Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reference types in comprehension soundness issue #1604

Closed
MikaelMayer opened this issue Nov 23, 2021 · 0 comments · Fixed by #1997
Closed

Reference types in comprehension soundness issue #1604

MikaelMayer opened this issue Nov 23, 2021 · 0 comments · Fixed by #1997
Assignees
@MikaelMayer
Labels
kind: bug Crashes, unsoundness, incorrect output, etc. If possible, add a `part:` label logic An inconsistency in Dafny's logic (e.g. in the Boogie prelude) part: code-generation Support for transpiling Dafny to another language. If relevant, add a `lang:` tag

Comments

@MikaelMayer
Copy link
Member 

trait Tr { }
class A extends Tr { }
class B extends Tr { }

function method test(x: Tr): bool
  requires x is A
{
  if x is B then 1/0 == 0 else true
}

method Main() {
  var a := new A;
  var b := new B;
  var s: set<Tr> := {a, b};
  var aa := forall a': A :: a' in s ==> test(a');
  assert(aa);
  print "ok";
}

In the case above, the verifier passes and

  1. C#'s compilation complains that error CS1503: Argument 1: cannot convert from 'System.Collections.Generic.IEnumerable<_module.Tr>' to 'System.Collections.Generic.IEnumer able<_module.A>', which is something that @fabiomadge is working on right now, so that could explain why nobody found this error before.
  2. JavaScript it silently fails and "ok" is never printed;
  3. Java: Exception in thread "main" java.lang.ArithmeticException: BigInteger divide by zero
  4. Go: Running... [Program halted] reflect: Call using *main.B as type *main.A and nothing else displayed

The problem comes again from the fact that the type inference infers that a' is of type A and the bounds are a set of type Tr, and whereas there is some check for the foreach statement in every compiler, there is no check for compiling the forall because it compiles to a true mapping expression.

I'd say, all these errors would be automatically fixed if I implement my right solution..

Originally posted by @MikaelMayer in #1522 (comment)
@MikaelMayer MikaelMayer self-assigned this Nov 23, 2021
@MikaelMayer MikaelMayer added logic An inconsistency in Dafny's logic (e.g. in the Boogie prelude) part: code-generation Support for transpiling Dafny to another language. If relevant, add a `lang:` tag labels Nov 23, 2021
@MikaelMayer MikaelMayer mentioned this issue Jan 3, 2022
Open
@MikaelMayer MikaelMayer mentioned this issue Jan 11, 2022
Open
@RustanLeino RustanLeino mentioned this issue Jan 14, 2022
Open
@cpitclaudel cpitclaudel added the kind: bug Crashes, unsoundness, incorrect output, etc. If possible, add a `part:` label label Mar 21, 2022
@MikaelMayer MikaelMayer mentioned this issue Apr 8, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@MikaelMayer MikaelMayer

Labels
kind: bug Crashes, unsoundness, incorrect output, etc. If possible, add a `part:` label logic An inconsistency in Dafny's logic (e.g. in the Boogie prelude) part: code-generation Support for transpiling Dafny to another language. If relevant, add a `lang:` tag
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix: Emit constraints for compiled quantifier expressions, and nested subset types dafny-lang/dafny
2 participants
@MikaelMayer @cpitclaudel