diff options
| author |  Rustan Leino <leino@microsoft.com> | 2012-10-03 21:59:23 -0700 |
|---|---|---|
| committer | Rustan Leino <leino@microsoft.com> | 2012-10-03 21:59:23 -0700 |
| commit | 8c2d89e567cc51bbe2595d8aa434d3684d26892c (patch) | |
| tree | 3a3de28d4f17a95d8fec2dd13d87d5ef38e2b311 /Test/dafny0/Iterators.dfy | |
| parent | 33ef0051817ce944c00079d810e32981a1ca9161 (diff) | |
Dafny: automatically update iterator _new field upon allocations
Diffstat (limited to 'Test/dafny0/Iterators.dfy')
| -rw-r--r-- | Test/dafny0/Iterators.dfy | 34 |
1 files changed, 33 insertions, 1 deletions
diff --git a/Test/dafny0/Iterators.dfy b/Test/dafny0/Iterators.dfy index e1461622..2473daa0 100644 --- a/Test/dafny0/Iterators.dfy +++ b/Test/dafny0/Iterators.dfy @@ -117,7 +117,7 @@ method TestIterB() }
}
-// -----------------------------------------------------------
+// ------------------ yield statements, and_decreases variables ----------------------------------
iterator IterC(c: Cell)
requires c != null;
@@ -152,3 +152,35 @@ method TestIterC() more := iter.MoveNext(); // error: iter.Valid() may not hold
}
+// ------------------ allocations inside an iterator ------------------
+
+iterator AllocationIterator(x: Cell)
+{
+ assert _new == {};
+ var h := new Cell;
+ assert _new == {h};
+
+ SomeMethod();
+ assert x !in _new;
+ assert null !in _new;
+ assert h in _new;
+
+ ghost var saveNew := _new;
+ var u, v := AnotherMethod();
+ assert u in _new;
+ if {
+ case true => assert v in _new - saveNew ==> v != null && fresh(v);
+ case true => assert !fresh(v) ==> v !in _new;
+ case true => assert v in _new; // error: it may be, but, then again, it may not be
+ }
+}
+
+static method SomeMethod()
+{
+}
+
+static method AnotherMethod() returns (u: Cell, v: Cell)
+ ensures u != null && fresh(u);
+{
+ u := new Cell;
+}
|