Improved generation of .reads axioms (correcting an incorrect answer and corresponding incorrectly recorded desired answer)

author: leino <unknown> 2015-05-01 19:39:16 -0700
committer: leino <unknown> 2015-05-01 19:39:16 -0700
commit: 20f97304dda7dca7259514ca472c3c1b76262013 (patch)
tree: 4c4427896542eed2cb9684403702365cc7608111 /Test/hofs
parent: e105e36050283163c3d07a3aa3c3f522093c7c7a (diff)
2 files changed, 17 insertions, 22 deletions
diff --git a/Test/hofs/ReadsReads.dfy b/Test/hofs/ReadsReads.dfy
index 3fb03fda..e11473bd 100644
--- a/Test/hofs/ReadsReads.dfy
+++ b/Test/hofs/ReadsReads.dfy
@@ -28,12 +28,12 @@ module ReadsRequiresReads {
 
   function MyReadsBad(f : A -> B, a : A) : set<object>
   {
-    f.reads(a)
+    f.reads(a)  // error: MyReadsBad does not have permission to read what f.reads(a) reads
   }
 
   function MyReadsBad2(f : A -> B, a : A) : set<object>
   {
-    (f.reads)(a)
+    (f.reads)(a)  // error: MyReadsBad2 does not have permission to read what f.reads(a) reads
   }
 
   function MyReadsOk'(f : A -> B, a : A, o : object) : bool
@@ -44,7 +44,7 @@ module ReadsRequiresReads {
 
   function MyReadsBad'(f : A -> B, a : A, o : object) : bool
   {
-    o in f.reads(a)
+    o in f.reads(a)  // error: MyReadsBad' does not have permission to read what f.reads(a) reads
   }
 
   function MyRequiresOk(f : A -> B, a : A) : bool
@@ -55,7 +55,7 @@ module ReadsRequiresReads {
 
   function MyRequiresBad(f : A -> B, a : A) : bool
   {
-    f.requires(a)
+    f.requires(a)  // error: MyRequiresBad does not have permission to read what f.requires(a) reads
   }
 }
 
@@ -64,6 +64,7 @@ module WhatWeKnowAboutReads {
 
   lemma IndeedNothing() {
     assert ReadsNothing.reads() == {};
+    assert ((ReadsNothing).reads)() == {};
   }
 
   method NothingHere() {
@@ -83,9 +84,9 @@ module WhatWeKnowAboutReads {
     var s' := new S;
            if * { assert s in ReadsSomething.reads(s) || ReadsSomething.reads(s) == {};
     } else if * { assert s in ReadsSomething.reads(s);
-    } else if * { assert ReadsSomething.reads(s) == {};
+    } else if * { assert ReadsSomething.reads(s) == {};  // error
     } else if * { assert s' !in ReadsSomething.reads(s);
-    } else if * { assert s' in ReadsSomething.reads(s);
+    } else if * { assert s' in ReadsSomething.reads(s);  // error
     }
   }
 
@@ -95,9 +96,9 @@ module WhatWeKnowAboutReads {
     var f := (u) reads u => ();
            if * { assert s in f.reads(s) || f.reads(s) == {};
     } else if * { assert s in f.reads(s);
-    } else if * { assert f.reads(s) == {};
+    } else if * { assert f.reads(s) == {};  // error
     } else if * { assert s' !in f.reads(s);
-    } else if * { assert s' in f.reads(s);
+    } else if * { assert s' in f.reads(s);  // error
     }
   }
 }
@@ -133,12 +134,9 @@ module ReadsAll {
 }
 
 module ReadsOnFunctions {
-  lemma M0(f: int -> int)
+  lemma Requires_Reads_What_Function_Reads(f: int -> int)
   {
     var g := f.requires;
     assert g.reads(10) == f.reads(10);
   }
-//  function F(f: int -> int): int
-//    requires forall x :: f.reads(x) == {}  // should always be allowed to invoke .reads, even if F has an empty reads clause
-//  { 0 }
 }
diff --git a/Test/hofs/ReadsReads.dfy.expect b/Test/hofs/ReadsReads.dfy.expect
index 06dfd8a7..73002b73 100644
--- a/Test/hofs/ReadsReads.dfy.expect
+++ b/Test/hofs/ReadsReads.dfy.expect
@@ -14,26 +14,23 @@ ReadsReads.dfy(58,7): Error: insufficient reads clause to invoke function
 Execution trace:
     (0,0): anon0
     (0,0): anon3_Else
-ReadsReads.dfy(66,33): Error: assertion violation
-Execution trace:
-    (0,0): anon0
-ReadsReads.dfy(86,50): Error: assertion violation
+ReadsReads.dfy(87,50): Error: assertion violation
 Execution trace:
     (0,0): anon0
     (0,0): anon16_Then
-ReadsReads.dfy(88,29): Error: assertion violation
+ReadsReads.dfy(89,29): Error: assertion violation
 Execution trace:
     (0,0): anon0
     (0,0): anon18_Then
-ReadsReads.dfy(98,37): Error: assertion violation
+ReadsReads.dfy(99,37): Error: assertion violation
 Execution trace:
     (0,0): anon0
-    ReadsReads.dfy(95,14): anon15_Else
+    ReadsReads.dfy(96,14): anon15_Else
     (0,0): anon19_Then
-ReadsReads.dfy(100,29): Error: assertion violation
+ReadsReads.dfy(101,29): Error: assertion violation
 Execution trace:
     (0,0): anon0
-    ReadsReads.dfy(95,14): anon15_Else
+    ReadsReads.dfy(96,14): anon15_Else
     (0,0): anon21_Then
 
-Dafny program verifier finished with 19 verified, 9 errors
+Dafny program verifier finished with 20 verified, 8 errors
author	leino <unknown>	2015-05-01 19:39:16 -0700
committer	leino <unknown>	2015-05-01 19:39:16 -0700
commit	20f97304dda7dca7259514ca472c3c1b76262013 (patch)
tree	4c4427896542eed2cb9684403702365cc7608111 /Test/hofs
parent	e105e36050283163c3d07a3aa3c3f522093c7c7a (diff)