New Post: Example about Maps from Tutorial cause assertion violation
The below code snippet is one of the examples from the Dafny tutorial on value types illustrating how to remove an entry from a map. (http://www.rise4fun.com/Dafny/tutorial/ValueTypes). However, one of...
View ArticleNew Post: Bug in Dafny's 1.9.1 console version
When the following code is checked using the console version 1.9.1, in spite of the fact that the while loop should not be verified successfully, Dafny does not report any error. class Bug { var...
View ArticleNew Post: Bug in Dafny's 1.9.1 console version
In fact, the previous bug can be reduced to what follows: class Bug {var arr : array<int>; method Bla() { var s := new Bug; s.arr := new int[4]; assert false; } }
View ArticleNew Post: Example about Maps from Tutorial cause assertion violation
I think this is something funky to do with matching in Z3. My guess is that the way that Dafny implements the map comprehension somehow makes the value (map i | i in m && i != 3 :: m[i])...
View ArticleCreated Unassigned: A function that returns a set of sequences [48]
Hi, The program http://rise4fun.com/Dafny/o2Podefines a function that returns a set of sequences and a method that computes this functionas ensured in its postcondition. The program is only verified in...
View ArticleSource code checked in, #b3ea1757da92
Add nativeType attribute for newtype declarations. Change Compiler.cs to use native C# representation of small integer newtypes. Examples: newtype{:nativeType "byte"} byte = i:int | 0 <= i <...
View ArticleSource code checked in, #716a4c5ff30e
Optimization to nativeType: have EuclideanDivision_sbyte and EuclideanDivision_short call EuclideanDivision_int, not the BigInteger EuclideanDivision. (Same for EuclideanModulus.)
View ArticleCommented Unassigned: A function that returns a set of sequences [48]
Hi, The program http://rise4fun.com/Dafny/o2Podefines a function that returns a set of sequences and a method that computes this functionas ensured in its postcondition. The program is only verified in...
View ArticleSource code checked in, #af36356da4e3
Optimization to nativeType: have EuclideanModulus_sbyte and EuclideanModulus_short call EuclideanModulus_int, not the BigInteger EuclideanModulus. (Same for EuclideanDivision.)
View ArticleSource code checked in, #cb6d4860453d
When in DafnyCC mode, ignore termination checking
View ArticleSource code checked in, #f253d92f44b9
Added lemmas that make verification go through faster and more reliably
View ArticleCreated Unassigned: postcondition fails unless postcondition is asserted [49]
The postcondition "ensures apply((i => i + 1), 5) == 6" fails verification (see code below). However, asserting the postcondition exactly ("assert apply((i => i + 1), 5) == 6;") inside the body...
View ArticleSource code checked in, #422bf9ccc19d
Fixed bug in opaque functions with type parameters
View ArticleSource code checked in, #4b53c4497906
Added command-line switch /allowGlobals to simplify transition from language changes introduced in changeset c56031307ac1
View ArticleSource code checked in, #588c084ba20d
When ambiguous references all resolve to the same declaration, don't complain
View Article