debian-dafny - Debian packaging for Dafny

	Commit message (Collapse)	Author	Age
*	Fix: Unify column numbers in Dafny's errors	Clément Pit--Claudel	2015-07-23
\| \| \| \| \| \| \| \| \|	Dafny counts from 0, but Boogie counts from 1. Tokens are 1-based. Thus when we print tokens, we need to decrement the column number. This was done for resolver errors, but not for verification or parsing errors. In addition, parsing errors were inconsistent with resolution errors case-wise. Unfortunately, the fix affects the output of many tests.
*	Do postponsed reads checking also for the body of functions -- see ↵	Rustan Leino	2015-06-15
\| \| \| \| \| \|	Test/dafny0/Reads.dfy for benefits. (Unfortunately, this loses track of the "postcondition might not hold on this return path" locations, see Test/dafny0/FunctionSpecifications.dfy.)
*	Postpone reads checks of function preconditions until after the entire ↵	leino	2015-06-15
\| \| \| \|	precondition has otherwise been checked for well-formedness
*	Language change: All functions and methods declared lexically outside any ↵	leino	2014-12-12
\| \| \| \| \| \| \| \| \| \|	class are now automatically static, and fields are no longer allowed to be declared there. Stated differently, all heap state must now be declared inside an explicitly declared class, and functions and methods declared outside any class can be viewed as belonging to the module. The motivating benefit of this change is to no longer need the 'static' keyword when declaring a module of functions and methods.
*	Snapshot, to be continued	leino	2014-12-02
\|
*	Change behavior of 'decreases *', which can be applied to loops and methods. ↵	Rustan Leino	2014-08-19
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Now, loops that may possibly do an infinite number of iterations (that is, loops marked with 'decreases ') and calls to methods marked with 'decreases ' are allowed only in methods that themselves are marked with 'decreases '. As before, ghost loops and ghost methods are not allowed to be marked with 'decreases '. Previously, 'decreases ' was allowed on a method only if the method was tail recursive; this is no longer so. Note, however, that if the method is not tail recursive and engages in infinite recursion, then it will eventually run out of stack space. Previously, a 'decreases ' was not inherited in a refining module; this is no longer so. That is, 'decreases ' is now inherited. To refine a possibly non-terminating method or loop, the refining version simply provides a decreases clause that does not mention ''. Note that if the refined method is not recursive, it still needs to have _some_ decreases clause in order not to inherit the 'decreases ' from the refined method, but the expression stated in the decreases clause can be arbitrary (for example, one can write 'decreases true' or 'decreases 7' or 'decreases x' for some 'x' in scope). Note, in the new design, a method needs to be declared with 'decreases ' if it may recurse forever _or_ if it contains a possibly infinite loop. Note that the absence of 'decreases ' on a loop does not mean the loop will terminate, but it does mean that the loop will iterate a finite number of times (the subtle distinction here is that a loop without a 'decreases ' is allowed to contain a nested loop that has a 'decreases ' -- provided the enclosing method is also declared with 'decreases ', as previously mentioned).
*	Set up the same test infrastructure as in Boogie.	wuestholz	2014-05-29