Comments (2)
keyboardDrummer
commented on July 17, 2024
I agree, this is unexpected behavior.
from dafny.
RustanLeino
commented on July 17, 2024
Thanks you for the many useful test cases! (Note from @keyboardDrummer: this is indeed a bug)
Workaround
As a workaround, adding any one of these three statements in the body of Fail1 makes the postcondition verify:
assert c.inner.inner.Foo() == 0;
assert c.inner.Wrap?;
var cc := c.inner.inner;Notes on fixing the problem in the Dafny verifier
The problem is that the verifier needs the information that c.inner (in Fail1) has type Wrap<C> or, alternatively, that c.inner.Wrap? holds. This assumption is generated by the verifier, but the information is missing since the c.inner appears in a postcondition.
The information is generated into a free ensures postcondition for Impl$$_module.__default.Fail1 in Boogie. However, a free ensures in Boogie is ignored when checking an implementation. The Boogie attribute {:always_assume} that turns a free ensures into an assumption when verifying the implementation. The fix is to add that attribute (to all "assume conditions" generated by TrSplitExpr, both when those condition go into free ensures and when they go into free requires. This fix may have a large impact on other verifications.
from dafny.
Related Issues (20)
- Verification hang apparently caused by Std import HOT 3
- Costless by clause in `assert .. by { }` when using --isolate-assertions HOT 3
- Unstable CLI test `git-issues/git-issue-697j.dfy`, related to Rust backend HOT 5
- can't label forall-ensuring statement
- can't label assumptions
- textDocument/codeAction failed
- Named ensure clause
- Flaky test: DafnyTestGeneration HOT 3
- Flaky test Microsoft.Dafny.LanguageServer.IntegrationTest.Synchronization.ProjectManagerDatabaseTest.ChangeAndUndoProjectWithMultipleFile HOT 1
- Flaky test: Unspecified
- JavaScript and Go backend: Incorrect map cardinality HOT 1
- Helpers.unsignedLongToBigInteger removed from Java runtime
- C# backend: Multiset size overflow
- Dafny generated code not necessarily backwards compatible with code generated by older Dafny versions HOT 4
- Potential enhancement: array initialisation that is incompatible with declared size
- C#Β and Go Backends: Incorrect finite map semantics HOT 1
- Make the Rust compiler run on nightly once it passes all tests
- Dafny-to-Rust code generator
- [PRERELEASE REGRESSION] Dafny prerelease regression from aws/aws-cryptographic-material-providers-library HOT 15
- Integrate MIRI as part of the CI to ensure no memory leak in the DafnyRuntimeRust
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dafny.