From 20f97304dda7dca7259514ca472c3c1b76262013 Mon Sep 17 00:00:00 2001 From: leino Date: Fri, 1 May 2015 19:39:16 -0700 Subject: Improved generation of .reads axioms (correcting an incorrect answer and corresponding incorrectly recorded desired answer) --- Test/hofs/ReadsReads.dfy | 22 ++++++++++------------ Test/hofs/ReadsReads.dfy.expect | 17 +++++++---------- 2 files changed, 17 insertions(+), 22 deletions(-) (limited to 'Test/hofs') diff --git a/Test/hofs/ReadsReads.dfy b/Test/hofs/ReadsReads.dfy index 3fb03fda..e11473bd 100644 --- a/Test/hofs/ReadsReads.dfy +++ b/Test/hofs/ReadsReads.dfy @@ -28,12 +28,12 @@ module ReadsRequiresReads { function MyReadsBad(f : A -> B, a : A) : set { - f.reads(a) + f.reads(a) // error: MyReadsBad does not have permission to read what f.reads(a) reads } function MyReadsBad2(f : A -> B, a : A) : set { - (f.reads)(a) + (f.reads)(a) // error: MyReadsBad2 does not have permission to read what f.reads(a) reads } function MyReadsOk'(f : A -> B, a : A, o : object) : bool @@ -44,7 +44,7 @@ module ReadsRequiresReads { function MyReadsBad'(f : A -> B, a : A, o : object) : bool { - o in f.reads(a) + o in f.reads(a) // error: MyReadsBad' does not have permission to read what f.reads(a) reads } function MyRequiresOk(f : A -> B, a : A) : bool @@ -55,7 +55,7 @@ module ReadsRequiresReads { function MyRequiresBad(f : A -> B, a : A) : bool { - f.requires(a) + f.requires(a) // error: MyRequiresBad does not have permission to read what f.requires(a) reads } } @@ -64,6 +64,7 @@ module WhatWeKnowAboutReads { lemma IndeedNothing() { assert ReadsNothing.reads() == {}; + assert ((ReadsNothing).reads)() == {}; } method NothingHere() { @@ -83,9 +84,9 @@ module WhatWeKnowAboutReads { var s' := new S; if * { assert s in ReadsSomething.reads(s) || ReadsSomething.reads(s) == {}; } else if * { assert s in ReadsSomething.reads(s); - } else if * { assert ReadsSomething.reads(s) == {}; + } else if * { assert ReadsSomething.reads(s) == {}; // error } else if * { assert s' !in ReadsSomething.reads(s); - } else if * { assert s' in ReadsSomething.reads(s); + } else if * { assert s' in ReadsSomething.reads(s); // error } } @@ -95,9 +96,9 @@ module WhatWeKnowAboutReads { var f := (u) reads u => (); if * { assert s in f.reads(s) || f.reads(s) == {}; } else if * { assert s in f.reads(s); - } else if * { assert f.reads(s) == {}; + } else if * { assert f.reads(s) == {}; // error } else if * { assert s' !in f.reads(s); - } else if * { assert s' in f.reads(s); + } else if * { assert s' in f.reads(s); // error } } } @@ -133,12 +134,9 @@ module ReadsAll { } module ReadsOnFunctions { - lemma M0(f: int -> int) + lemma Requires_Reads_What_Function_Reads(f: int -> int) { var g := f.requires; assert g.reads(10) == f.reads(10); } -// function F(f: int -> int): int -// requires forall x :: f.reads(x) == {} // should always be allowed to invoke .reads, even if F has an empty reads clause -// { 0 } } diff --git a/Test/hofs/ReadsReads.dfy.expect b/Test/hofs/ReadsReads.dfy.expect index 06dfd8a7..73002b73 100644 --- a/Test/hofs/ReadsReads.dfy.expect +++ b/Test/hofs/ReadsReads.dfy.expect @@ -14,26 +14,23 @@ ReadsReads.dfy(58,7): Error: insufficient reads clause to invoke function Execution trace: (0,0): anon0 (0,0): anon3_Else -ReadsReads.dfy(66,33): Error: assertion violation -Execution trace: - (0,0): anon0 -ReadsReads.dfy(86,50): Error: assertion violation +ReadsReads.dfy(87,50): Error: assertion violation Execution trace: (0,0): anon0 (0,0): anon16_Then -ReadsReads.dfy(88,29): Error: assertion violation +ReadsReads.dfy(89,29): Error: assertion violation Execution trace: (0,0): anon0 (0,0): anon18_Then -ReadsReads.dfy(98,37): Error: assertion violation +ReadsReads.dfy(99,37): Error: assertion violation Execution trace: (0,0): anon0 - ReadsReads.dfy(95,14): anon15_Else + ReadsReads.dfy(96,14): anon15_Else (0,0): anon19_Then -ReadsReads.dfy(100,29): Error: assertion violation +ReadsReads.dfy(101,29): Error: assertion violation Execution trace: (0,0): anon0 - ReadsReads.dfy(95,14): anon15_Else + ReadsReads.dfy(96,14): anon15_Else (0,0): anon21_Then -Dafny program verifier finished with 19 verified, 9 errors +Dafny program verifier finished with 20 verified, 8 errors -- cgit v1.2.3