Created Unassigned: Minor variation in DafnyServer output syntax [115]
The "Verifying" line in the DafnyServer ouput has a single space before the "...", but the "Retrieving cached verification result" has no space before the "..."```Verifying...
View ArticleCommented Unassigned: Minor variation in DafnyServer output syntax [115]
The "Verifying" line in the DafnyServer ouput has a single space before the "...", but the "Retrieving cached verification result" has no space before the "..."```Verifying...
View ArticleClosed Unassigned: Minor variation in DafnyServer output syntax [115]
The "Verifying" line in the DafnyServer ouput has a single space before the "...", but the "Retrieving cached verification result" has no space before the "..."```Verifying...
View ArticleCommented Unassigned: Minor variation in DafnyServer output syntax [115]
The "Verifying" line in the DafnyServer ouput has a single space before the "...", but the "Retrieving cached verification result" has no space before the "..."```Verifying...
View ArticleNew Post: Instability of verifications
Thanks a lot. Your version follows the same idea and it's stable against all the circumstances I had written in the post (verification time doesn't change). It's important to know Dafny's preferences....
View ArticleNew Post: Doubts in proving loop invariants
The invariant of the inner loop is not strong enough. The invariant doesn't say that the inner loop leaves earlier rows of your matrix unmodified. Dafny does not inspect the body of the inner loop when...
View ArticleNew Post: Doubts in proving loop invariants
By the way, there is another kind of "loop" in Dafny which doesn't require comlex invariants to achieve the same result. It is called the forall statement and I think of it as a kind of parallel for...
View ArticleClosed Unassigned: Internal translation error with /autoTriggers:1 [114]
The following program:```function f1(d:int):map<int,int>function f2(y:int, d:int):intmethod M(m:map<int,int>, d:int){ assert forall d :: f1(d) == (map x | x in m :: f2(x, d));}```gives an...
View ArticleSource code checked in, #a93f389377c3
Fix issue 114. Do not export private terms for ComprehensionExpr in trigger collectors.
View ArticleNew Post: Dafny code for multiply an array
i wrote the following code , but dafny can't verify it , can you figure out what is wrong with my prove?#method Main() { var a: array<int> := new int[4]; a[0] := 7; a[1] := -2; a[2] := 3; a[3] :=...
View ArticleNew Post: Dafny code for multiply an array
I think your while loop in product also needs this invariant invariant p >= 0; However, I can't see how this assertion assert a[i..] == a[i-1..] + [a[i-1]] could ever be true. Perhaps I am confused,...
View ArticleNew Post: Dafny code for multiply an array
well you are absolutely right! i tried to say something about the division ofthe array but maybe it is unnecessary , after thinking again i got this : method product(a: array<int>, key: int)...
View ArticleNew Post: Is there a way to increase the default timeout in Dafny
The current default time out is 10 secs in Dafny. In our algorithm proving few invariants dafny is timing out. So I am looking for a way to increase the time-out in Dafny
View ArticleNew Post: Is there a way to increase the default timeout in Dafny
On the command line, you can use /timeLimit:50 to increase the limit to 50 seconds. If you want something more focused (or that will affect the VS plugin), you can annotate your methods in two...
View ArticleNew Post: Dafny code for multiply an array
I think that it should be p, i := p0, i0-1; Here is a verifying version, using a ghost variable and forward iteration which you may prefer http://rise4fun.com/Dafny/iyHOmethod product(a:...
View ArticleNew Post: Dafny code for multiply an array
thanks ! can you explain me why it was the problem? i do this assigment at the end of the method .
View ArticleNew Post: Dafny code for multiply an array
Because you are looping backwards you have to decrement the counter before you access the array. You can see this by examining the method precondition. Given0 < i0 <= a.Length the array access...
View ArticleSource code checked in, #42be157c6386
Add /autoTriggers:1 to remove the undeterminateness of proof search.
View ArticleEdited Unassigned: postcondition fails unless postcondition is asserted [49]
The postcondition "ensures apply((i => i + 1), 5) == 6" fails verification (see code below). However, asserting the postcondition exactly ("assert apply((i => i + 1), 5) == 6;") inside the body...
View ArticleCreated Unassigned: C# keywords cause C# errors in some places [116]
The following Dafny code produces illegal C# code:```datatype struct = S // this is okmethod Main(){ var s := S; // this line generates illegal C# code print s;}```
View Article