diff options
| author |  rustanleino <unknown> | 2010-06-19 21:00:58 +0000 |
|---|---|---|
| committer | rustanleino <unknown> | 2010-06-19 21:00:58 +0000 |
| commit | fceb045bfb20039751ff7ca28f4ab7eb75c3d5d1 (patch) | |
| tree | d77e8487a85fb8198568ae1d9ecb8aeabac3ff6f /Test/dafny0/Termination.dfy | |
| parent | 2a3ed9eb5e5928837b9d2978c97cf3a7548e735a (diff) | |
Dafny:
* Improved design and implementation of SplitExpr
* Fixed some tests in dafny0/Use.dfy
* Added test case (in dafny0/Termination.dfy) to test the recent strengthening of set axioms
Diffstat (limited to 'Test/dafny0/Termination.dfy')
| -rw-r--r-- | Test/dafny0/Termination.dfy | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/Test/dafny0/Termination.dfy b/Test/dafny0/Termination.dfy index 27004653..974dadab 100644 --- a/Test/dafny0/Termination.dfy +++ b/Test/dafny0/Termination.dfy @@ -151,3 +151,22 @@ method FailureToProveTermination5(b: bool, N: int) n := n + 1;
}
}
+
+class Node {
+ var next: Node;
+ var footprint: set<Node>;
+
+ function Valid(): bool
+ reads this, footprint;
+ // In a previous (and weaker) axiomatization of sets, there had been two problems
+ // with trying to prove the termination of this function. First, the default
+ // decreases clause (derived from the reads clause) had been done incorrectly for
+ // a list of expressions. Second, the set axiomatization had not been strong enough.
+ {
+ this in footprint && !(null in footprint) &&
+ (next != null ==> next in footprint &&
+ next.footprint < footprint &&
+ this !in next.footprint &&
+ next.Valid())
+ }
+}
|