You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
type Ord<!T(!new)> = (T,T)->boolghostpredicate iChain<T(!new)>(o:Ord<T>,c:nat->T) { forall n:nat :: o(c(n),c(n+1)) }
ghostpredicate wf<T(!new)>(o:Ord<T>) { forall c:nat->T :: !iChain(o,c) }
type WfO<!T(!new)> = o:Ord<T> | wf(o) witness*ghostpredicate inductiveP<T(!new)>(p:T->bool,o:WfO<T>) { forall t:T | (forall t0:T | o(t,t0) :: p(t0)) :: p(t) }
ghostfunction iRegress<T(!new)>(p:T->bool,o:WfO<T>,t:T,n:nat):(r:T) requiresinductiveP(p,o) &&!p(t) decreases n {
if n == 0 then t elsevar t1 :=iRegress(p,o,t,n-1); var r :| o(t1,r) &&!p(r); r
}
ghostfunction rf<T(!new)>(p:T->bool,o:WfO<T>,t:T):(r:nat->T) requiresinductiveP(p,o) &&!p(t) ensuresiChain(o,r) {
(n:nat) =>iRegress(p,o,t,n)
}
lemma wfi<T(!new)>(p:T->bool,o:WfO<T>,t:T) requiresinductiveP(p,o) ensuresforall t :: p(t) {
forall t ensuresp(t) { if!p(t) { var ch :=rf(p,o,t); assertwf(o); }}
//assert forall t :: p(t); // proof diverges without this
}
Command to run and resulting output
No response
What happened?
The last line of the last lemma triggers three problems (when it is removed):
Without the final assertion, the proof not only diverges, but causes Z3 to allocate memory at a rate of about 5Gb/min until the system runs out of memory. Given that there should be no relevant function symbols outside the forall statement (which verifies), it seems that there shouldn't be a matching loop.
The final assertion should not be needed, as it simply repeats the postcondition. This perhaps indicates a triggering issue.
The final assertion should already be assumed at the end of the preceding forall statement, so again should be redundant.
What type of operating system are you experiencing the problem on?
Mac
The text was updated successfully, but these errors were encountered:
Dafny version
4.9.1
Code to produce this issue
Command to run and resulting output
No response
What happened?
The last line of the last lemma triggers three problems (when it is removed):
forall
statement, so again should be redundant.What type of operating system are you experiencing the problem on?
Mac
The text was updated successfully, but these errors were encountered: