0): anon2
- (0,0): anon36_Then
- (0,0): anon5
- (0,0): anon37_Then
-Iterators.dfy(89,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
-Iterators.dfy(119,16): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-Iterators.dfy(150,16): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon4_Else
-Iterators.dfy(155,16): Error BP5002: A precondition for this call might not hold.
-Iterators.dfy(125,10): Related location: This is the precondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon4_Then
- (0,0): anon3
-Iterators.dfy(234,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- Iterators.dfy(225,3): anon14_LoopHead
- (0,0): anon14_LoopBody
- Iterators.dfy(225,3): anon15_Else
- Iterators.dfy(225,3): anon18_Else
- (0,0): anon19_Else
-
-Dafny program verifier finished with 65 verified, 20 errors
-
--------------------- RankPos.dfy --------------------
-
-Dafny program verifier finished with 11 verified, 0 errors
-
--------------------- RankNeg.dfy --------------------
-RankNeg.dfy(10,26): Error: cannot prove termination; try supplying a decreases clause
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Else
- (0,0): anon6_Then
-RankNeg.dfy(15,28): Error: cannot prove termination; try supplying a decreases clause
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Else
- (0,0): anon6_Then
-RankNeg.dfy(22,31): Error: cannot prove termination; try supplying a decreases clause
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Else
- (0,0): anon6_Then
-RankNeg.dfy(32,25): Error: cannot prove termination; try supplying a decreases clause
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Else
- (0,0): anon6_Then
-
-Dafny program verifier finished with 1 verified, 4 errors
-
--------------------- Computations.dfy --------------------
-
-Dafny program verifier finished with 58 verified, 0 errors
-
--------------------- ComputationsNeg.dfy --------------------
-ComputationsNeg.dfy(7,3): Error: failure to decrease termination measure
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-ComputationsNeg.dfy(11,1): Error BP5003: A postcondition might not hold on this return path.
-ComputationsNeg.dfy(10,17): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
-ComputationsNeg.dfy(23,1): Error BP5003: A postcondition might not hold on this return path.
-ComputationsNeg.dfy(22,11): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
-ComputationsNeg.dfy(36,13): Error: assertion violation
-Execution trace:
- (0,0): anon0
-ComputationsNeg.dfy(45,13): Error: assertion violation
-Execution trace:
- (0,0): anon0
-
-Dafny program verifier finished with 7 verified, 5 errors
-
--------------------- Include.dfy --------------------
-Include.dfy(19,19): Error BP5003: A postcondition might not hold on this return path.
-Includee.dfy(17,20): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-Includee.dfy[Concrete](22,16): Error: assertion violation
-Execution trace:
- (0,0): anon0
-Include.dfy(27,7): Error BP5003: A postcondition might not hold on this return path.
-Includee.dfy[Concrete](20,15): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Then
-
-Dafny program verifier finished with 4 verified, 3 errors
-
--------------------- Includee.dfy --------------------
-Includee.dfy(21,3): Error BP5003: A postcondition might not hold on this return path.
-Includee.dfy(20,15): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
-Includee.dfy(24,18): Error: assertion violation
-Execution trace:
- (0,0): anon0
-Includee.dfy(6,1): Error BP5003: A postcondition might not hold on this return path.
-Includee.dfy(5,13): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
-
-Dafny program verifier finished with 5 verified, 3 errors
-
--------------------- AutoReq.dfy --------------------
-AutoReq.dfy(247,3): Error: possible violation of function precondition
-AutoReq.dfy(239,12): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-AutoReq.dfy(13,3): Error: possible violation of function precondition
-AutoReq.dfy(5,14): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-AutoReq.dfy(25,3): Error: possible violation of function precondition
-AutoReq.dfy(5,14): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-AutoReq.dfy(38,12): Error: assertion violation
-AutoReq.dfy(31,13): Related location
-AutoReq.dfy(7,5): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon9_Then
-AutoReq.dfy(38,12): Error: possible violation of function precondition
-AutoReq.dfy(5,14): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon9_Then
-AutoReq.dfy(40,12): Error: assertion violation
-AutoReq.dfy(31,27): Related location
-AutoReq.dfy(7,5): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon10_Then
-AutoReq.dfy(40,12): Error: possible violation of function precondition
-AutoReq.dfy(5,14): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon10_Then
-AutoReq.dfy(45,12): Error: assertion violation
-AutoReq.dfy(31,13): Related location
-AutoReq.dfy(7,5): Related location
-Execution trace:
- (0,0): anon0
- (0,0): anon11_Then
-
-Dafny program verifier finished with 52 verified, 8 errors
-
--------------------- DatatypeUpdate.dfy --------------------
-
-Dafny program verifier finished with 2 verified, 0 errors
-
--------------------- ModifyStmt.dfy --------------------
-ModifyStmt.dfy(27,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
-ModifyStmt.dfy(42,5): Error: modify statement may violate context's modifies clause
-Execution trace:
- (0,0): anon0
-ModifyStmt.dfy(48,5): Error: modify statement may violate context's modifies clause
-Execution trace:
- (0,0): anon0
-ModifyStmt.dfy(61,5): Error: modify statement may violate context's modifies clause
-Execution trace:
- (0,0): anon0
-ModifyStmt.dfy(70,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
-ModifyStmt.dfy(89,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon9_Then
- ModifyStmt.dfy(81,7): anon10_LoopHead
- (0,0): anon10_LoopBody
- ModifyStmt.dfy(81,7): anon11_Else
- (0,0): anon12_Then
- (0,0): anon8
-ModifyStmt.dfy(99,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
-ModifyStmt.dfy(110,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
-ModifyStmt.dfy(122,16): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Then
-ModifyStmt.dfy(134,7): Error: assignment may update an object not in the enclosing context's modifies clause
-Execution trace:
- (0,0): anon0
-ModifyStmt.dfy(172,15): Error: assertion violation
-Execution trace:
- (0,0): anon0
-
-Dafny program verifier finished with 25 verified, 11 errors
-
--------------------- SeqSlice.dfy --------------------
-
-Dafny program verifier finished with 2 verified, 0 errors
-
--------------------- RealCompare.dfy --------------------
-RealCompare.dfy(35,5): Error: failure to decrease termination measure
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Then
-RealCompare.dfy(50,3): Error: decreases expression must be bounded below by 0.0
-Execution trace:
- (0,0): anon0
-RealCompare.dfy(141,12): Error: assertion violation
-Execution trace:
- (0,0): anon0
- RealCompare.dfy(133,3): anon7_LoopHead
- (0,0): anon7_LoopBody
- RealCompare.dfy(133,3): anon8_Else
- (0,0): anon9_Then
-RealCompare.dfy(156,12): Error: assertion violation
-Execution trace:
- (0,0): anon0
- RealCompare.dfy(147,3): anon9_LoopHead
- (0,0): anon9_LoopBody
- RealCompare.dfy(147,3): anon10_Else
- (0,0): anon12_Then
-
-Dafny program verifier finished with 24 verified, 4 errors
-
--------------------- AssumptionVariables0.dfy --------------------
-AssumptionVariables0.dfy(6,29): Error: there may be at most one assignment to an assumption variable, the RHS of which must match the expression "a0 && <boolean expression>"
-AssumptionVariables0.dfy(7,33): Error: there may be at most one assignment to an assumption variable, the RHS of which must match the expression "a2 && <boolean expression>"
-AssumptionVariables0.dfy(9,20): Error: assumption variable must be ghost
-AssumptionVariables0.dfy(9,2): Error: assumption variable must be of type 'bool'
-AssumptionVariables0.dfy(15,5): Error: there may be at most one assignment to an assumption variable, the RHS of which must match the expression "a3 && <boolean expression>"
-AssumptionVariables0.dfy(17,5): Error: there may be at most one assignment to an assumption variable, the RHS of which must match the expression "a3 && <boolean expression>"
-AssumptionVariables0.dfy(27,5): Error: there may be at most one assignment to an assumption variable, the RHS of which must match the expression "a0 && <boolean expression>"
-AssumptionVariables0.dfy(31,5): Error: there may be at most one assignment to an assumption variable, the RHS of which must match the expression "a0 && <boolean expression>"
-AssumptionVariables0.dfy(53,9): Error: there may be at most one assignment to an assumption variable, the RHS of which must match the expression "a0 && <boolean expression>"
-AssumptionVariables0.dfy(57,26): Error: assumption variable must be ghost
-AssumptionVariables0.dfy(61,37): Error: there may be at most one assignment to an assumption variable, the RHS of which must match the expression "a0 && <boolean expression>"
-AssumptionVariables0.dfy(61,10): Error: assumption variable must be of type 'bool'
-AssumptionVariables0.dfy(69,15): Error: there may be at most one assignment to an assumption variable, the RHS of which must match the expression "a0 && <boolean expression>"
-13 resolution/type errors detected in AssumptionVariables0.dfy
-
--------------------- AssumptionVariables1.dfy --------------------
-
-Dafny program verifier finished with 4 verified, 0 errors
-
--------------------- Superposition.dfy --------------------
-
-Verifying CheckWellformed$$_0_M0.C.M ...
- [0 proof obligations] verified
-
-Verifying Impl$$_0_M0.C.M ...
- [4 proof obligations] verified
-
-Verifying CheckWellformed$$_0_M0.C.P ...
- [4 proof obligations] verified
-
-Verifying CheckWellformed$$_0_M0.C.Q ...
- [3 proof obligations] error
-Superposition.dfy(27,15): Error BP5003: A postcondition might not hold on this return path.
-Superposition.dfy(28,26): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Else
-
-Verifying CheckWellformed$$_0_M0.C.R ...
- [3 proof obligations] error
-Superposition.dfy(33,15): Error BP5003: A postcondition might not hold on this return path.
-Superposition.dfy(34,26): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Else
-
-Verifying CheckWellformed$$_1_M1.C.M ...
- [0 proof obligations] verified
-
-Verifying Impl$$_1_M1.C.M ...
- [1 proof obligation] verified
-
-Verifying CheckWellformed$$_1_M1.C.P ...
- [1 proof obligation] error
-Superposition.dfy(50,15): Error BP5003: A postcondition might not hold on this return path.
-Superposition.dfy[M1](22,26): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon7_Else
- (0,0): anon9_Then
- (0,0): anon6
-
-Verifying CheckWellformed$$_1_M1.C.Q ...
- [0 proof obligations] verified
-
-Verifying CheckWellformed$$_1_M1.C.R ...
- [0 proof obligations] verified
-
-Dafny program verifier finished with 7 verified, 3 errors
-
--------------------- SmallTests.dfy --------------------
-SmallTests.dfy(33,11): Error: index out of range
-Execution trace:
- (0,0): anon0
-SmallTests.dfy(64,36): Error: possible division by zero
-Execution trace:
- (0,0): anon0
- (0,0): anon12_Then
-SmallTests.dfy(65,51): Error: possible division by zero
-Execution trace:
- (0,0): anon0
- (0,0): anon12_Else
- (0,0): anon3
- (0,0): anon13_Else
-SmallTests.dfy(66,22): Error: target object may be null
-Execution trace:
- (0,0): anon0
- (0,0): anon12_Then
- (0,0): anon3
- (0,0): anon13_Then
- (0,0): anon6
-SmallTests.dfy(85,24): Error: target object may be null
-Execution trace:
- (0,0): anon0
- SmallTests.dfy(84,5): anon8_LoopHead
- (0,0): anon8_LoopBody
- (0,0): anon9_Then
-SmallTests.dfy(119,5): Error: call may violate context's modifies clause
-Execution trace:
- (0,0): anon0
- (0,0): anon4_Else
- (0,0): anon3
-SmallTests.dfy(132,9): Error: call may violate context's modifies clause
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Then
-SmallTests.dfy(134,9): Error: call may violate context's modifies clause
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-SmallTests.dfy(174,9): Error: assignment may update an object field not in the enclosing context's modifies clause
-Execution trace:
- (0,0): anon0
- (0,0): anon22_Else
- (0,0): anon24_Else
- (0,0): anon26_Else
- (0,0): anon28_Then
- (0,0): anon29_Then
- (0,0): anon19
-SmallTests.dfy(198,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Then
-SmallTests.dfy(205,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Else
- (0,0): anon3
- (0,0): anon7_Then
-SmallTests.dfy(207,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Else
- (0,0): anon3
- (0,0): anon7_Else
-SmallTests.dfy(253,24): Error BP5002: A precondition for this call might not hold.
-SmallTests.dfy(231,30): Related location: This is the precondition that might not hold.
-Execution trace:
- (0,0): anon0
- SmallTests.dfy(248,19): anon3_Else
- (0,0): anon2
-SmallTests.dfy(358,12): Error: assertion violation
-Execution trace:
- (0,0): anon0
-SmallTests.dfy(368,12): Error: assertion violation
-Execution trace:
- (0,0): anon0
-SmallTests.dfy(378,6): Error: cannot prove termination; try supplying a decreases clause
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-SmallTests.dfy(682,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- SmallTests.dfy(679,5): anon7_LoopHead
- (0,0): anon7_LoopBody
- SmallTests.dfy(679,5): anon8_Else
- (0,0): anon9_Then
-SmallTests.dfy(703,14): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon7_Then
- (0,0): anon8_Then
- (0,0): anon3
-SmallTests.dfy(288,3): Error BP5003: A postcondition might not hold on this return path.
-SmallTests.dfy(282,11): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon18_Else
- (0,0): anon23_Then
- (0,0): anon24_Then
- (0,0): anon15
- (0,0): anon25_Else
-SmallTests.dfy(329,12): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon8_Then
- (0,0): anon7
-SmallTests.dfy(336,10): Error: assertion violation
-Execution trace:
- (0,0): anon0
-SmallTests.dfy(346,4): Error: cannot prove termination; try supplying a decreases clause
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-SmallTests.dfy(390,10): Error BP5003: A postcondition might not hold on this return path.
-SmallTests.dfy(393,41): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Else
-SmallTests.dfy(553,12): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Then
- (0,0): anon2
-SmallTests.dfy(567,20): Error: left-hand sides 0 and 1 may refer to the same location
-Execution trace:
- (0,0): anon0
- (0,0): anon27_Then
- (0,0): anon28_Then
- (0,0): anon4
- (0,0): anon29_Then
- (0,0): anon30_Then
- (0,0): anon9
- (0,0): anon31_Then
- (0,0): anon32_Then
- (0,0): anon12
-SmallTests.dfy(569,15): Error: left-hand sides 1 and 2 may refer to the same location
-Execution trace:
- (0,0): anon0
- (0,0): anon27_Then
- SmallTests.dfy(562,18): anon28_Else
- (0,0): anon4
- (0,0): anon29_Else
- (0,0): anon30_Then
- (0,0): anon9
- (0,0): anon31_Else
- (0,0): anon35_Then
- (0,0): anon36_Then
- (0,0): anon37_Then
- (0,0): anon22
- (0,0): anon38_Then
-SmallTests.dfy(576,25): Error: target object may be null
-Execution trace:
- (0,0): anon0
-SmallTests.dfy(589,10): Error: assertion violation
-Execution trace:
- (0,0): anon0
-SmallTests.dfy(613,5): Error: cannot establish the existence of LHS values that satisfy the such-that predicate
-Execution trace:
- (0,0): anon0
-SmallTests.dfy(636,10): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon8_Then
- (0,0): anon9_Then
- (0,0): anon4
- (0,0): anon10_Then
- (0,0): anon7
-SmallTests.dfy(650,10): Error: cannot establish the existence of LHS values that satisfy the such-that predicate
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Then
- (0,0): anon6_Then
- (0,0): anon3
-SmallTests.dfy(652,10): Error: cannot establish the existence of LHS values that satisfy the such-that predicate
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Else
-SmallTests.dfy(665,9): Error: cannot establish the existence of LHS values that satisfy the such-that predicate
-Execution trace:
- (0,0): anon0
-
-Dafny program verifier finished with 87 verified, 33 errors
-
-Dafny program verifier finished with 0 verified, 0 errors
-
--------------------- LetExpr.dfy --------------------
-LetExpr.dfy(8,12): Error: assertion violation
-Execution trace:
- (0,0): anon0
-LetExpr.dfy(107,21): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon11_Then
-LetExpr.dfy(251,19): Error: value assigned to a nat must be non-negative
-Execution trace:
- (0,0): anon0
- (0,0): anon5_Then
-LetExpr.dfy(254,19): Error: value assigned to a nat must be non-negative
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Then
-LetExpr.dfy(256,24): Error: value assigned to a nat must be non-negative
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Else
-LetExpr.dfy(285,14): Error: RHS is not certain to look like the pattern 'Agnes'
-Execution trace:
- (0,0): anon0
- (0,0): anon3_Else
-LetExpr.dfy(302,42): Error: value assigned to a nat must be non-negative
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Else
-LetExpr.dfy(304,12): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon6_Else
-
-Dafny program verifier finished with 38 verified, 8 errors
-
-Dafny program verifier finished with 0 verified, 0 errors
-
--------------------- Calculations.dfy --------------------
-Calculations.dfy(6,6): Error: index out of range
-Execution trace:
- (0,0): anon0
- (0,0): anon24_Then
-Calculations.dfy(11,15): Error: index out of range
-Execution trace:
- (0,0): anon0
- (0,0): anon26_Then
-Calculations.dfy(11,19): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon26_Then
-Calculations.dfy(55,12): Error: assertion violation
-Execution trace:
- (0,0): anon0
- Calculations.dfy(50,3): anon5_Else
-Calculations.dfy(78,15): Error: index out of range
-Execution trace:
- (0,0): anon0
- (0,0): anon12_Then
-Calculations.dfy(78,19): Error: assertion violation
-Execution trace:
- (0,0): anon0
- (0,0): anon12_Then
-
-Dafny program verifier finished with 9 verified, 6 errors
-
-Dafny program verifier finished with 0 verified, 0 errors
-
-Dafny program verifier finished with 44 verified, 0 errors
-Compiled assembly into Compilation.exe
-
-Dafny program verifier finished with 15 verified, 0 errors
-Compilation error: Arbitrary type ('_module.MyType') cannot be compiled
-Compilation error: Iterator _module.Iter has no body
-Compilation error: Method _module._default.M has no body
-Compilation error: Method _module._default.P has no body
-Compilation error: an assume statement cannot be compiled (line 11)
-Compilation error: Function _module._default.F has no body
-Compilation error: Function _module._default.H has no body
-Compilation error: an assume statement cannot be compiled (line 20)
-Compilation error: an assume statement cannot be compiled (line 23)
-Compilation error: an assume statement cannot be compiled (line 28)
-Compilation error: an assume statement cannot be compiled (line 37)
diff --git a/Test/dafny0/Array.dfy b/Test/dafny0/Array.dfy index 1b41267e..f6477708 100644 --- a/Test/dafny0/Array.dfy +++ b/Test/dafny0/Array.dfy @@ -137,6 +137,19 @@ class A { a != null && 0 <= j && j <= a.Length &&
a[j..j] == []
}
+
+ predicate Q0(s: seq<int>)
+ predicate Q1(s: seq<int>)
+ method FrameTest(a: array<int>) returns (b: array<int>)
+ requires a != null && Q0(a[..]);
+ {
+ b := CreateArray(a);
+ assert Q0(a[..]); // this should still be known after the call to CreateArray
+ assert Q1(b[..]);
+ }
+ method CreateArray(a: array<int>) returns (b: array<int>)
+ requires a != null;
+ ensures fresh(b) && Q1(b[..]);
}
type B;
diff --git a/Test/dafny0/Array.dfy.expect b/Test/dafny0/Array.dfy.expect index 86a19c51..081fd258 100644 --- a/Test/dafny0/Array.dfy.expect +++ b/Test/dafny0/Array.dfy.expect @@ -61,47 +61,47 @@ Execution trace: (0,0): anon10_Then
(0,0): anon11_Then
(0,0): anon12_Else
-Array.dfy(150,6): Error: insufficient reads clause to read array element
+Array.dfy(163,6): Error: insufficient reads clause to read array element
Execution trace:
(0,0): anon0
(0,0): anon7_Else
(0,0): anon8_Then
(0,0): anon9_Then
-Array.dfy(158,6): Error: insufficient reads clause to read array element
+Array.dfy(171,6): Error: insufficient reads clause to read array element
Execution trace:
(0,0): anon0
(0,0): anon7_Else
(0,0): anon8_Then
(0,0): anon9_Then
-Array.dfy(174,6): Error: assignment may update an array element not in the enclosing context's modifies clause
+Array.dfy(187,6): Error: assignment may update an array element not in the enclosing context's modifies clause
Execution trace:
(0,0): anon0
-Array.dfy(181,6): Error: assignment may update an array element not in the enclosing context's modifies clause
+Array.dfy(194,6): Error: assignment may update an array element not in the enclosing context's modifies clause
Execution trace:
(0,0): anon0
-Array.dfy(206,1): Error BP5003: A postcondition might not hold on this return path.
-Array.dfy(205,11): Related location: This is the postcondition that might not hold.
+Array.dfy(219,1): Error BP5003: A postcondition might not hold on this return path.
+Array.dfy(218,11): Related location: This is the postcondition that might not hold.
Execution trace:
(0,0): anon0
-Array.dfy(230,1): Error BP5003: A postcondition might not hold on this return path.
-Array.dfy(229,11): Related location: This is the postcondition that might not hold.
+Array.dfy(243,1): Error BP5003: A postcondition might not hold on this return path.
+Array.dfy(242,11): Related location: This is the postcondition that might not hold.
Execution trace:
(0,0): anon0
-Array.dfy(236,1): Error BP5003: A postcondition might not hold on this return path.
-Array.dfy(235,11): Related location: This is the postcondition that might not hold.
+Array.dfy(249,1): Error BP5003: A postcondition might not hold on this return path.
+Array.dfy(248,11): Related location: This is the postcondition that might not hold.
Execution trace:
(0,0): anon0
-Array.dfy(251,10): Error: value assigned to a nat must be non-negative
+Array.dfy(264,10): Error: value assigned to a nat must be non-negative
Execution trace:
(0,0): anon0
(0,0): anon5_Then
(0,0): anon2
(0,0): anon6_Then
-Array.dfy(252,5): Error: value assigned to a nat must be non-negative
+Array.dfy(265,5): Error: value assigned to a nat must be non-negative
Execution trace:
(0,0): anon0
(0,0): anon5_Then
(0,0): anon2
(0,0): anon6_Then
-Dafny program verifier finished with 41 verified, 20 errors
+Dafny program verifier finished with 46 verified, 20 errors
diff --git a/Test/dafny0/Computations.dfy b/Test/dafny0/Computations.dfy index 8050aded..83b2a571 100644 --- a/Test/dafny0/Computations.dfy +++ b/Test/dafny0/Computations.dfy @@ -184,3 +184,26 @@ ghost method test_fib3(k: nat, m: nat) var y := 12;
assert y <= k && k < y + m && m == 1 ==> fib(k)==144;
}
+
+module NeedsAllLiteralsAxiom {
+ // The following test shows that there exist an example that
+ // benefits from the all-literals axiom. (It's not clear how
+ // important such an example is, nor is it clear what the cost
+ // of including the all-literals axiom is.)
+
+ function trick(n: nat, m: nat): nat
+ decreases n; // note that m is not included
+ {
+ if n < m || m==0 then n else trick(n-m, m) + m
+ }
+
+ lemma lemma_trick(n: nat, m: nat)
+ ensures trick(n, m) == n;
+ {
+ }
+
+ lemma calc_trick(n: nat, m: nat)
+ ensures trick(100, 10) == 100;
+ {
+ }
+}
diff --git a/Test/dafny0/Computations.dfy.expect b/Test/dafny0/Computations.dfy.expect index 85c793d4..71fc8a81 100644 --- a/Test/dafny0/Computations.dfy.expect +++ b/Test/dafny0/Computations.dfy.expect @@ -1,2 +1,2 @@ -Dafny program verifier finished with 58 verified, 0 errors
+Dafny program verifier finished with 63 verified, 0 errors
diff --git a/Test/dafny0/DirtyLoops.dfy b/Test/dafny0/DirtyLoops.dfy new file mode 100644 index 00000000..6a49e733 --- /dev/null +++ b/Test/dafny0/DirtyLoops.dfy @@ -0,0 +1,6 @@ +// RUN: %dafny /compile:0 /dprint:"%t.dprint.dfy" "%s" > "%t"; %dafny /noVerify /compile:0 "%t.dprint.dfy" >> "%t"
+// RUN: %diff "%s.expect" "%t"
+
+method M(S: set<int>) {
+ forall s | s in S ensures s < 0;
+}
diff --git a/Test/dafny0/DirtyLoops.dfy.expect b/Test/dafny0/DirtyLoops.dfy.expect new file mode 100644 index 00000000..5c12e1ef --- /dev/null +++ b/Test/dafny0/DirtyLoops.dfy.expect @@ -0,0 +1,4 @@ +
+Dafny program verifier finished with 2 verified, 0 errors
+
+Dafny program verifier finished with 0 verified, 0 errors
diff --git a/Test/dafny0/Inverses.dfy b/Test/dafny0/Inverses.dfy new file mode 100644 index 00000000..7995255a --- /dev/null +++ b/Test/dafny0/Inverses.dfy @@ -0,0 +1,112 @@ +// RUN: %dafny /compile:0 /print:"%t.print" /dprint:"%t.dprint" "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+
+// This identity function is used to so that if the occurrence of i below
+// that is enclosed by Id gets chosen by the SMT solver as a trigger, then
+// Id will be part of that trigger. This means that the quantifier will
+// not match, and thus the 'forall' statement will be useless and the method
+// will not verify. If, however, the inverting functionality in Dafny
+// works properly, then the 'i' in the right-hand side of the forall assignments
+// below will not be chosen in any trigger, and then the methods should
+// verify.
+function method Id(x: int): int { x }
+
+method Copy<T>(a: array<T>) returns (r: array<T>)
+ requires a != null;
+ ensures fresh(r) && r.Length == a.Length && forall k :: 0 <= k < a.Length ==> r[k] == a[k];
+{
+ r := new T[a.Length];
+ forall i | 0 <= i < a.Length {
+ r[i] := a[Id(i)];
+ }
+}
+
+method ShiftLeftA<T>(a: array<T>, n: nat) returns (r: array<T>)
+ requires a != null && n <= a.Length;
+ ensures fresh(r) && r.Length == a.Length - n && forall k :: n <= k < a.Length ==> r[k - n] == a[k];
+{
+ r := new T[a.Length - n];
+ forall i | 0 <= i < a.Length - n {
+ r[i] := a[i + n];
+ }
+}
+
+method ShiftLeftB<T>(a: array<T>, n: nat) returns (r: array<T>)
+ requires a != null && n <= a.Length;
+ ensures fresh(r) && r.Length == a.Length - n && forall k :: 0 <= k < a.Length - n ==> r[k] == a[k + n];
+{
+ r := new T[a.Length - n];
+ forall i | n <= i < a.Length {
+ r[i - n] := a[Id(i)];
+ }
+}
+
+method ShiftLeftC<T>(a: array<T>, n: nat) returns (r: array<T>)
+ requires a != null && n <= a.Length;
+ ensures fresh(r) && r.Length == a.Length - n && forall k :: 0 <= k < a.Length - n ==> r[k] == a[k + n];
+{
+ r := new T[a.Length - n];
+ forall i | n <= i < a.Length {
+ r[i + 15 - n - 15] := a[Id(i)];
+ }
+}
+
+method Insert<T>(a: array<T>, p: nat, n: nat) returns (r: array<T>)
+ requires a != null && p <= a.Length;
+ ensures fresh(r) && r.Length == a.Length + n;
+ ensures forall k :: 0 <= k < p ==> r[k] == a[k];
+ ensures forall k :: p <= k < a.Length ==> r[k + n] == a[k];
+{
+ r := new T[a.Length + n];
+ forall i | 0 <= i < a.Length {
+ r[if i < p then i else i + n] := a[Id(i)];
+ }
+}
+
+method RotateA<T>(a: array<T>) returns (r: array<T>)
+ requires a != null;
+ ensures fresh(r) && r.Length == a.Length;
+ ensures forall k :: 0 <= k < a.Length ==> r[(k + 1) % a.Length] == a[k];
+{
+ r := new T[a.Length];
+ forall i | 0 <= i < a.Length {
+ r[(i + 1) % a.Length] := a[Id(i)]; // error: Dafny does not find an inverse for this one,
+ // which causes Z3 to pick Id(i) as the trigger, which
+ // causes the verification to fail.
+ }
+}
+
+method RotateB<T>(a: array<T>) returns (r: array<T>)
+ requires a != null;
+ ensures fresh(r) && r.Length == a.Length;
+ ensures forall k :: 0 <= k < a.Length ==> r[(k + 1) % a.Length] == a[k];
+{
+ r := new T[a.Length];
+ forall i | 0 <= i < a.Length {
+ r[if i + 1 == a.Length then 0 else i + 1] := a[Id(i)]; // error: Dafny does not find an inverse
+ // for this one, so (like in RotateA),
+ // the verification fails.
+ }
+}
+
+method RotateC<T>(a: array<T>) returns (r: array<T>)
+ requires a != null;
+ ensures fresh(r) && r.Length == a.Length;
+ ensures forall k :: 0 <= k < a.Length ==> r[(k + 1) % a.Length] == a[k];
+{
+ r := new T[a.Length];
+ forall i | 0 <= i < a.Length {
+ r[if i == a.Length - 1 then 0 else i + 1] := a[Id(i)]; // yes, Dafny can invert this one
+ }
+}
+
+method RotateD<T>(a: array<T>) returns (r: array<T>)
+ requires a != null;
+ ensures fresh(r) && r.Length == a.Length;
+ ensures forall k :: 0 <= k < a.Length ==> r[(k + 1) % a.Length] == a[k];
+{
+ r := new T[a.Length];
+ forall i | 0 <= i < a.Length {
+ r[if a.Length - 1 == i then 0 else i + 1] := a[Id(i)]; // yes, Dafny can invert this one
+ }
+}
diff --git a/Test/dafny0/Inverses.dfy.expect b/Test/dafny0/Inverses.dfy.expect new file mode 100644 index 00000000..a04f21dc --- /dev/null +++ b/Test/dafny0/Inverses.dfy.expect @@ -0,0 +1,12 @@ +Inverses.dfy(70,1): Error BP5003: A postcondition might not hold on this return path.
+Inverses.dfy(69,11): Related location: This is the postcondition that might not hold.
+Execution trace:
+ (0,0): anon0
+ (0,0): anon6_Else
+Inverses.dfy(83,1): Error BP5003: A postcondition might not hold on this return path.
+Inverses.dfy(82,11): Related location: This is the postcondition that might not hold.
+Execution trace:
+ (0,0): anon0
+ (0,0): anon9_Else
+
+Dafny program verifier finished with 17 verified, 2 errors
diff --git a/Test/dafny0/MatchBraces.dfy b/Test/dafny0/MatchBraces.dfy new file mode 100644 index 00000000..7da3647d --- /dev/null +++ b/Test/dafny0/MatchBraces.dfy @@ -0,0 +1,147 @@ +// RUN: %dafny /print:"%t.print" /env:0 /dprint:- "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+
+datatype Color = Red | Green | Blue
+
+// ----- match expressions in general positions
+
+method M(c: Color, d: Color) {
+ var x := match c
+ case Red => 5
+ case Green => 7
+ case Blue => 11;
+ var y := match c
+ case Red => 0.3
+ case Green => (match d case Red => 0.18 case Green => 0.21 case Blue => 0.98)
+ case Blue => 98.0;
+ var z := match c
+ case Red => Green
+ case Green => match d {
+ case Red => Red
+ case Green => Blue
+ case Blue => Red
+ }
+ case Blue => Green;
+ var w := match c { case Red => 2 case Green => 3 case Blue => 4 } + 10;
+ var t := match c
+ case Red => 0
+ case Green => (match d {
+ case Red => 2
+ case Green => 2
+ case Blue => 1
+ } + (((match d case Red => 10 case Green => 8 case Blue => 5))))
+ case Blue => (match d {
+ case Red => 20
+ case Green => 20
+ case Blue => 10
+ } + (((match d case Red => 110 case Green => 108 case Blue => 105))));
+}
+
+// ----- match expressions in top-level positions
+
+function Heat(c: Color): int
+{
+ match c
+ case Red => 10
+ case Green => 12
+ case Blue => 14
+}
+
+function IceCream(c: Color): int
+{
+ match c {
+ case Red => 0
+ case Green => 4
+ case Blue => 1
+ }
+}
+
+function Flowers(c: Color, d: Color): int
+{
+ match c {
+ case Red =>
+ match d {
+ case Red => 0
+ case Green => 1
+ case Blue => 2
+ }
+ case Green =>
+ match d {
+ case Red => 3
+ case Green => 3
+ case Blue => 2
+ } + 20
+ case Blue =>
+ match d {
+ case Red => 9
+ case Green => 8
+ case Blue => 7
+ } +
+ ((match d case Red => 23 case Green => 29 case Blue => 31))
+ }
+}
+
+// ----- match statements
+
+method P(c: Color, d: Color) {
+ var x: int;
+ match c {
+ case Red =>
+ x := 20;
+ case Green =>
+ case Blue =>
+ }
+ match c
+ case Red =>
+ match d {
+ case Red =>
+ case Green =>
+ case Blue =>
+ }
+ case Green =>
+ var y := 25;
+ var z := y + 3;
+ case Blue =>
+ {
+ var y := 25;
+ var z := y + 3;
+ }
+ match d // note: this 'match' is part of the previous case
+ case Red =>
+ case Green =>
+ x := x + 1;
+ case Blue =>
+}
+
+lemma HeatIsEven(c: Color)
+ ensures Heat(c) % 2 == 0;
+{
+ match c
+ case Red =>
+ assert 10 % 2 == 0;
+ case Green =>
+ assert 12 % 2 == 0;
+ case Blue => // all looks nice, huh? :)
+ // obvious
+}
+
+method DegenerateExamples(c: Color)
+ requires Heat(c) == 10; // this implies c == Red
+{
+ match c
+ case Red =>
+ case Green =>
+ match c { }
+ case Blue =>
+ match c
+}
+
+method MoreDegenerateExamples(c: Color)
+ requires Heat(c) == 10; // this implies c == Red
+{
+ if c == Green {
+ var x: int := match c;
+ var y: int := match c {};
+ var z := match c case Blue => 4;
+ }
+}
diff --git a/Test/dafny0/MatchBraces.dfy.expect b/Test/dafny0/MatchBraces.dfy.expect new file mode 100644 index 00000000..dfe1215f --- /dev/null +++ b/Test/dafny0/MatchBraces.dfy.expect @@ -0,0 +1,121 @@ +// MatchBraces.dfy
+
+datatype Color = Red | Green | Blue
+
+method M(c: Color, d: Color)
+{
+ var x := match c case Red => 5 case Green => 7 case Blue => 11;
+ var y := match c case Red => 0.3 case Green => (match d case Red => 0.18 case Green => 0.21 case Blue => 0.98) case Blue => 98.0;
+ var z := match c case Red => Green case Green => match d { case Red => Red case Green => Blue case Blue => Red } case Blue => Green;
+ var w := match c { case Red => 2 case Green => 3 case Blue => 4 } + 10;
+ var t := match c case Red => 0 case Green => match d { case Red => 2 case Green => 2 case Blue => 1 } + (match d case Red => 10 case Green => 8 case Blue => 5) case Blue => match d { case Red => 20 case Green => 20 case Blue => 10 } + match d case Red => 110 case Green => 108 case Blue => 105;
+}
+
+function Heat(c: Color): int
+{
+ match c
+ case Red =>
+ 10
+ case Green =>
+ 12
+ case Blue =>
+ 14
+}
+
+function IceCream(c: Color): int
+{
+ match c {
+ case Red =>
+ 0
+ case Green =>
+ 4
+ case Blue =>
+ 1
+ }
+}
+
+function Flowers(c: Color, d: Color): int
+{
+ match c {
+ case Red =>
+ match d {
+ case Red =>
+ 0
+ case Green =>
+ 1
+ case Blue =>
+ 2
+ }
+ case Green =>
+ match d { case Red => 3 case Green => 3 case Blue => 2 } + 20
+ case Blue =>
+ match d { case Red => 9 case Green => 8 case Blue => 7 } + match d case Red => 23 case Green => 29 case Blue => 31
+ }
+}
+
+method P(c: Color, d: Color)
+{
+ var x: int;
+ match c {
+ case Red =>
+ x := 20;
+ case Green =>
+ case Blue =>
+ }
+ match c
+ case Red =>
+ match d {
+ case Red =>
+ case Green =>
+ case Blue =>
+ }
+ case Green =>
+ var y := 25;
+ var z := y + 3;
+ case Blue =>
+ {
+ var y := 25;
+ var z := y + 3;
+ }
+ match d
+ case Red =>
+ case Green =>
+ x := x + 1;
+ case Blue =>
+}
+
+lemma HeatIsEven(c: Color)
+ ensures Heat(c) % 2 == 0;
+{
+ match c
+ case Red =>
+ assert 10 % 2 == 0;
+ case Green =>
+ assert 12 % 2 == 0;
+ case Blue =>
+}
+
+method DegenerateExamples(c: Color)
+ requires Heat(c) == 10;
+{
+ match c
+ case Red =>
+ case Green =>
+ match c {
+ }
+ case Blue =>
+ match c
+}
+
+method MoreDegenerateExamples(c: Color)
+ requires Heat(c) == 10;
+{
+ if c == Green {
+ var x: int := match c;
+ var y: int := match c { };
+ var z := match c case Blue => 4;
+ }
+}
+
+Dafny program verifier finished with 13 verified, 0 errors
+Compiled assembly into MatchBraces.dll
diff --git a/Test/dafny0/MultiSets.dfy b/Test/dafny0/MultiSets.dfy index 3d6034ad..3535f857 100644 --- a/Test/dafny0/MultiSets.dfy +++ b/Test/dafny0/MultiSets.dfy @@ -269,3 +269,29 @@ method MultiSetProperty0(s: multiset<object>, t: multiset<object>, p: object) assert s + (t - s) == t; // error
}
}
+
+// ---------- additional properties
+
+lemma UpperBoundOnOccurrenceCount(s: multiset<int>, x: int)
+ ensures 0 <= s[x] <= |s|;
+{
+}
+
+lemma MultisetCardinalityFromSequenceLength(s: seq<int>)
+ ensures |multiset(s)| == |s|;
+{
+}
+
+lemma Set_and_Multiset_Cardinalities(x: int, y: int)
+{
+ if * {
+ assert 1 <= |{x,y}| <= 2;
+ if x != y {
+ assert 2 <= |{x,y}|;
+ } else {
+ assert 2 <= |{x,y}|; // error
+ }
+ } else {
+ assert |multiset{x,y}| == 2;
+ }
+}
diff --git a/Test/dafny0/MultiSets.dfy.expect b/Test/dafny0/MultiSets.dfy.expect index cdee5d20..30534b11 100644 --- a/Test/dafny0/MultiSets.dfy.expect +++ b/Test/dafny0/MultiSets.dfy.expect @@ -18,5 +18,11 @@ Execution trace: (0,0): anon3
(0,0): anon12_Then
(0,0): anon14_Else
+MultiSets.dfy(292,16): Error: assertion violation
+Execution trace:
+ (0,0): anon0
+ (0,0): anon8_Then
+ (0,0): anon3
+ (0,0): anon9_Else
-Dafny program verifier finished with 54 verified, 4 errors
+Dafny program verifier finished with 59 verified, 5 errors
diff --git a/Test/dafny0/ResolutionErrors.dfy b/Test/dafny0/ResolutionErrors.dfy index e49f9823..74405fa5 100644 --- a/Test/dafny0/ResolutionErrors.dfy +++ b/Test/dafny0/ResolutionErrors.dfy @@ -905,3 +905,63 @@ module LhsLvalue { method MyLemma() returns (w: int)
}
+
+// ------------------- dirty loops -------------------
+
+method DirtyM(S: set<int>) {
+ forall s | s in S ensures s < 0;
+ assert s < 0; // error: s is unresolved
+}
+
+// ------------------- tuples -------------------
+
+method TupleResolution(x: int, y: int, r: real)
+{
+ var unit: () := ();
+ var expr: int := (x);
+ var pair: (int,int) := (x, x);
+ var triple: (int,int,int) := (y, x, x);
+ var badTriple: (int,real,int) := (y, x, r); // error: parameters 1 and 2 have the wrong types
+ var quadruple: (int,real,int,real) := (y, r, x); // error: trying to use a triple as a quadruple
+
+ assert unit == ();
+ assert pair.0 == pair.1;
+ assert triple.2 == x;
+
+ assert triple.2; // error: 2 has type int, not the expected bool
+ assert triple.3 == pair.x; // error(s): 3 and x are not destructors
+
+ var k0 := (5, (true, 2, 3.14));
+ var k1 := (((false, 10, 2.7)), 100, 120);
+ if k0.1 == k1.0 {
+ assert false;
+ } else if k0.1.1 < k1.0.1 {
+ assert k1.2 == 120;
+ }
+
+ // int and (int) are the same type (i.e., there are no 1-tuples)
+ var pp: (int) := x;
+ var qq: int := pp;
+}
+
+// --- filling in type arguments and checking that there aren't too many ---
+
+module TypeArgumentCount {
+ class C<T> {
+ var f: T;
+ }
+
+ method R0(a: array3, c: C)
+
+ method R1()
+ {
+ var a: array3;
+ var c: C;
+ }
+
+ method R2<T>()
+ {
+ var a: array3<T,int>; // error: too many type arguments
+ var c: C<T,int>; // error: too many type arguments
+ }
+}
diff --git a/Test/dafny0/ResolutionErrors.dfy.expect b/Test/dafny0/ResolutionErrors.dfy.expect index a811669c..e8e18ab7 100644 --- a/Test/dafny0/ResolutionErrors.dfy.expect +++ b/Test/dafny0/ResolutionErrors.dfy.expect @@ -54,6 +54,8 @@ ResolutionErrors.dfy(898,9): Error: cannot assign to a range of array elements ( ResolutionErrors.dfy(899,9): Error: cannot assign to a range of array elements (try the 'forall' statement)
ResolutionErrors.dfy(900,5): Error: cannot assign to a range of array elements (try the 'forall' statement)
ResolutionErrors.dfy(901,5): Error: cannot assign to a range of array elements (try the 'forall' statement)
+ResolutionErrors.dfy(964,11): Error: Wrong number of type arguments (2 instead of 1) passed to class/datatype: array3
+ResolutionErrors.dfy(965,11): Error: Wrong number of type arguments (2 instead of 1) passed to class/datatype: C
ResolutionErrors.dfy(429,2): Error: More than one default constructor
ResolutionErrors.dfy(50,13): Error: 'this' is not allowed in a 'static' context
ResolutionErrors.dfy(111,9): Error: ghost variables are allowed only in specification contexts
@@ -133,4 +135,11 @@ ResolutionErrors.dfy(543,20): Error: ghost variables are allowed only in specifi ResolutionErrors.dfy(545,7): Error: let-such-that expressions are allowed only in ghost contexts
ResolutionErrors.dfy(546,18): Error: unresolved identifier: w
ResolutionErrors.dfy(653,11): Error: lemmas are not allowed to have modifies clauses
-135 resolution/type errors detected in ResolutionErrors.dfy
+ResolutionErrors.dfy(913,9): Error: unresolved identifier: s
+ResolutionErrors.dfy(924,32): Error: RHS (of type (int,int,real)) not assignable to LHS (of type (int,real,int))
+ResolutionErrors.dfy(925,37): Error: RHS (of type (int,real,int)) not assignable to LHS (of type (int,real,int,real))
+ResolutionErrors.dfy(931,9): Error: condition is expected to be of type bool, but is int
+ResolutionErrors.dfy(932,16): Error: member 3 does not exist in datatype _tuple#3
+ResolutionErrors.dfy(932,26): Error: member x does not exist in datatype _tuple#2
+ResolutionErrors.dfy(932,18): Error: arguments must have the same type (got (int,int,int) and (int,int))
+144 resolution/type errors detected in ResolutionErrors.dfy
diff --git a/Test/dafny0/Tuples.dfy b/Test/dafny0/Tuples.dfy new file mode 100644 index 00000000..81d054dd --- /dev/null +++ b/Test/dafny0/Tuples.dfy @@ -0,0 +1,34 @@ +// RUN: %dafny /compile:0 /print:"%t.print" /dprint:"%t.dprint" "%s" > "%t"
+// RUN: %diff "%s.expect" "%t"
+
+method M(x: int)
+{
+ var unit := ();
+ var expr := (x);
+ var pair := (x, x);
+ var triple := (x, x, x);
+}
+
+method N(x: int, y: int)
+{
+ var unit: () := ();
+ var expr: int := (x);
+ var pair: (int,int) := (x, x);
+ var triple: (int,int,int) := (y, x, x);
+
+ assert unit == ();
+ assert pair.0 == pair.1;
+ assert triple.2 == x;
+ assert triple.0 == triple.1; // error: they may be different
+
+ var k := (24, 100 / y); // error: possible division by zero
+ assert 2 <= k.0 < 29;
+
+ var k0 := (5, (true, 2, 3.14));
+ var k1 := (((false, 10, 2.7)), 100, 120);
+ if k0.1 == k1.0 {
+ assert false;
+ } else if k0.1.1 < k1.0.1 {
+ assert k1.2 == 120;
+ }
+}
diff --git a/Test/dafny0/Tuples.dfy.expect b/Test/dafny0/Tuples.dfy.expect new file mode 100644 index 00000000..13c706d3 --- /dev/null +++ b/Test/dafny0/Tuples.dfy.expect @@ -0,0 +1,8 @@ +Tuples.dfy(22,19): Error: assertion violation
+Execution trace:
+ (0,0): anon0
+Tuples.dfy(24,21): Error: possible division by zero
+Execution trace:
+ (0,0): anon0
+
+Dafny program verifier finished with 3 verified, 2 errors
diff --git a/Test/dafny0/TypeParameters.dfy b/Test/dafny0/TypeParameters.dfy index 963916f0..900b6110 100644 --- a/Test/dafny0/TypeParameters.dfy +++ b/Test/dafny0/TypeParameters.dfy @@ -321,3 +321,35 @@ method IdentityMap(s: set<Pair>) returns (m: map) m, s := m[p.0 := p.1], s - {p};
}
}
+
+// -------------- auto filled-in type arguments for array types ------
+
+module ArrayTypeMagic {
+ method M(a: array2)
+ {
+ }
+
+ method F(b: array) returns (s: seq)
+ requires b != null;
+ {
+ return b[..];
+ }
+
+ datatype ArrayCubeTree = Leaf(array3) | Node(ArrayCubeTree, ArrayCubeTree)
+ datatype AnotherACT<T> = Leaf(array3) | Node(AnotherACT, AnotherACT)
+ datatype OneMoreACT<T,U> = Leaf(array3) | Node(OneMoreACT, OneMoreACT)
+
+ function G(t: ArrayCubeTree): array3
+ {
+ match t
+ case Leaf(d) => d
+ case Node(l, _) => G(l)
+ }
+
+ datatype Nat = Zero | Succ(Nat)
+
+ datatype List<T> = Nil | Cons(T, List)
+
+ datatype Cell<T> = Mk(T)
+ datatype DList<T,U> = Nil(Cell) | Cons(T, U, DList)
+}
diff --git a/Test/dafny0/TypeParameters.dfy.expect b/Test/dafny0/TypeParameters.dfy.expect index 00efc26f..3d00e89a 100644 --- a/Test/dafny0/TypeParameters.dfy.expect +++ b/Test/dafny0/TypeParameters.dfy.expect @@ -49,4 +49,4 @@ Execution trace: TypeParameters.dfy(177,3): anon21_Else
TypeParameters.dfy(177,3): anon23_Else
-Dafny program verifier finished with 58 verified, 8 errors
+Dafny program verifier finished with 63 verified, 8 errors
diff --git a/Test/dafny0/runtest.bat b/Test/dafny0/runtest.bat deleted file mode 100644 index fe3a29e1..00000000 --- a/Test/dafny0/runtest.bat +++ /dev/null @@ -1,54 +0,0 @@ -@echo off
-setlocal
-
-set BINARIES=..\..\Binaries
-set DAFNY_EXE=%BINARIES%\Dafny.exe
-
-for %%f in (Simple.dfy) do (
- echo.
- echo -------------------- %%f --------------------
- %DAFNY_EXE% %* /dprint:- /env:0 /noVerify %%f
-)
-
-for %%f in (TypeTests.dfy NatTypes.dfy RealTypes.dfy Definedness.dfy
- FunctionSpecifications.dfy ResolutionErrors.dfy ParseErrors.dfy
- Array.dfy MultiDimArray.dfy NonGhostQuantifiers.dfy AdvancedLHS.dfy
- ModulesCycle.dfy Modules0.dfy Modules1.dfy Modules2.dfy BadFunction.dfy
- Comprehensions.dfy Basics.dfy ControlStructures.dfy
- Termination.dfy DTypes.dfy ParallelResolveErrors.dfy Parallel.dfy
- TypeParameters.dfy Datatypes.dfy StatementExpressions.dfy
- Coinductive.dfy Corecursion.dfy CoResolution.dfy
- CoPrefix.dfy CoinductiveProofs.dfy
- TypeAntecedents.dfy NoTypeArgs.dfy EqualityTypes.dfy SplitExpr.dfy
- LoopModifies.dfy Refinement.dfy RefinementErrors.dfy
- ReturnErrors.dfy ReturnTests.dfy ChainingDisjointTests.dfy
- CallStmtTests.dfy MultiSets.dfy PredExpr.dfy
- Predicates.dfy Skeletons.dfy OpaqueFunctions.dfy
- Maps.dfy LiberalEquality.dfy
- RefinementModificationChecking.dfy TailCalls.dfy
- IteratorResolution.dfy Iterators.dfy
- RankPos.dfy RankNeg.dfy
- Computations.dfy ComputationsNeg.dfy
- Include.dfy Includee.dfy AutoReq.dfy DatatypeUpdate.dfy ModifyStmt.dfy SeqSlice.dfy
- RealCompare.dfy
- AssumptionVariables0.dfy AssumptionVariables1.dfy) do (
- echo.
- echo -------------------- %%f --------------------
- %DAFNY_EXE% /compile:0 /print:out.bpl.tmp /dprint:out.dfy.tmp %* %%f
-)
-
-for %%f in (Superposition.dfy) do (
- echo.
- echo -------------------- %%f --------------------
- %DAFNY_EXE% /compile:0 /print:out.bpl.tmp /dprint:out.dfy.tmp /tracePOs %* %%f
-)
-
-for %%f in (SmallTests.dfy LetExpr.dfy Calculations.dfy) do (
- echo.
- echo -------------------- %%f --------------------
- %DAFNY_EXE% /compile:0 /print:out.bpl.tmp /dprint:out.tmp.dfy %* %%f
- %DAFNY_EXE% /noVerify /compile:0 %* out.tmp.dfy
-)
-
-%DAFNY_EXE% %* Compilation.dfy
-%DAFNY_EXE% %* CompilationErrors.dfy
diff --git a/Test/dafny0/snapshots/Snapshots0.v0.dfy b/Test/dafny0/snapshots/Snapshots0.v0.dfy new file mode 100644 index 00000000..73db9f9c --- /dev/null +++ b/Test/dafny0/snapshots/Snapshots0.v0.dfy @@ -0,0 +1,8 @@ +method foo()
+{
+ bar();
+ assert false;
+}
+
+method bar()
+ ensures false;
diff --git a/Test/dafny0/snapshots/Snapshots0.v1.dfy b/Test/dafny0/snapshots/Snapshots0.v1.dfy new file mode 100644 index 00000000..db9fc01a --- /dev/null +++ b/Test/dafny0/snapshots/Snapshots0.v1.dfy @@ -0,0 +1,8 @@ +method foo()
+{
+ bar();
+ assert false; // error
+}
+
+method bar()
+ ensures true;
diff --git a/Test/dafny0/snapshots/Snapshots1.v0.dfy b/Test/dafny0/snapshots/Snapshots1.v0.dfy new file mode 100644 index 00000000..dd1e7deb --- /dev/null +++ b/Test/dafny0/snapshots/Snapshots1.v0.dfy @@ -0,0 +1,13 @@ +method M()
+{
+ N();
+ assert false;
+}
+
+method N()
+ ensures P;
+
+predicate P
+{
+ false
+}
diff --git a/Test/dafny0/snapshots/Snapshots1.v1.dfy b/Test/dafny0/snapshots/Snapshots1.v1.dfy new file mode 100644 index 00000000..93ad6068 --- /dev/null +++ b/Test/dafny0/snapshots/Snapshots1.v1.dfy @@ -0,0 +1,13 @@ +method M()
+{
+ N();
+ assert false; // error
+}
+
+method N()
+ ensures P;
+
+predicate P
+{
+ true
+}
diff --git a/Test/dafny0/snapshots/Snapshots2.v0.dfy b/Test/dafny0/snapshots/Snapshots2.v0.dfy new file mode 100644 index 00000000..37b9982b --- /dev/null +++ b/Test/dafny0/snapshots/Snapshots2.v0.dfy @@ -0,0 +1,19 @@ +method M()
+{
+ N();
+ assert false;
+}
+
+method N()
+ ensures P;
+
+predicate P
+ ensures P == Q;
+
+predicate Q
+ ensures Q == R;
+
+predicate R
+{
+ false
+}
diff --git a/Test/dafny0/snapshots/Snapshots2.v1.dfy b/Test/dafny0/snapshots/Snapshots2.v1.dfy new file mode 100644 index 00000000..03719744 --- /dev/null +++ b/Test/dafny0/snapshots/Snapshots2.v1.dfy @@ -0,0 +1,19 @@ +method M()
+{
+ N();
+ assert false; // error
+}
+
+method N()
+ ensures P;
+
+predicate P
+ ensures P == Q;
+
+predicate Q
+ ensures Q == R;
+
+predicate R
+{
+ true
+}
diff --git a/Test/dafny0/snapshots/lit.local.cfg b/Test/dafny0/snapshots/lit.local.cfg new file mode 100644 index 00000000..07cb869f --- /dev/null +++ b/Test/dafny0/snapshots/lit.local.cfg @@ -0,0 +1,5 @@ +# This test is unusual in that we don't use the .bpl files +# directly on the command line. So instead we'll invoke +# files in this directory with extension '.snapshot'. There +# will only be one for now +config.suffixes = ['.snapshot'] diff --git a/Test/dafny0/snapshots/runtest.snapshot b/Test/dafny0/snapshots/runtest.snapshot new file mode 100644 index 00000000..c3cf6b00 --- /dev/null +++ b/Test/dafny0/snapshots/runtest.snapshot @@ -0,0 +1,2 @@ +// RUN: %dafny /compile:0 /verifySnapshots:2 /verifySeparately Snapshots0.dfy Snapshots1.dfy Snapshots2.dfy > "%t" +// RUN: %diff "%s.expect" "%t" diff --git a/Test/dafny0/snapshots/runtest.snapshot.expect b/Test/dafny0/snapshots/runtest.snapshot.expect new file mode 100644 index 00000000..87827811 --- /dev/null +++ b/Test/dafny0/snapshots/runtest.snapshot.expect @@ -0,0 +1,27 @@ +
+-------------------- Snapshots0.dfy --------------------
+
+Dafny program verifier finished with 3 verified, 0 errors
+Snapshots0.v1.dfy(4,10): Error: assertion violation
+Execution trace:
+ (0,0): anon0
+
+Dafny program verifier finished with 2 verified, 1 error
+
+-------------------- Snapshots1.dfy --------------------
+
+Dafny program verifier finished with 4 verified, 0 errors
+Snapshots1.v1.dfy(4,10): Error: assertion violation
+Execution trace:
+ (0,0): anon0
+
+Dafny program verifier finished with 3 verified, 1 error
+
+-------------------- Snapshots2.dfy --------------------
+
+Dafny program verifier finished with 6 verified, 0 errors
+Snapshots2.v1.dfy(4,10): Error: assertion violation
+Execution trace:
+ (0,0): anon0
+
+Dafny program verifier finished with 5 verified, 1 error
diff --git a/Test/dafny1/Answer b/Test/dafny1/Answer deleted file mode 100644 index e60451c2..00000000 --- a/Test/dafny1/Answer +++ /dev/null @@ -1,124 +0,0 @@ -
--------------------- Queue.dfy --------------------
-
-Dafny program verifier finished with 22 verified, 0 errors
-
--------------------- PriorityQueue.dfy --------------------
-
-Dafny program verifier finished with 24 verified, 0 errors
-
--------------------- ExtensibleArray.dfy --------------------
-
-Dafny program verifier finished with 11 verified, 0 errors
-
--------------------- ExtensibleArrayAuto.dfy --------------------
-
-Dafny program verifier finished with 11 verified, 0 errors
-
--------------------- BinaryTree.dfy --------------------
-
-Dafny program verifier finished with 24 verified, 0 errors
-
--------------------- UnboundedStack.dfy --------------------
-
-Dafny program verifier finished with 12 verified, 0 errors
-
--------------------- SeparationLogicList.dfy --------------------
-
-Dafny program verifier finished with 16 verified, 0 errors
-
--------------------- ListCopy.dfy --------------------
-
-Dafny program verifier finished with 4 verified, 0 errors
-
--------------------- ListReverse.dfy --------------------
-
-Dafny program verifier finished with 2 verified, 0 errors
-
--------------------- ListContents.dfy --------------------
-
-Dafny program verifier finished with 9 verified, 0 errors
-
--------------------- MatrixFun.dfy --------------------
-
-Dafny program verifier finished with 8 verified, 0 errors
-
--------------------- pow2.dfy --------------------
-
-Dafny program verifier finished with 8 verified, 0 errors
-
--------------------- SchorrWaite.dfy --------------------
-
-Dafny program verifier finished with 10 verified, 0 errors
-
--------------------- SchorrWaite-stages.dfy --------------------
-
-Dafny program verifier finished with 16 verified, 0 errors
-
--------------------- Cubes.dfy --------------------
-
-Dafny program verifier finished with 2 verified, 0 errors
-
--------------------- SumOfCubes.dfy --------------------
-
-Dafny program verifier finished with 17 verified, 0 errors
-
--------------------- FindZero.dfy --------------------
-
-Dafny program verifier finished with 8 verified, 0 errors
-
--------------------- TerminationDemos.dfy --------------------
-
-Dafny program verifier finished with 14 verified, 0 errors
-
--------------------- Substitution.dfy --------------------
-
-Dafny program verifier finished with 12 verified, 0 errors
-
--------------------- TreeDatatype.dfy --------------------
-
-Dafny program verifier finished with 10 verified, 0 errors
-
--------------------- KatzManna.dfy --------------------
-
-Dafny program verifier finished with 6 verified, 0 errors
-
--------------------- Induction.dfy --------------------
-
-Dafny program verifier finished with 33 verified, 0 errors
-
--------------------- Rippling.dfy --------------------
-
-Dafny program verifier finished with 141 verified, 0 errors
-
--------------------- MoreInduction.dfy --------------------
-MoreInduction.dfy(78,1): Error BP5003: A postcondition might not hold on this return path.
-MoreInduction.dfy(77,11): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
-MoreInduction.dfy(83,1): Error BP5003: A postcondition might not hold on this return path.
-MoreInduction.dfy(82,21): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
-MoreInduction.dfy(88,1): Error BP5003: A postcondition might not hold on this return path.
-MoreInduction.dfy(87,11): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
-MoreInduction.dfy(93,1): Error BP5003: A postcondition might not hold on this return path.
-MoreInduction.dfy(92,22): Related location: This is the postcondition that might not hold.
-Execution trace:
- (0,0): anon0
-
-Dafny program verifier finished with 15 verified, 4 errors
-
--------------------- Celebrity.dfy --------------------
-
-Dafny program verifier finished with 10 verified, 0 errors
-
--------------------- BDD.dfy --------------------
-
-Dafny program verifier finished with 5 verified, 0 errors
-
--------------------- UltraFilter.dfy --------------------
-
-Dafny program verifier finished with 19 verified, 0 errors
diff --git a/Test/dafny1/SchorrWaite-stages.dfy b/Test/dafny1/SchorrWaite-stages.dfy index 7b2e7eda..a51a9fd0 100644 --- a/Test/dafny1/SchorrWaite-stages.dfy +++ b/Test/dafny1/SchorrWaite-stages.dfy @@ -176,6 +176,7 @@ abstract module M1 refines M0 { // discharge the "everything reachable is marked" postcondition, whose proof we postponed above
// by supplying an assume statement. Here, we refine that assume statement into an assert.
assert ...;
+ assume ...;
}
}
diff --git a/Test/dafny1/runtest.bat b/Test/dafny1/runtest.bat deleted file mode 100644 index f02a7965..00000000 --- a/Test/dafny1/runtest.bat +++ /dev/null @@ -1,26 +0,0 @@ -@echo off
-setlocal
-
-set BINARIES=..\..\Binaries
-set DAFNY_EXE=%BINARIES%\Dafny.exe
-
-%DAFNY_EXE% /compile:0 /dprint:out.dfy.tmp /verifySeparately %* Queue.dfy PriorityQueue.dfy ExtensibleArray.dfy ExtensibleArrayAuto.dfy BinaryTree.dfy UnboundedStack.dfy SeparationLogicList.dfy ListCopy.dfy ListReverse.dfy ListContents.dfy MatrixFun.dfy pow2.dfy SchorrWaite.dfy SchorrWaite-stages.dfy Cubes.dfy SumOfCubes.dfy FindZero.dfy TerminationDemos.dfy Substitution.dfy TreeDatatype.dfy KatzManna.dfy Induction.dfy Rippling.dfy MoreInduction.dfy Celebrity.dfy BDD.dfy UltraFilter.dfy
-
-rem for %%f in (Queue.dfy PriorityQueue.dfy
-rem ExtensibleArray.dfy ExtensibleArrayAuto.dfy
-rem BinaryTree.dfy
-rem UnboundedStack.dfy
-rem SeparationLogicList.dfy
-rem ListCopy.dfy ListReverse.dfy ListContents.dfy
-rem MatrixFun.dfy pow2.dfy
-rem SchorrWaite.dfy SchorrWaite-stages.dfy
-rem Cubes.dfy SumOfCubes.dfy FindZero.dfy
-rem TerminationDemos.dfy Substitution.dfy TreeDatatype.dfy KatzManna.dfy
-rem Induction.dfy Rippling.dfy MoreInduction.dfy
-rem Celebrity.dfy BDD.dfy
-rem UltraFilter.dfy
-rem ) do (
-rem echo.
-rem echo -------------------- %%f --------------------
-rem %DAFNY_EXE% /compile:0 /dprint:out.dfy.tmp %* %%f
-rem )
diff --git a/Test/dafny2/Answer b/Test/dafny2/Answer deleted file mode 100644 index 9fa6f4ef..00000000 --- a/Test/dafny2/Answer +++ /dev/null @@ -1,60 +0,0 @@ -
--------------------- Classics.dfy --------------------
-
-Dafny program verifier finished with 5 verified, 0 errors
-
--------------------- TreeBarrier.dfy --------------------
-
-Dafny program verifier finished with 8 verified, 0 errors
-
--------------------- COST-verif-comp-2011-1-MaxArray.dfy --------------------
-
-Dafny program verifier finished with 2 verified, 0 errors
-
--------------------- COST-verif-comp-2011-2-MaxTree-class.dfy --------------------
-
-Dafny program verifier finished with 8 verified, 0 errors
-
--------------------- COST-verif-comp-2011-2-MaxTree-datatype.dfy --------------------
-
-Dafny program verifier finished with 5 verified, 0 errors
-
--------------------- COST-verif-comp-2011-3-TwoDuplicates.dfy --------------------
-
-Dafny program verifier finished with 4 verified, 0 errors
-
--------------------- COST-verif-comp-2011-4-FloydCycleDetect.dfy --------------------
-
-Dafny program verifier finished with 25 verified, 0 errors
-
--------------------- StoreAndRetrieve.dfy --------------------
-
-Dafny program verifier finished with 22 verified, 0 errors
-
--------------------- Intervals.dfy --------------------
-
-Dafny program verifier finished with 5 verified, 0 errors
-
--------------------- TreeFill.dfy --------------------
-
-Dafny program verifier finished with 3 verified, 0 errors
-
--------------------- TuringFactorial.dfy --------------------
-
-Dafny program verifier finished with 3 verified, 0 errors
-
--------------------- MajorityVote.dfy --------------------
-
-Dafny program verifier finished with 16 verified, 0 errors
-
--------------------- SegmentSum.dfy --------------------
-
-Dafny program verifier finished with 3 verified, 0 errors
-
--------------------- MonotonicHeapstate.dfy --------------------
-
-Dafny program verifier finished with 36 verified, 0 errors
-
--------------------- Calculations.dfy --------------------
-
-Dafny program verifier finished with 31 verified, 0 errors
diff --git a/Test/dafny2/runtest.bat b/Test/dafny2/runtest.bat deleted file mode 100644 index d038acce..00000000 --- a/Test/dafny2/runtest.bat +++ /dev/null @@ -1,27 +0,0 @@ -@echo off
-setlocal
-
-set BINARIES=..\..\Binaries
-set DAFNY_EXE=%BINARIES%\Dafny.exe
-
-REM soon again: SnapshotableTrees.dfy
-
-%DAFNY_EXE% /compile:0 /dprint:out.dfy.tmp /verifySeparately %* Classics.dfy TreeBarrier.dfy COST-verif-comp-2011-1-MaxArray.dfy COST-verif-comp-2011-2-MaxTree-class.dfy COST-verif-comp-2011-2-MaxTree-datatype.dfy COST-verif-comp-2011-3-TwoDuplicates.dfy COST-verif-comp-2011-4-FloydCycleDetect.dfy StoreAndRetrieve.dfy Intervals.dfy TreeFill.dfy TuringFactorial.dfy MajorityVote.dfy SegmentSum.dfy MonotonicHeapstate.dfy Calculations.dfy
-
-rem for %%f in (
-rem Classics.dfy
-rem TreeBarrier.dfy
-rem COST-verif-comp-2011-1-MaxArray.dfy
-rem COST-verif-comp-2011-2-MaxTree-class.dfy
-rem COST-verif-comp-2011-2-MaxTree-datatype.dfy
-rem COST-verif-comp-2011-3-TwoDuplicates.dfy
-rem COST-verif-comp-2011-4-FloydCycleDetect.dfy
-rem StoreAndRetrieve.dfy
-rem Intervals.dfy TreeFill.dfy TuringFactorial.dfy
-rem MajorityVote.dfy SegmentSum.dfy
-rem MonotonicHeapstate.dfy Calculations.dfy
-rem ) do (
-rem echo.
-rem echo -------------------- %%f --------------------
-rem %DAFNY_EXE% /compile:0 /dprint:out.dfy.tmp %* %%f
-rem )
diff --git a/Test/dafny3/Answer b/Test/dafny3/Answer deleted file mode 100644 index 9e8ac835..00000000 --- a/Test/dafny3/Answer +++ /dev/null @@ -1,64 +0,0 @@ - --------------------- Iter.dfy --------------------
-
-Dafny program verifier finished with 15 verified, 0 errors
- --------------------- Streams.dfy --------------------
-
-Dafny program verifier finished with 52 verified, 0 errors
- --------------------- Dijkstra.dfy --------------------
-
-Dafny program verifier finished with 12 verified, 0 errors
- --------------------- CachedContainer.dfy --------------------
-
-Dafny program verifier finished with 47 verified, 0 errors
- --------------------- SimpleInduction.dfy --------------------
-
-Dafny program verifier finished with 12 verified, 0 errors
- --------------------- SimpleCoinduction.dfy --------------------
-
-Dafny program verifier finished with 31 verified, 0 errors
- --------------------- CalcExample.dfy --------------------
-
-Dafny program verifier finished with 6 verified, 0 errors
- --------------------- InductionVsCoinduction.dfy --------------------
-
-Dafny program verifier finished with 20 verified, 0 errors
- --------------------- Zip.dfy --------------------
-
-Dafny program verifier finished with 24 verified, 0 errors
- --------------------- SetIterations.dfy --------------------
-
-Dafny program verifier finished with 13 verified, 0 errors
- --------------------- Paulson.dfy --------------------
-
-Dafny program verifier finished with 28 verified, 0 errors
- --------------------- Filter.dfy --------------------
-
-Dafny program verifier finished with 43 verified, 0 errors
- --------------------- WideTrees.dfy --------------------
-
-Dafny program verifier finished with 10 verified, 0 errors
- --------------------- InfiniteTrees.dfy --------------------
-
-Dafny program verifier finished with 88 verified, 0 errors
- --------------------- OpaqueTrees.dfy --------------------
-
-Dafny program verifier finished with 6 verified, 0 errors
- --------------------- GenericSort.dfy --------------------
-
-Dafny program verifier finished with 36 verified, 0 errors
diff --git a/Test/dafny3/runtest.bat b/Test/dafny3/runtest.bat deleted file mode 100644 index 41971d4e..00000000 --- a/Test/dafny3/runtest.bat +++ /dev/null @@ -1,19 +0,0 @@ -@echo off
-setlocal
-
-set BINARIES=..\..\Binaries
-set DAFNY_EXE=%BINARIES%\Dafny.exe
-
-%DAFNY_EXE% /compile:0 /verifySeparately /dprint:out.dfy.tmp %* Iter.dfy Streams.dfy Dijkstra.dfy CachedContainer.dfy SimpleInduction.dfy SimpleCoinduction.dfy CalcExample.dfy InductionVsCoinduction.dfy Zip.dfy SetIterations.dfy Paulson.dfy Filter.dfy WideTrees.dfy InfiniteTrees.dfy OpaqueTrees.dfy GenericSort.dfy
-
-rem for %%f in (
-rem Iter.dfy Streams.dfy Dijkstra.dfy CachedContainer.dfy
-rem SimpleInduction.dfy SimpleCoinduction.dfy CalcExample.dfy
-rem InductionVsCoinduction.dfy Zip.dfy SetIterations.dfy
-rem Paulson.dfy Filter.dfy WideTrees.dfy InfiniteTrees.dfy
-rem OpaqueTrees.dfy GenericSort.dfy
-rem ) do (
-rem echo.
-rem echo -------------------- %%f --------------------
-rem %DAFNY_EXE% /compile:0 /dprint:out.dfy.tmp %* %%f
-rem )
diff --git a/Test/dafny4/Answer b/Test/dafny4/Answer deleted file mode 100644 index 14986a59..00000000 --- a/Test/dafny4/Answer +++ /dev/null @@ -1,43 +0,0 @@ -
--------------------- CoqArt-InsertionSort.dfy --------------------
-
-Dafny program verifier finished with 36 verified, 0 errors
-
--------------------- GHC-MergeSort.dfy --------------------
-
-Dafny program verifier finished with 83 verified, 0 errors
-
--------------------- Fstar-QuickSort.dfy --------------------
-
-Dafny program verifier finished with 6 verified, 0 errors
-
--------------------- Primes.dfy --------------------
-
-Dafny program verifier finished with 24 verified, 0 errors
-
--------------------- KozenSilva.dfy --------------------
-
-Dafny program verifier finished with 47 verified, 0 errors
-
--------------------- SoftwareFoundations-Basics.dfy --------------------
-SoftwareFoundations-Basics.dfy(41,12): Error: assertion violation
-Execution trace:
- (0,0): anon0
-
-Dafny program verifier finished with 82 verified, 1 error
-
--------------------- NumberRepresentations.dfy --------------------
-
-Dafny program verifier finished with 33 verified, 0 errors
-
--------------------- Circ.dfy --------------------
-
-Dafny program verifier finished with 16 verified, 0 errors
-
--------------------- ACL2-extractor.dfy --------------------
-
-Dafny program verifier finished with 33 verified, 0 errors
-
--------------------- ClassRefinement.dfy --------------------
-
-Dafny program verifier finished with 18 verified, 0 errors
diff --git a/Test/dafny4/NumberRepresentations.dfy b/Test/dafny4/NumberRepresentations.dfy index d7c142ee..5b7f3a0f 100644 --- a/Test/dafny4/NumberRepresentations.dfy +++ b/Test/dafny4/NumberRepresentations.dfy @@ -8,6 +8,7 @@ function eval(digits: seq<int>, base: int): int
requires 2 <= base;
+ decreases digits; // see comment in test_eval()
{
if |digits| == 0 then 0 else digits[0] + base * eval(digits[1..], base)
}
@@ -16,36 +17,21 @@ lemma test_eval() {
assert forall base :: 2 <= base ==> eval([], base) == 0;
assert forall base :: 2 <= base ==> eval([0], base) == 0;
- forall base | 2 <= base {
- calc {
- eval([0, 0], base);
- 0;
- }
- }
- calc {
- eval([3, 2], 10);
- 3 + 10 * eval([2], 10);
- 23;
- }
+ // To prove this automatically, it is necessary that the Lit axiom is sensitive only to the
+ // 'digits' argument being a literal. Hence, the explicit 'decreases digits' clause on the
+ // 'eval' function.
+ assert forall base :: 2 <= base ==> eval([0, 0], base) == 0;
+
+ assert eval([3, 2], 10) == 23;
+
var oct, dec := 8, 10;
- calc {
- eval([1, 3], oct);
- 1 + oct * eval([3], oct);
- 5 + dec * eval([2], dec);
- eval([5, 2], dec);
- }
+ assert eval([1, 3], oct) == eval([5, 2], dec);
assert eval([29], 420) == 29;
assert eval([29], 8) == 29;
- calc {
- eval([-2, 1, -3], 5);
- -2 + 5 * eval([1, -3], 5);
- -2 + 5 * 1 + 25 * eval([-3], 5);
- -2 + 5 * 1 + 25 * (-3);
- -72;
- }
+ assert eval([-2, 1, -3], 5) == -72;
}
// To achieve a unique (except for leading zeros) representation of each number, we
diff --git a/Test/dafny4/runtest.bat b/Test/dafny4/runtest.bat deleted file mode 100644 index cec5d271..00000000 --- a/Test/dafny4/runtest.bat +++ /dev/null @@ -1,7 +0,0 @@ -@echo off
-setlocal
-
-set BINARIES=..\..\Binaries
-set DAFNY_EXE=%BINARIES%\Dafny.exe
-
-%DAFNY_EXE% /compile:0 /verifySeparately /dprint:out.dfy.tmp %* CoqArt-InsertionSort.dfy GHC-MergeSort.dfy Fstar-QuickSort.dfy Primes.dfy KozenSilva.dfy SoftwareFoundations-Basics.dfy NumberRepresentations.dfy Circ.dfy ACL2-extractor.dfy ClassRefinement.dfy
diff --git a/Test/lit.site.cfg b/Test/lit.site.cfg index c9597a4c..d0b3a85b 100644 --- a/Test/lit.site.cfg +++ b/Test/lit.site.cfg @@ -125,7 +125,7 @@ else: lit_config.warning('Skipping solver sanity check on Windows') # Add diff tool substitution -commonDiffFlags=' --unified=3 --strip-trailing-cr --ignore-all-space' +commonDiffFlags=' --unified=3 --strip-trailing-cr' diffExecutable = None if os.name == 'posix': diffExecutable = 'diff' + commonDiffFlags diff --git a/Test/runtest.bat b/Test/runtest.bat deleted file mode 100644 index dfc3ae00..00000000 --- a/Test/runtest.bat +++ /dev/null @@ -1,39 +0,0 @@ -@echo off
-rem Usage: runtest.bat <dir>
-if "%1" == "" goto noDirSpecified
-if not exist %1\nul goto noDirExists
-echo ----- Running regression test %1
-pushd %1
-if not exist runtest.bat goto noRunTest
-call runtest.bat -nologo -logPrefix:%* > Output
-rem There seem to be some race between finishing writing to the Output file, and running fc.
-rem Calling fc twice seems to fix (or at least alleviate) the problem.
-fc /W Answer Output > nul
-fc /W Answer Output > nul
-if not errorlevel 1 goto passTest
-echo ============ %1 FAILED ====================================
-goto errorEnd
-
-:passTest
-echo Success: %1
-goto end
-
-:noDirSpecified
-echo runtest: Error: Syntax: runtest testDirectory [ additionalTestArguments ... ]
-goto errorEnd
-
-:noDirExists
-echo runtest: Error: There is no test directory %1
-goto errorEnd
-
-:noRunTest
-echo runtest: Error: no runtest.bat found in test directory %1
-goto errorEnd
-
-:errorEnd
-popd
-exit /b 1
-
-:end
-popd
-exit /b 0
diff --git a/Test/runtestall.bat b/Test/runtestall.bat deleted file mode 100644 index 207bb030..00000000 --- a/Test/runtestall.bat +++ /dev/null @@ -1,24 +0,0 @@ -@echo off
-setlocal
-
-set errors=0
-
-if "%1" == "short" goto UseShort
-
-set IncludeLong=True
-goto Loop
-
-:UseShort
-set IncludeLong=False
-shift
-goto Loop
-
-:Loop
-for /F "eol=; tokens=1,2,3*" %%i in (alltests.txt) do if %%j==Use call runtest.bat %%i %1 %2 %3 %4 %5 %6 %7 %8 %9 || set errors=1
-
-if not %IncludeLong%==True goto End
-
-for /F "eol=; tokens=1,2,3*" %%i in (alltests.txt) do if %%j==Long call runtest.bat %%i %1 %2 %3 %4 %5 %6 %7 %8 %9 || set errors=1
-
-:End
-exit /b %errors%
\ No newline at end of file diff --git a/Test/vacid0/Answer b/Test/vacid0/Answer deleted file mode 100644 index 90bbcc78..00000000 --- a/Test/vacid0/Answer +++ /dev/null @@ -1,12 +0,0 @@ -
--------------------- LazyInitArray.dfy --------------------
-
-Dafny program verifier finished with 7 verified, 0 errors
-
--------------------- SparseArray.dfy --------------------
-
-Dafny program verifier finished with 9 verified, 0 errors
-
--------------------- Composite.dfy --------------------
-
-Dafny program verifier finished with 16 verified, 0 errors
diff --git a/Test/vacid0/AnswerRuntimeChecking b/Test/vacid0/AnswerRuntimeChecking deleted file mode 100644 index e69de29b..00000000 --- a/Test/vacid0/AnswerRuntimeChecking +++ /dev/null diff --git a/Test/vacid0/runtest.bat b/Test/vacid0/runtest.bat deleted file mode 100644 index d7f31c3b..00000000 --- a/Test/vacid0/runtest.bat +++ /dev/null @@ -1,13 +0,0 @@ -@echo off
-setlocal
-
-set BINARIES=..\..\Binaries
-set DAFNY_EXE=%BINARIES%\Dafny.exe
-
-%DAFNY_EXE% /compile:0 /verifySeparately %* LazyInitArray.dfy SparseArray.dfy Composite.dfy
-
-rem for %%f in (LazyInitArray.dfy SparseArray.dfy Composite.dfy) do (
-rem echo.
-rem echo -------------------- %%f --------------------
-rem %DAFNY_EXE% /compile:0 %* %%f
-rem )
diff --git a/Test/vstte2012/Answer b/Test/vstte2012/Answer deleted file mode 100644 index 43eddcb1..00000000 --- a/Test/vstte2012/Answer +++ /dev/null @@ -1,24 +0,0 @@ -
--------------------- Two-Way-Sort.dfy --------------------
-
-Dafny program verifier finished with 4 verified, 0 errors
-
--------------------- Combinators.dfy --------------------
-
-Dafny program verifier finished with 25 verified, 0 errors
-
--------------------- RingBuffer.dfy --------------------
-
-Dafny program verifier finished with 13 verified, 0 errors
-
--------------------- RingBufferAuto.dfy --------------------
-
-Dafny program verifier finished with 13 verified, 0 errors
-
--------------------- Tree.dfy --------------------
-
-Dafny program verifier finished with 15 verified, 0 errors
-
--------------------- BreadthFirstSearch.dfy --------------------
-
-Dafny program verifier finished with 22 verified, 0 errors
diff --git a/Test/vstte2012/RingBufferAuto.dfy b/Test/vstte2012/RingBufferAuto.dfy index a9d36932..a4bdf0a0 100644 --- a/Test/vstte2012/RingBufferAuto.dfy +++ b/Test/vstte2012/RingBufferAuto.dfy @@ -56,6 +56,24 @@ class {:autocontracts} RingBuffer<T> Contents := Contents + [x];
}
+ method ResizingEnqueue(x: T)
+ ensures Contents == old(Contents) + [x] && N >= old(N);
+ {
+ if data.Length == len {
+ var more := data.Length + 1;
+ var d := new T[data.Length + more];
+ forall i | 0 <= i < data.Length {
+ d[if i < start then i else i + more] := data[i];
+ }
+ N, data, start := N + more, d, if len == 0 then 0 else start + more;
+ }
+ var nextEmpty := if start + len < data.Length
+ then start + len else start + len - data.Length;
+ data[nextEmpty] := x;
+ len := len + 1;
+ Contents := Contents + [x];
+ }
+
method Dequeue() returns (x: T)
requires Contents != [];
modifies Repr;
diff --git a/Test/vstte2012/RingBufferAuto.dfy.expect b/Test/vstte2012/RingBufferAuto.dfy.expect index aeb37948..b06ff8fc 100644 --- a/Test/vstte2012/RingBufferAuto.dfy.expect +++ b/Test/vstte2012/RingBufferAuto.dfy.expect @@ -1,2 +1,2 @@ -Dafny program verifier finished with 13 verified, 0 errors
+Dafny program verifier finished with 15 verified, 0 errors
diff --git a/Test/vstte2012/runtest.bat b/Test/vstte2012/runtest.bat deleted file mode 100644 index 7e597fd4..00000000 --- a/Test/vstte2012/runtest.bat +++ /dev/null @@ -1,23 +0,0 @@ -@echo off
-setlocal
-
-set BINARIES=..\..\Binaries
-set DAFNY_EXE=%BINARIES%\Dafny.exe
-
-%DAFNY_EXE% /compile:0 /dprint:out.dfy.tmp /verifySeparately %* Two-Way-Sort.dfy Combinators.dfy RingBuffer.dfy RingBufferAuto.dfy Tree.dfy
-
-echo.
-echo -------------------- BreadthFirstSearch.dfy --------------------
-%DAFNY_EXE% /compile:0 /dprint:out.dfy.tmp /vcsMaxKeepGoingSplits:10 %* BreadthFirstSearch.dfy
-
-rem for %%f in (
-rem Two-Way-Sort.dfy
-rem Combinators.dfy
-rem RingBuffer.dfy RingBufferAuto.dfy
-rem Tree.dfy
-rem BreadthFirstSearch.dfy
-rem ) do (
-rem echo.
-rem echo -------------------- %%f --------------------
-rem %DAFNY_EXE% /compile:0 /dprint:out.dfy.tmp %* %%f
-rem )
|