Induction hypothesis and the operator %

Asked Sep 13 '18 at 15:28

Active Sep 13 '18 at 15:38

Viewed 45 times

In the program https://rise4fun.com/Dafny/tlpls Dafny is not able to infer the induction hypothesis from the recursive call to the lemma.

Moreover, what is more surprising is in MVS, if you change assert by assume, and again by assert, then the problem disappears.

Lastly, what astonish me even more is that the second lemma in https://rise4fun.com/Dafny/hNZg works perfectly.

Paqui

edited Sep 13 '18 at 15:38

asked Sep 13 '18 at 15:28

jiplucap

The strange behavior of non-repeatability in Visual Studio sounds like it's due to some bug in the underlying caching. – Rustan Leino Sep 14 '18 at 00:43
Regarding the issues you mention with arithmetic, it often happens that non-linear arithmetic (like the `n*(n+1)` that your example uses) causes unpredictable behavior. However, in the Dafny source version, there is a new default behavior (`/arith:1`) that mitigates many of these problems, or at least makes them more repeatable. For your programs, this new behavior takes care of the problem. We should push out this version to rise4fun. – Rustan Leino Sep 14 '18 at 00:46
We just pushed Dafny version 2.2.0 to rise4fun. The top program above now verifies, as does the same program without assertions: https://rise4fun.com/Dafny/KgtA7 – Rustan Leino Sep 24 '18 at 23:43

0 Answers0