diff --git a/Source/DafnyCore/Generic/ErrorReporterExtensions.cs b/Source/DafnyCore/Generic/ErrorReporterExtensions.cs index 83b0a44cabc..0df0cf01b2a 100644 --- a/Source/DafnyCore/Generic/ErrorReporterExtensions.cs +++ b/Source/DafnyCore/Generic/ErrorReporterExtensions.cs @@ -57,7 +57,7 @@ public static IEnumerable CreateDiagnosticRelatedInform // if (!usingSnippets && dafnyToken.IncludesRange) { // if (message == PostConditionFailingMessage) { // var postcondition = dafnyToken.PrintOriginal(); - // message = $"this postcondition might not hold: {postcondition}"; + // message = $"this postcondition could not be proved: {postcondition}"; // } else if (message == null|| message == RelatedLocationMessage*/) { // message = $"Could not prove: {dafnyToken.PrintOriginal()}"; // } diff --git a/Source/DafnyCore/Resolver/TypeCharacteristicChecker.cs b/Source/DafnyCore/Resolver/TypeCharacteristicChecker.cs index 6c7f4675d59..0b3ad33d71c 100644 --- a/Source/DafnyCore/Resolver/TypeCharacteristicChecker.cs +++ b/Source/DafnyCore/Resolver/TypeCharacteristicChecker.cs @@ -234,7 +234,7 @@ private static void Check(List declarations, bool isAnExport, Erro visitor.VisitType(syn.Origin, syn.Rhs, false); if (!isAnExport) { if (syn.SupportsEquality && !syn.Rhs.SupportsEquality) { - reporter.Error(MessageSource.Resolver, syn.Origin, "type '{0}' declared as supporting equality, but the RHS type ({1}) might not{2}", + reporter.Error(MessageSource.Resolver, syn.Origin, "type '{0}' declared as supporting equality, but the RHS type ({1}) could not be proved to support equality{2}", syn.Name, syn.Rhs, CheckTypeCharacteristicsVisitor.TypeEqualityErrorMessageHint(syn.Rhs)); } if (syn.Characteristics.IsNonempty && !syn.Rhs.IsNonempty) { diff --git a/Source/DafnyCore/Verifier/ProofObligationDescription.cs b/Source/DafnyCore/Verifier/ProofObligationDescription.cs index 694af68e15f..1117b6f01ef 100644 --- a/Source/DafnyCore/Verifier/ProofObligationDescription.cs +++ b/Source/DafnyCore/Verifier/ProofObligationDescription.cs @@ -72,7 +72,7 @@ public virtual string GetExtraExplanation() { public class DivisorNonZero : ProofObligationDescription { public override string SuccessDescription => - "divisor is always non-zero."; + "divisor is always non-zero"; public override string FailureDescription => "possible division by zero"; @@ -144,7 +144,7 @@ public class ConversionIsNatural : ProofObligationDescription { $"{prefix}value to be converted is always a natural number"; public override string FailureDescription => - $"{prefix}value to be converted might be bigger than every natural number"; + $"{prefix}value to be converted could not be proved to be a natural number"; public override string ShortDescription => "converted value is natural"; @@ -166,7 +166,7 @@ public class ConversionSatisfiesConstraints : ProofObligationDescription { $"{prefix}result of operation never violates {kind} constraints for '{name}'"; public override string FailureDescription => - $"{prefix}result of operation might violate {kind} constraint for '{name}'"; + $"{prefix}result of operation could not be proved to satisfy {kind} constraint for '{name}'"; public override string ShortDescription => "conversion satisfies type constraints"; @@ -192,7 +192,7 @@ public class OrdinalSubtractionIsNatural : ProofObligationDescription { "RHS of ORDINAL subtraction is always a natural number"; public override string FailureDescription => - "RHS of ORDINAL subtraction must be a natural number, but the given RHS might be larger"; + "RHS of ORDINAL subtraction must be a natural number, but the given RHS could not be proved to be a natural number"; public override string ShortDescription => "ordinal subtraction is natural"; @@ -209,10 +209,10 @@ public override Expression GetAssertedExpr(DafnyOptions options) { public class OrdinalSubtractionUnderflow : ProofObligationDescription { public override string SuccessDescription => - "ORDINAL subtraction will never go below limit ordinal"; + "ORDINAL subtraction will remain above limit ordinal"; public override string FailureDescription => - "ORDINAL subtraction might underflow a limit ordinal (that is, RHS might be too large)"; + "ORDINAL subtraction could not be proved to remain above limit ordinal (that is, RHS could not be proved to be sufficiently small)"; public override string ShortDescription => "ordinal subtraction underflow"; @@ -236,10 +236,10 @@ public override Expression GetAssertedExpr(DafnyOptions options) { public class CharOverflow : ProofObligationDescription { public override string SuccessDescription => - "char addition will not overflow"; + "char addition will remain below maximum"; public override string FailureDescription => - "char addition might overflow"; + "char addition could not be proved to remain below maximum"; public override string ShortDescription => "char overflow"; @@ -264,10 +264,10 @@ public override Expression GetAssertedExpr(DafnyOptions options) { public class CharUnderflow : ProofObligationDescription { public override string SuccessDescription => - "char subtraction will not underflow"; + "char subtraction will remain above minimum"; public override string FailureDescription => - "char subtraction might underflow"; + "char subtraction could not be proved to remain above minimum"; public override string ShortDescription => "char underflow"; @@ -295,7 +295,7 @@ public class ConversionFit : ProofObligationDescription { $"{prefix}{what} to be converted will always fit in {toType}"; public override string FailureDescription => - $"{prefix}{what} to be converted might not fit in {toType}"; + $"{prefix}{what} to be converted could not be proved to fit in {toType}"; public override string ShortDescription => "conversion fit"; @@ -321,7 +321,7 @@ public class NonNegative : ProofObligationDescription { $"{what} is never negative"; public override string FailureDescription => - $"{what} might be negative"; + $"{what} could not be proved to be non-negative"; public override string ShortDescription => "non-negative"; @@ -408,7 +408,7 @@ public class NonNull : ProofObligationDescription { $"{PluralSuccess}{what} is never null"; public override string FailureDescription => - $"{PluralFailure}{what} might be null"; + $"{PluralFailure}{what} could not be proved to be non-null"; public override string ShortDescription => $"{what} non-null"; private readonly string what; @@ -542,7 +542,7 @@ public class AssertStatementDescription : ProofObligationDescriptionCustomMessag "assertion always holds"; public override string DefaultFailureDescription => - "assertion might not hold"; + "assertion could not be proved"; public override string ShortDescription => "assert statement"; @@ -775,8 +775,8 @@ public class TraitFrame : ProofObligationDescription { public override string FailureDescription => isModify - ? $"{whatKind} might modify an object not in the parent trait context's modifies clause" - : $"{whatKind} might read an object not in the parent trait context's reads clause"; + ? $"modified object in {whatKind} could not be proved to be in the parent trait's modifies clause" + : $"accessed object in {whatKind} could not be proved to be in the parent trait's reads clause"; public override string ShortDescription => isModify ? "trait modifies" : "trait reads"; @@ -827,7 +827,7 @@ public class ModifyFrameSubset : ProofObligationDescription { $"{whatKind} is allowed by context's modifies clause"; public override string FailureDescription => - $"{whatKind} might violate context's modifies clause"; + $"modified object in {whatKind} could not be proved to be in the current modifies clause"; public override string ShortDescription => "modify frame subset"; @@ -851,7 +851,7 @@ public class FrameDereferenceNonNull : ProofObligationDescription { "frame expression does not dereference null"; public override string FailureDescription => - "frame expression might dereference null"; + "frame expression could not be proved to be non-null"; public override string ShortDescription => "frame dereference"; @@ -873,7 +873,7 @@ public class Terminates : ProofObligationDescription { public override string FailureDescription => (inferredDescreases ? ("cannot prove termination; try supplying a decreases clause" + (isLoop ? " for the loop" : "")) - : $"decreases {FormDescription} might not decrease") + + : $"decreases {FormDescription} could not be proved to decrease") + (hint is null ? "" : $" ({hint})"); public override string ShortDescription => "termination"; @@ -981,7 +981,7 @@ public class Modifiable : ProofObligationDescription { $"{description} is in the enclosing context's modifies clause"; public override string FailureDescription => - $"assignment might update {description} not in the enclosing context's modifies clause"; + $"modified {description} could not be proved to be in the current modifies clause"; public override string ShortDescription => "modifiable"; @@ -1224,7 +1224,7 @@ public class WitnessCheck : ProofObligationDescription { public override string FailureDescription => witnessString is null - ? "the given witness expression might not satisfy constraint" + ? "the given witness expression could not be proved to satisfy constraint" : (witnessString == "" ? $"{errMsg}{hintMsg}" : $"{errMsg} (only tried {witnessString}){hintMsg}"); public override string ShortDescription => "witness check"; @@ -1326,7 +1326,7 @@ public class ForallLHSUnique : ProofObligationDescription { "left-hand sides of forall-statement bound variables are unique (or right-hand sides are equivalent)"; public override string FailureDescription => - "left-hand sides for different forall-statement bound variables might refer to the same location (and right-hand sides might not be equivalent)"; + "left-hand sides for different forall-statement bound variables could not be proved to refer to different locations (and right-hand sides could not be proved to be equivalent)"; public override string ShortDescription => "forall bound unique"; @@ -1363,7 +1363,7 @@ public class ElementInDomain : ProofObligationDescription { "element is in domain"; public override string FailureDescription => - "element might not be in domain"; + "element could not be proved to be in domain"; public override string ShortDescription => "element in domain"; @@ -1384,7 +1384,7 @@ public class DefiniteAssignment : ProofObligationDescription { $"{kind} '{name}', which is subject to definite-assignment rules, is always initialized {where}"; public override string FailureDescription => - $"{kind} '{name}', which is subject to definite-assignment rules, might be uninitialized {where}"; + $"{kind} '{name}', which is subject to definite-assignment rules, could not be proved to be initialized {where}"; public override string ShortDescription => "definite assignment"; @@ -1483,7 +1483,7 @@ public class ComprehensionNoAlias : ProofObligationDescription { "key expressions refer to unique values"; public override string FailureDescription => - "key expressions might be referring to the same value"; + "key expressions could not be proved to refer to different values"; public override string ShortDescription => "unique key expressions"; @@ -1515,7 +1515,7 @@ public class DistinctLHS : ProofObligationDescription { $"left-hand sides {lhsa} and {lhsb} are distinct"; public override string FailureDescription => - $"{when}left-hand sides {lhsa} and {lhsb} {might}refer to the same location{whenSuffix}"; + $"{when}left-hand sides {lhsa} and {lhsb} could not be proved to refer to different locations{whenSuffix}"; public override string ShortDescription => "distinct lhs"; diff --git a/Source/DafnyCore/Verifier/Statements/BoogieGenerator.TrAssignment.cs b/Source/DafnyCore/Verifier/Statements/BoogieGenerator.TrAssignment.cs index e685cf61bff..7646634bfc2 100644 --- a/Source/DafnyCore/Verifier/Statements/BoogieGenerator.TrAssignment.cs +++ b/Source/DafnyCore/Verifier/Statements/BoogieGenerator.TrAssignment.cs @@ -264,7 +264,7 @@ void ProcessLhss(List lhss, bool rhsCanAffectPreviouslyKnownExpressi prevObj[i] = obj; if (!useSurrogateLocal) { // check that the enclosing modifies clause allows this object to be written: assert $_ModifiesFrame[obj]); - var desc = new Modifiable("an object", contextModFrames, fse.Obj, field); + var desc = new Modifiable("field", contextModFrames, fse.Obj, field); builder.Add(Assert(tok, Bpl.Expr.SelectTok(tok, etran.ModifiesFrame(tok), obj, GetField(fse)), desc, builder.Context)); } @@ -314,7 +314,7 @@ void ProcessLhss(List lhss, bool rhsCanAffectPreviouslyKnownExpressi prevObj[i] = obj; prevIndex[i] = fieldName; // check that the enclosing modifies clause allows this object to be written: assert $_Frame[obj,index]); - var desc = new Modifiable("an array element", contextModFrames, sel.Seq, null); + var desc = new Modifiable("array location", contextModFrames, sel.Seq, null); builder.Add(Assert(tok, Bpl.Expr.SelectTok(tok, etran.ModifiesFrame(tok), obj, fieldName), desc, builder.Context)); bLhss.Add(null); @@ -339,7 +339,7 @@ void ProcessLhss(List lhss, bool rhsCanAffectPreviouslyKnownExpressi "$index" + i, Predef.FieldName(mse.Origin), builder, locals); prevObj[i] = obj; prevIndex[i] = fieldName; - var desc = new Modifiable("an array element", contextModFrames, mse.Array, null); + var desc = new Modifiable("array location", contextModFrames, mse.Array, null); builder.Add(Assert(tok, Bpl.Expr.SelectTok(tok, etran.ModifiesFrame(tok), obj, fieldName), desc, builder.Context)); bLhss.Add(null); diff --git a/Source/DafnyCore/Verifier/Statements/BoogieGenerator.TrStatement.cs b/Source/DafnyCore/Verifier/Statements/BoogieGenerator.TrStatement.cs index 34a6c57ba8f..bb889911152 100644 --- a/Source/DafnyCore/Verifier/Statements/BoogieGenerator.TrStatement.cs +++ b/Source/DafnyCore/Verifier/Statements/BoogieGenerator.TrStatement.cs @@ -767,19 +767,19 @@ private string GetObjFieldDetails(Expression lhs, ExpressionTranslator etran, ou var fse = (MemberSelectExpr)lhs; obj = etran.TrExpr(fse.Obj); F = GetField(fse); - description = "an object field"; + description = "field"; } else if (lhs is SeqSelectExpr) { var sel = (SeqSelectExpr)lhs; obj = etran.TrExpr(sel.Seq); var idx = etran.TrExpr(sel.E0); idx = ConvertExpression(sel.E0.Origin, idx, sel.E0.Type, Type.Int); F = FunctionCall(sel.Origin, BuiltinFunction.IndexField, null, idx); - description = "an array element"; + description = "array location"; } else { MultiSelectExpr mse = (MultiSelectExpr)lhs; obj = etran.TrExpr(mse.Array); F = etran.GetArrayIndexFieldName(mse.Origin, mse.Indices); - description = "an array element"; + description = "array location"; } return description; } diff --git a/Source/DafnyCore/Verifier/Statements/OpaqueBlockVerifier.cs b/Source/DafnyCore/Verifier/Statements/OpaqueBlockVerifier.cs index 2bee4541445..a0bf0b5d684 100644 --- a/Source/DafnyCore/Verifier/Statements/OpaqueBlockVerifier.cs +++ b/Source/DafnyCore/Verifier/Statements/OpaqueBlockVerifier.cs @@ -93,7 +93,7 @@ private static BoogieGenerator.ExpressionTranslator GetBodyTranslator(BoogieGene class OpaqueEnsuresDescription : ProofObligationDescription { public override string SuccessDescription => "ensures always holds"; - public override string FailureDescription => "ensures might not hold"; + public override string FailureDescription => "ensures could not be proved"; public override string ShortDescription => "opaque block ensure clause"; public override bool IsImplicit => false; diff --git a/Source/DafnyCore/Verifier/SubrangeCheck.cs b/Source/DafnyCore/Verifier/SubrangeCheck.cs index 5e082a4fd8c..0cb76f752ec 100644 --- a/Source/DafnyCore/Verifier/SubrangeCheck.cs +++ b/Source/DafnyCore/Verifier/SubrangeCheck.cs @@ -24,7 +24,7 @@ public override DafnyDiagnostic GetDiagnostic(TokenRange range) { isSubset ? $"{prefix}value does not satisfy the subset constraints of '{targetType}'" : $"{prefix}value of expression (of type '{sourceType}') is not known to be an instance of type '{targetType}'" + - (isCertain ? ", because it might be null" : ""); + (isCertain ? ", because it could not be proved to be non-null" : ""); private readonly string prefix; private readonly string sourceType; diff --git a/Source/DafnyLanguageServer.Test/Diagnostics/DiagnosticsTest.cs b/Source/DafnyLanguageServer.Test/Diagnostics/DiagnosticsTest.cs index d9350b9248f..d0a35530961 100644 --- a/Source/DafnyLanguageServer.Test/Diagnostics/DiagnosticsTest.cs +++ b/Source/DafnyLanguageServer.Test/Diagnostics/DiagnosticsTest.cs @@ -46,7 +46,7 @@ method bar() returns (x : int) var diagnostics1 = await GetLastDiagnostics(documentItem, DiagnosticSeverity.Error); var startOrdered = diagnostics1.OrderBy(r => r.Range.Start).ToList(); Assert.Equal(new Range(5, 19, 5, 24), startOrdered[0].Range); - Assert.Equal("ensures might not hold", startOrdered[0].Message); + Assert.Equal("ensures could not be proved", startOrdered[0].Message); } [Fact] @@ -86,7 +86,7 @@ decreases 4 Assert.Equal("a postcondition could not be proved on this return path", startOrdered[0].Message); Assert.Equal("this is the postcondition that could not be proved", startOrdered[0].RelatedInformation!.ElementAt(0).Message); Assert.Equal(new Range(12, 7, 12, 8), startOrdered[1].Range); - Assert.Equal("decreases clause might not decrease", startOrdered[1].Message); + Assert.Equal("decreases clause could not be proved to decrease", startOrdered[1].Message); Assert.Equal(new Range(17, 7, 17, 8), startOrdered[1].RelatedInformation!.ElementAt(0).Location.Range); Assert.Equal("refining module", startOrdered[1].RelatedInformation.ElementAt(0).Message); } diff --git a/Source/DafnyLanguageServer.Test/Lookup/HoverVerificationTest.cs b/Source/DafnyLanguageServer.Test/Lookup/HoverVerificationTest.cs index 7067c778cf8..68ff9c27237 100644 --- a/Source/DafnyLanguageServer.Test/Lookup/HoverVerificationTest.cs +++ b/Source/DafnyLanguageServer.Test/Lookup/HoverVerificationTest.cs @@ -67,13 +67,13 @@ This is assertion #??? of 4 in method `Abs` // When hovering the failing path, it does not display the position of the failing postcondition // because the IDE extension already does it. await AssertVerificationHoverMatches(documentItem, (5, 4), - @"[**Error:**](???) a postcondition could not be proved on this return path??? + @"[**Error:**](???) a postcondition could not be proved on this return path Could not prove: `y >= 0` This is assertion #??? of 4 in method `Abs` Resource usage: ??? RU" ); await AssertVerificationHoverMatches(documentItem, (7, 11), - @"[**Error:**](???) assertion might not hold + @"[**Error:**](???) assertion could not be proved This is assertion #??? of 4 in method `Abs` Resource usage: ??? RU" ); @@ -102,7 +102,7 @@ ensures Q(x) }", Path.Combine(Directory.GetCurrentDirectory(), "Lookup/TestFiles/test.dfy"), false); // When hovering the failing path, it should extract text from the included file await AssertVerificationHoverMatches(documentItem, (9, 4), - @"[**Error:**](???) a postcondition could not be proved on this return path??? + @"[**Error:**](???) a postcondition could not be proved on this return path Inside `Q(x)` Inside `P(i)` Could not prove: `i >= 0` @@ -124,7 +124,7 @@ await SetUp(o => { } ", "testfile.dfy", true); await AssertVerificationHoverMatches(documentItem, (1, 12), - @"[**Error:**](???) assertion might not hold + @"[**Error:**](???) assertion could not be proved This is the only assertion in [batch](???) #??? of ??? in method `f` [Batch](???) #??? resource usage: ??? RU" ); @@ -186,7 +186,7 @@ method Test(j: int) returns (i: int) ensures i > 0 { i := j; -}", "testfile.dfy", true); +}", "testfile.dfy", false); await AssertVerificationHoverMatches(documentItem, (3, 0), @"**Error:**???return value should be even Could not prove: `i % 2 == 0`" @@ -215,7 +215,7 @@ await AssertVerificationHoverMatches(documentItem, (2, 12), [Batch](???) #1 resource usage: ??? RU" ); await AssertVerificationHoverMatches(documentItem, (3, 26), - @"[**Error:**](???) assertion might not hold + @"[**Error:**](???) assertion could not be proved This is assertion #1 of 2 in [batch](???) #2 of 2 in function `f` [Batch](???) #2 resource usage: ??? RU" ); @@ -311,11 +311,11 @@ static predicate CanAct(t: Test) requires Valid(t) { } ", "testfile2.dfy", true); await AssertVerificationHoverMatches(documentItem, (4, 20), - @"**Error:**???assertion might not hold??? + @"**Error:**???assertion could not be proved??? Could not prove: `t.i > 0` " ); await AssertVerificationHoverMatches(documentItem, (5, 20), - @"**Error:**???assertion might not hold??? + @"**Error:**???assertion could not be proved??? Could not prove: `t.i > 1` " ); await AssertVerificationHoverMatches(documentItem, (5, 20), @@ -375,11 +375,11 @@ function Id(t: T): T { t } ", "testfile2.dfy", true); await AssertVerificationHoverMatches(documentItem, (9, 20), - @"**Error:**???assertion might not hold??? + @"**Error:**???assertion could not be proved??? Could not prove: `i > 0` " ); await AssertVerificationHoverMatches(documentItem, (10, 20), - @"**Error:**???assertion might not hold??? + @"**Error:**???assertion could not be proved??? Could not prove: `i > 1` " ); await AssertVerificationHoverMatches(documentItem, (10, 20), @@ -469,9 +469,10 @@ method Test(i: int) } ", "testfile2.dfy", false); await AssertVerificationHoverMatches(documentItem, (6, 11), - @"**Error:**???assertion might not hold + @"**Error:**???assertion could not be proved Inside `P(1)` -Could not prove: `i <= 0`" +Could not prove: `i <= 0` +This is the only assertion in method `Test`" ); await ApplyChangesAndWaitCompletionAsync( ref documentItem, diff --git a/Source/DafnyLanguageServer.Test/ProjectFiles/MultipleFilesProjectTest.cs b/Source/DafnyLanguageServer.Test/ProjectFiles/MultipleFilesProjectTest.cs index df71ac623cc..e29fd34e0ac 100644 --- a/Source/DafnyLanguageServer.Test/ProjectFiles/MultipleFilesProjectTest.cs +++ b/Source/DafnyLanguageServer.Test/ProjectFiles/MultipleFilesProjectTest.cs @@ -72,7 +72,7 @@ method Bar() { var diagnostics1 = await GetLastDiagnostics(consumer); Assert.Single(diagnostics1); - Assert.Contains("assertion might not hold", diagnostics1.First().Message); + Assert.Contains("assertion could not be proved", diagnostics1.First().Message); await AssertNoDiagnosticsAreComing(CancellationToken); Directory.Delete(directory, true); } @@ -111,9 +111,9 @@ method Bar() { var producerDiagnostics = await GetLastDiagnostics(producer); Assert.Single(consumerDiagnostics); - Assert.Contains("assertion might not hold", consumerDiagnostics.First().Message); + Assert.Contains("assertion could not be proved", consumerDiagnostics.First().Message); Assert.Single(producerDiagnostics); - Assert.Contains("assertion might not hold", producerDiagnostics.First().Message); + Assert.Contains("assertion could not be proved", producerDiagnostics.First().Message); Directory.Delete(directory, true); } diff --git a/Source/DafnyLanguageServer.Test/Various/ConcurrentInteractionsTest.cs b/Source/DafnyLanguageServer.Test/Various/ConcurrentInteractionsTest.cs index bdccae98986..54a6d565ac8 100644 --- a/Source/DafnyLanguageServer.Test/Various/ConcurrentInteractionsTest.cs +++ b/Source/DafnyLanguageServer.Test/Various/ConcurrentInteractionsTest.cs @@ -108,7 +108,7 @@ DidChangeTextDocumentParams MakeChange(int? version, Range range, string text) { var diagnostics = await GetLatestDiagnosticsParams(documentItem, CancellationToken); Assert.Equal(documentItem.Version, diagnostics.Version); Assert.Single(diagnostics.Diagnostics); - AssertM.Equal("assertion might not hold", diagnostics.Diagnostics.First().Message, "actual diagnostic message was: " + diagnostics.Diagnostics.First().Message); + AssertM.Equal("assertion could not be proved", diagnostics.Diagnostics.First().Message, "actual diagnostic message was: " + diagnostics.Diagnostics.First().Message); } [Fact] diff --git a/Source/DafnyLanguageServer.Test/Various/ExceptionTests.cs b/Source/DafnyLanguageServer.Test/Various/ExceptionTests.cs index 70129f43eff..f4fd8aca6be 100644 --- a/Source/DafnyLanguageServer.Test/Various/ExceptionTests.cs +++ b/Source/DafnyLanguageServer.Test/Various/ExceptionTests.cs @@ -81,7 +81,7 @@ public async Task PrepareVerificationCrashRecover() { ApplyChange(ref documentItem, new Range(0, 0, 0, 0), " "); var recoveredDiagnostics = await GetLastDiagnostics(documentItem); Assert.Single(recoveredDiagnostics); - Assert.True(recoveredDiagnostics[0].Message.Contains("might not"), recoveredDiagnostics[0].Message); + Assert.True(recoveredDiagnostics[0].Message.Contains("not be proved"), recoveredDiagnostics[0].Message); } class CrashingVerifier : IProgramVerifier { diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/HigherOrderIntrinsicSpecification/ReadPreconditionBypass3.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/HigherOrderIntrinsicSpecification/ReadPreconditionBypass3.dfy.expect index aedeb65e281..213a5d98d70 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/HigherOrderIntrinsicSpecification/ReadPreconditionBypass3.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/HigherOrderIntrinsicSpecification/ReadPreconditionBypass3.dfy.expect @@ -1,4 +1,4 @@ -ReadPreconditionBypass3.dfy(26,2): Error: assertion might not hold -ReadPreconditionBypass3.dfy(31,2): Error: assertion might not hold +ReadPreconditionBypass3.dfy(26,2): Error: assertion could not be proved +ReadPreconditionBypass3.dfy(31,2): Error: assertion could not be proved Dafny program verifier finished with 1 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/HigherOrderIntrinsicSpecification/ReadPreconditionBypass4.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/HigherOrderIntrinsicSpecification/ReadPreconditionBypass4.dfy.expect index 5898f59f007..9e590dc2b89 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/HigherOrderIntrinsicSpecification/ReadPreconditionBypass4.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/HigherOrderIntrinsicSpecification/ReadPreconditionBypass4.dfy.expect @@ -1,4 +1,4 @@ -ReadPreconditionBypass4.dfy(30,2): Error: assertion might not hold -ReadPreconditionBypass4.dfy(44,2): Error: assertion might not hold +ReadPreconditionBypass4.dfy(30,2): Error: assertion could not be proved +ReadPreconditionBypass4.dfy(44,2): Error: assertion could not be proved Dafny program verifier finished with 2 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/reveal/revealConstants.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/reveal/revealConstants.dfy.expect index 91ab5320f9d..e346d789931 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/reveal/revealConstants.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/reveal/revealConstants.dfy.expect @@ -1,3 +1,3 @@ -revealConstants.dfy(10,2): Error: assertion might not hold +revealConstants.dfy(10,2): Error: assertion could not be proved Dafny program verifier finished with 3 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/reveal/revealFunctions.dfy b/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/reveal/revealFunctions.dfy index 193481cef30..efbf328039a 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/reveal/revealFunctions.dfy +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/reveal/revealFunctions.dfy @@ -98,7 +98,7 @@ module M2 { ensures RecFunc(0) == 0 { // Because RecFunc is recursive, it uses the fuel related $LS function, - // this was previously hidden by 'hide *', so that the ensures could not be proven + // this was previously hidden by 'hide *', so that the ensures could not be proved hide *; reveal RecFunc; } diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/reveal/revealFunctions.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/reveal/revealFunctions.dfy.expect index 414ff83c4f9..3c2c22e2016 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/reveal/revealFunctions.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/reveal/revealFunctions.dfy.expect @@ -13,13 +13,13 @@ revealFunctions.dfy(121,2): Info: hidden functions: Outer revealFunctions.dfy(131,10): Info: hidden functions: HideInFunction revealFunctions.dfy(134,2): Info: hidden functions: P revealFunctions.dfy(138,2): Info: hidden functions: P -revealFunctions.dfy(15,4): Error: assertion might not hold -revealFunctions.dfy(22,4): Error: assertion might not hold -revealFunctions.dfy(49,4): Error: assertion might not hold -revealFunctions.dfy(117,2): Error: assertion might not hold -revealFunctions.dfy(118,2): Error: assertion might not hold -revealFunctions.dfy(121,2): Error: assertion might not hold -revealFunctions.dfy(134,2): Error: assertion might not hold -revealFunctions.dfy(138,2): Error: assertion might not hold +revealFunctions.dfy(15,4): Error: assertion could not be proved +revealFunctions.dfy(22,4): Error: assertion could not be proved +revealFunctions.dfy(49,4): Error: assertion could not be proved +revealFunctions.dfy(117,2): Error: assertion could not be proved +revealFunctions.dfy(118,2): Error: assertion could not be proved +revealFunctions.dfy(121,2): Error: assertion could not be proved +revealFunctions.dfy(134,2): Error: assertion could not be proved +revealFunctions.dfy(138,2): Error: assertion could not be proved Dafny program verifier finished with 25 verified, 8 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/reveal/revealInBlock.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/reveal/revealInBlock.dfy.expect index 2011bb1b901..dd5739e7dba 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/reveal/revealInBlock.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/reveal/revealInBlock.dfy.expect @@ -1,12 +1,12 @@ -revealInBlock.dfy(20,2): Error: assertion might not hold -revealInBlock.dfy(30,6): Error: assertion might not hold -revealInBlock.dfy(33,2): Error: assertion might not hold -revealInBlock.dfy(43,2): Error: assertion might not hold -revealInBlock.dfy(56,2): Error: assertion might not hold -revealInBlock.dfy(67,2): Error: assertion might not hold -revealInBlock.dfy(78,6): Error: assertion might not hold -revealInBlock.dfy(81,2): Error: assertion might not hold -revealInBlock.dfy(91,6): Error: assertion might not hold -revealInBlock.dfy(94,2): Error: assertion might not hold +revealInBlock.dfy(20,2): Error: assertion could not be proved +revealInBlock.dfy(30,6): Error: assertion could not be proved +revealInBlock.dfy(33,2): Error: assertion could not be proved +revealInBlock.dfy(43,2): Error: assertion could not be proved +revealInBlock.dfy(56,2): Error: assertion could not be proved +revealInBlock.dfy(67,2): Error: assertion could not be proved +revealInBlock.dfy(78,6): Error: assertion could not be proved +revealInBlock.dfy(81,2): Error: assertion could not be proved +revealInBlock.dfy(91,6): Error: assertion could not be proved +revealInBlock.dfy(94,2): Error: assertion could not be proved Dafny program verifier finished with 20 verified, 10 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/reveal/revealInExpression.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/reveal/revealInExpression.dfy.expect index 7a691500428..f2b4c64720e 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/reveal/revealInExpression.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/reveal/revealInExpression.dfy.expect @@ -1,3 +1,3 @@ -revealInExpression.dfy(34,6): Error: assertion might not hold +revealInExpression.dfy(34,6): Error: assertion could not be proved Dafny program verifier finished with 15 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/statement/AssertBy.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/statement/AssertBy.dfy.expect index 776641ad0ef..a2369eb13cd 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/statement/AssertBy.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/statement/AssertBy.dfy.expect @@ -21,8 +21,8 @@ method WellFormedness(x: int) assume x == 3; } } -AssertBy.dfy(6,2): Error: assertion might not hold -AssertBy.dfy(7,2): Error: assertion might not hold -AssertBy.dfy(16,2): Error: assertion might not hold +AssertBy.dfy(6,2): Error: assertion could not be proved +AssertBy.dfy(7,2): Error: assertion could not be proved +AssertBy.dfy(16,2): Error: assertion could not be proved Dafny program verifier finished with 1 verified, 3 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/statement/calls/CallBy.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/statement/calls/CallBy.dfy.expect index 349dbd35dd9..b269799c5fc 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/statement/calls/CallBy.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/statement/calls/CallBy.dfy.expect @@ -1,8 +1,8 @@ -CallBy.dfy(26,2): Error: assertion might not hold -CallBy.dfy(32,2): Error: assertion might not hold -CallBy.dfy(39,2): Error: assertion might not hold -CallBy.dfy(50,2): Error: assertion might not hold -CallBy.dfy(56,2): Error: assertion might not hold -CallBy.dfy(66,2): Error: assertion might not hold +CallBy.dfy(26,2): Error: assertion could not be proved +CallBy.dfy(32,2): Error: assertion could not be proved +CallBy.dfy(39,2): Error: assertion could not be proved +CallBy.dfy(50,2): Error: assertion could not be proved +CallBy.dfy(56,2): Error: assertion could not be proved +CallBy.dfy(66,2): Error: assertion could not be proved Dafny program verifier finished with 4 verified, 6 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/statement/calls/CallByHide.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/statement/calls/CallByHide.dfy.expect index a8180269827..0305a342863 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/statement/calls/CallByHide.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/statement/calls/CallByHide.dfy.expect @@ -1,3 +1,3 @@ -CallByHide.dfy(15,2): Error: assertion might not hold +CallByHide.dfy(15,2): Error: assertion could not be proved Dafny program verifier finished with 2 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/statement/opaqueBlock.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/statement/opaqueBlock.dfy.expect index 6bb52fd7c9a..9f6baac7c35 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/statement/opaqueBlock.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/statement/opaqueBlock.dfy.expect @@ -1,17 +1,17 @@ -opaqueBlock.dfy(15,2): Error: assertion might not hold -opaqueBlock.dfy(28,2): Error: assertion might not hold -opaqueBlock.dfy(42,2): Error: assertion might not hold +opaqueBlock.dfy(15,2): Error: assertion could not be proved +opaqueBlock.dfy(28,2): Error: assertion could not be proved +opaqueBlock.dfy(42,2): Error: assertion could not be proved opaqueBlock.dfy(49,14): Error: possible division by zero -opaqueBlock.dfy(54,17): Error: variable 'y', which is subject to definite-assignment rules, might be uninitialized here -opaqueBlock.dfy(71,21): Error: assignment might update an object not in the enclosing context's modifies clause -opaqueBlock.dfy(85,12): Error: assignment might update an object not in the enclosing context's modifies clause -opaqueBlock.dfy(93,2): Error: opaque block might violate context's modifies clause -opaqueBlock.dfy(106,4): Error: opaque block might violate context's modifies clause -opaqueBlock.dfy(127,12): Error: variable 'y', which is subject to definite-assignment rules, might be uninitialized here -opaqueBlock.dfy(130,17): Error: variable 'z', which is subject to definite-assignment rules, might be uninitialized here -opaqueBlock.dfy(142,12): Error: ensures might not hold -opaqueBlock.dfy(206,6): Error: assignment might update an object not in the enclosing context's modifies clause -opaqueBlock.dfy(218,2): Error: assertion might not hold -opaqueBlock.dfy(228,2): Error: assertion might not hold +opaqueBlock.dfy(54,17): Error: variable 'y', which is subject to definite-assignment rules, could not be proved to be initialized here +opaqueBlock.dfy(71,21): Error: modified field could not be proved to be in the current modifies clause +opaqueBlock.dfy(85,12): Error: modified field could not be proved to be in the current modifies clause +opaqueBlock.dfy(93,2): Error: modified object in opaque block could not be proved to be in the current modifies clause +opaqueBlock.dfy(106,4): Error: modified object in opaque block could not be proved to be in the current modifies clause +opaqueBlock.dfy(127,12): Error: variable 'y', which is subject to definite-assignment rules, could not be proved to be initialized here +opaqueBlock.dfy(130,17): Error: variable 'z', which is subject to definite-assignment rules, could not be proved to be initialized here +opaqueBlock.dfy(142,12): Error: ensures could not be proved +opaqueBlock.dfy(206,6): Error: modified field could not be proved to be in the current modifies clause +opaqueBlock.dfy(218,2): Error: assertion could not be proved +opaqueBlock.dfy(228,2): Error: assertion could not be proved Dafny program verifier finished with 4 verified, 15 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/subsetTypes/errorReporting.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/subsetTypes/errorReporting.dfy.expect index c4f213a1fba..199b2c08c3b 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/subsetTypes/errorReporting.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/ast/subsetTypes/errorReporting.dfy.expect @@ -1,3 +1,3 @@ -errorReporting.dfy(5,2): Error: the given witness expression might not satisfy constraint +errorReporting.dfy(5,2): Error: the given witness expression could not be proved to satisfy constraint Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/cli/diagnosticsFormats.legacy.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/cli/diagnosticsFormats.legacy.dfy.expect index 4be76d15aca..b722adb781d 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/cli/diagnosticsFormats.legacy.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/cli/diagnosticsFormats.legacy.dfy.expect @@ -1,24 +1,24 @@ diagnosticsFormats.legacy.dfy(15,0): Warning: module-level const declarations are always non-instance, so the 'static' keyword is not allowed here -diagnosticsFormats.legacy.dfy(16,17): Error: result of operation might violate newtype constraint for 'byte' +diagnosticsFormats.legacy.dfy(16,17): Error: result of operation could not be proved to satisfy newtype constraint for 'byte' diagnosticsFormats.legacy.dfy(19,16): Error: a precondition for this call could not be proved diagnosticsFormats.legacy.dfy(18,35): Related location: this is the precondition that could not be proved Dafny program verifier finished with 1 verified, 2 errors {"location":{"filename":"diagnosticsFormats.legacy.dfy","filePath":"TestFiles/LitTests/LitTest/cli/diagnosticsFormats.legacy.dfy","uri":"file:///diagnosticsFormats.legacy.dfy","range":{"start":{"line":15,"character":0},"end":{"line":15,"character":6}}},"severity":2,"message":"module-level const declarations are always non-instance, so the \u0027static\u0027 keyword is not allowed here","source":"Parser","relatedInformation":[]} -{"location":{"filename":"diagnosticsFormats.legacy.dfy","filePath":"TestFiles/LitTests/LitTest/cli/diagnosticsFormats.legacy.dfy","uri":"file:///diagnosticsFormats.legacy.dfy","range":{"start":{"line":16,"character":17},"end":{"line":16,"character":20}}},"severity":1,"message":"Error: result of operation might violate newtype constraint for \u0027byte\u0027","source":"Verifier","relatedInformation":[]} +{"location":{"filename":"diagnosticsFormats.legacy.dfy","filePath":"TestFiles/LitTests/LitTest/cli/diagnosticsFormats.legacy.dfy","uri":"file:///diagnosticsFormats.legacy.dfy","range":{"start":{"line":16,"character":17},"end":{"line":16,"character":20}}},"severity":1,"message":"Error: result of operation could not be proved to satisfy newtype constraint for \u0027byte\u0027","source":"Verifier","relatedInformation":[]} {"location":{"filename":"diagnosticsFormats.legacy.dfy","filePath":"TestFiles/LitTests/LitTest/cli/diagnosticsFormats.legacy.dfy","uri":"file:///diagnosticsFormats.legacy.dfy","range":{"start":{"line":19,"character":16},"end":{"line":19,"character":17}}},"severity":1,"message":"Error: a precondition for this call could not be proved","source":"Verifier","relatedInformation":[{"location":{"filename":"diagnosticsFormats.legacy.dfy","filePath":"TestFiles/LitTests/LitTest/cli/diagnosticsFormats.legacy.dfy","uri":"file:///diagnosticsFormats.legacy.dfy","range":{"start":{"line":18,"character":35},"end":{"line":18,"character":40}}},"message":"this is the precondition that could not be proved"}]} Dafny program verifier finished with 1 verified, 2 errors Warning: this way of using the CLI is deprecated. Use 'dafny --help' to see help for the new Dafny CLI format {"location":{"filename":"diagnosticsFormats.legacy.dfy","filePath":"diagnosticsFormats.legacy.dfy","uri":"file:///diagnosticsFormats.legacy.dfy","range":{"start":{"line":15,"character":0},"end":{"line":15,"character":6}}},"severity":2,"message":"module-level const declarations are always non-instance, so the \u0027static\u0027 keyword is not allowed here","source":"Parser","relatedInformation":[]} {"location":{"filename":"diagnosticsFormats.legacy.dfy","filePath":"diagnosticsFormats.legacy.dfy","uri":"file:///diagnosticsFormats.legacy.dfy","range":{"start":{"line":14,"character":8},"end":{"line":14,"character":12}}},"severity":4,"message":"newtype byte resolves as target-complete {:nativeType \u0022byte\u0022} (detected range: 0 .. 256)","source":"Resolver","relatedInformation":[]} -{"location":{"filename":"diagnosticsFormats.legacy.dfy","filePath":"diagnosticsFormats.legacy.dfy","uri":"file:///diagnosticsFormats.legacy.dfy","range":{"start":{"line":16,"character":17},"end":{"line":16,"character":20}}},"severity":1,"message":"Error: result of operation might violate newtype constraint for \u0027byte\u0027","source":"Verifier","relatedInformation":[]} +{"location":{"filename":"diagnosticsFormats.legacy.dfy","filePath":"diagnosticsFormats.legacy.dfy","uri":"file:///diagnosticsFormats.legacy.dfy","range":{"start":{"line":16,"character":17},"end":{"line":16,"character":20}}},"severity":1,"message":"Error: result of operation could not be proved to satisfy newtype constraint for \u0027byte\u0027","source":"Verifier","relatedInformation":[]} {"location":{"filename":"diagnosticsFormats.legacy.dfy","filePath":"diagnosticsFormats.legacy.dfy","uri":"file:///diagnosticsFormats.legacy.dfy","range":{"start":{"line":19,"character":16},"end":{"line":19,"character":17}}},"severity":1,"message":"Error: a precondition for this call could not be proved","source":"Verifier","relatedInformation":[{"location":{"filename":"diagnosticsFormats.legacy.dfy","filePath":"diagnosticsFormats.legacy.dfy","uri":"file:///diagnosticsFormats.legacy.dfy","range":{"start":{"line":18,"character":35},"end":{"line":18,"character":40}}},"message":"Related location: this is the precondition that could not be proved"}]} Dafny program verifier finished with 1 verified, 2 errors Warning: this way of using the CLI is deprecated. Use 'dafny --help' to see help for the new Dafny CLI format {"location":{"filename":"diagnosticsFormats.legacy.dfy","filePath":"diagnosticsFormats.legacy.dfy","uri":"file:///diagnosticsFormats.legacy.dfy","range":{"start":{"line":15,"character":0},"end":{"line":15,"character":6}}},"severity":2,"message":"module-level const declarations are always non-instance, so the \u0027static\u0027 keyword is not allowed here","source":"Parser","relatedInformation":[]} -{"location":{"filename":"diagnosticsFormats.legacy.dfy","filePath":"diagnosticsFormats.legacy.dfy","uri":"file:///diagnosticsFormats.legacy.dfy","range":{"start":{"line":16,"character":17},"end":{"line":16,"character":20}}},"severity":1,"message":"Error: result of operation might violate newtype constraint for \u0027byte\u0027","source":"Verifier","relatedInformation":[]} +{"location":{"filename":"diagnosticsFormats.legacy.dfy","filePath":"diagnosticsFormats.legacy.dfy","uri":"file:///diagnosticsFormats.legacy.dfy","range":{"start":{"line":16,"character":17},"end":{"line":16,"character":20}}},"severity":1,"message":"Error: result of operation could not be proved to satisfy newtype constraint for \u0027byte\u0027","source":"Verifier","relatedInformation":[]} {"location":{"filename":"diagnosticsFormats.legacy.dfy","filePath":"diagnosticsFormats.legacy.dfy","uri":"file:///diagnosticsFormats.legacy.dfy","range":{"start":{"line":19,"character":16},"end":{"line":19,"character":17}}},"severity":1,"message":"Error: a precondition for this call could not be proved","source":"Verifier","relatedInformation":[{"location":{"filename":"diagnosticsFormats.legacy.dfy","filePath":"diagnosticsFormats.legacy.dfy","uri":"file:///diagnosticsFormats.legacy.dfy","range":{"start":{"line":18,"character":35},"end":{"line":18,"character":40}}},"message":"Related location: this is the precondition that could not be proved"}]} Dafny program verifier finished with 1 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/cli/errorLimit.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/cli/errorLimit.dfy.expect index 1c39627d5e3..b416d076543 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/cli/errorLimit.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/cli/errorLimit.dfy.expect @@ -1,8 +1,8 @@ -errorLimit.dfy(5,4): Error: assertion might not hold -errorLimit.dfy(7,4): Error: assertion might not hold -errorLimit.dfy(9,4): Error: assertion might not hold -errorLimit.dfy(11,4): Error: assertion might not hold -errorLimit.dfy(13,4): Error: assertion might not hold -errorLimit.dfy(15,4): Error: assertion might not hold +errorLimit.dfy(5,4): Error: assertion could not be proved +errorLimit.dfy(7,4): Error: assertion could not be proved +errorLimit.dfy(9,4): Error: assertion could not be proved +errorLimit.dfy(11,4): Error: assertion could not be proved +errorLimit.dfy(13,4): Error: assertion could not be proved +errorLimit.dfy(15,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 6 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/cli/inputFormatDeleteSources.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/cli/inputFormatDeleteSources.dfy.expect index 8bd4af37828..59b8407af01 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/cli/inputFormatDeleteSources.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/cli/inputFormatDeleteSources.dfy.expect @@ -1,5 +1,5 @@ -inputFormatDeleteSources.dfy(-1,-2): Error: assertion might not hold -inputFormatDeleteSources.dfy(-1,-2): Error: assertion might not hold -inputFormatDeleteSources.dfy(-1,-2): Error: assertion might not hold +inputFormatDeleteSources.dfy(-1,-2): Error: assertion could not be proved +inputFormatDeleteSources.dfy(-1,-2): Error: assertion could not be proved +inputFormatDeleteSources.dfy(-1,-2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 3 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/cli/json-output.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/cli/json-output.dfy.expect index 12f37d17e8f..6d1e2e96f70 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/cli/json-output.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/cli/json-output.dfy.expect @@ -1,10 +1,10 @@ json-output.dfy(13,0): Warning: module-level const declarations are always non-instance, so the 'static' keyword is not allowed here -json-output.dfy(14,17): Error: result of operation might violate newtype constraint for 'byte' +json-output.dfy(14,17): Error: result of operation could not be proved to satisfy newtype constraint for 'byte' json-output.dfy(17,16): Error: a precondition for this call could not be proved json-output.dfy(16,35): Related location: this is the precondition that could not be proved Dafny program verifier finished with 1 verified, 2 errors {"type":"diagnostic","value":{"location":{"filename":"json-output.dfy","filePath":"TestFiles/LitTests/LitTest/cli/json-output.dfy","uri":"file:///json-output.dfy","range":{"start":{"line":13,"character":0},"end":{"line":13,"character":6}}},"severity":2,"arguments":[],"defaultFormatMessage":"module-level const declarations are always non-instance, so the \u0027static\u0027 keyword is not allowed here","errorId":"p_module_level_const_always_static","source":"Parser","relatedInformation":[]}} -{"type":"diagnostic","value":{"location":{"filename":"json-output.dfy","filePath":"TestFiles/LitTests/LitTest/cli/json-output.dfy","uri":"file:///json-output.dfy","range":{"start":{"line":14,"character":17},"end":{"line":14,"character":20}}},"severity":1,"arguments":[],"defaultFormatMessage":"result of operation might violate newtype constraint for \u0027byte\u0027","errorId":null,"source":"Verifier","relatedInformation":[]}} +{"type":"diagnostic","value":{"location":{"filename":"json-output.dfy","filePath":"TestFiles/LitTests/LitTest/cli/json-output.dfy","uri":"file:///json-output.dfy","range":{"start":{"line":14,"character":17},"end":{"line":14,"character":20}}},"severity":1,"arguments":[],"defaultFormatMessage":"result of operation could not be proved to satisfy newtype constraint for \u0027byte\u0027","errorId":null,"source":"Verifier","relatedInformation":[]}} {"type":"diagnostic","value":{"location":{"filename":"json-output.dfy","filePath":"TestFiles/LitTests/LitTest/cli/json-output.dfy","uri":"file:///json-output.dfy","range":{"start":{"line":17,"character":16},"end":{"line":17,"character":17}}},"severity":1,"arguments":[],"defaultFormatMessage":"a precondition for this call could not be proved","errorId":null,"source":"Verifier","relatedInformation":[{"location":{"filename":"json-output.dfy","filePath":"TestFiles/LitTests/LitTest/cli/json-output.dfy","uri":"file:///json-output.dfy","range":{"start":{"line":16,"character":35},"end":{"line":16,"character":40}}},"arguments":[],"errorId":"","defaultFormatMessage":"this is the precondition that could not be proved"}]}} {"type":"status","value":"\nDafny program verifier finished with 1 verified, 2 errors\n"} diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/cli/measure-complexity.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/cli/measure-complexity.dfy.expect index 6d85294ad54..2c87272f7f0 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/cli/measure-complexity.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/cli/measure-complexity.dfy.expect @@ -1,5 +1,5 @@ Starting verification of mutation 1/1 with seed 0 -measure-complexity.dfy(6,18): Error: assertion might not hold +measure-complexity.dfy(6,18): Error: assertion could not be proved The total consumed resources are The most demanding 100 verification tasks consumed these resources: measure-complexity.dfy diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/AdvancedLHS.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/AdvancedLHS.dfy.expect index 4a9cd7580fe..42d82cef128 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/AdvancedLHS.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/AdvancedLHS.dfy.expect @@ -1,3 +1,3 @@ -AdvancedLHS.dfy(34,22): Error: target object might be null +AdvancedLHS.dfy(34,22): Error: target object could not be proved to be non-null Dafny program verifier finished with 3 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Array.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Array.dfy.expect index 3067770ffe5..421de7c8c40 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Array.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Array.dfy.expect @@ -2,12 +2,12 @@ Array.dfy(142:22-142:23): Warning: deprecated style: a semi-colon is not needed Array.dfy(163:19-163:20): Warning: deprecated style: a semi-colon is not needed here Array.dfy(317:29-317:30): Warning: deprecated style: a semi-colon is not needed here Array.dfy(318:64-318:65): Warning: deprecated style: a semi-colon is not needed here -Array.dfy(13:7-13:8): Error: assignment might update an array element not in the enclosing context's modifies clause -Array.dfy(20:15-20:21): Error: target object might be null +Array.dfy(13:7-13:8): Error: modified array location could not be proved to be in the current modifies clause +Array.dfy(20:15-20:21): Error: target object could not be proved to be non-null Array.dfy(26:5-26:6): Error: index out of range -Array.dfy(50:4-50:10): Error: assertion might not hold -Array.dfy(58:7-58:8): Error: assignment might update an array element not in the enclosing context's modifies clause -Array.dfy(65:7-65:8): Error: assignment might update an array element not in the enclosing context's modifies clause +Array.dfy(50:4-50:10): Error: assertion could not be proved +Array.dfy(58:7-58:8): Error: modified array location could not be proved to be in the current modifies clause +Array.dfy(65:7-65:8): Error: modified array location could not be proved to be in the current modifies clause Array.dfy(108:20-108:21): Error: upper bound below lower bound or above length of array Array.dfy(118:7-118:8): Error: insufficient reads clause to read the indicated range of array elements; Consider adding 'reads a' in the enclosing function specification for resolution Array.dfy(120:7-120:8): Error: insufficient reads clause to read the indicated range of array elements; Consider adding 'reads a' in the enclosing function specification for resolution @@ -15,8 +15,8 @@ Array.dfy(121:7-121:8): Error: insufficient reads clause to read the indicated r Array.dfy(122:7-122:8): Error: insufficient reads clause to read the indicated range of array elements; Consider adding 'reads a' in the enclosing function specification for resolution Array.dfy(160:5-160:6): Error: insufficient reads clause to read array element; Consider adding 'reads a' in the enclosing function specification for resolution Array.dfy(168:5-168:6): Error: insufficient reads clause to read array element; Consider adding 'reads b' in the enclosing function specification for resolution -Array.dfy(184:5-184:6): Error: assignment might update an array element not in the enclosing context's modifies clause -Array.dfy(191:5-191:6): Error: assignment might update an array element not in the enclosing context's modifies clause +Array.dfy(184:5-184:6): Error: modified array location could not be proved to be in the current modifies clause +Array.dfy(191:5-191:6): Error: modified array location could not be proved to be in the current modifies clause Array.dfy(216:0-216:1): Error: a postcondition could not be proved on this return path Array.dfy(215:10-215:16): Related location: this is the postcondition that could not be proved Array.dfy(240:0-240:1): Error: a postcondition could not be proved on this return path @@ -28,9 +28,9 @@ Array.dfy(256:5-256:6): Error: value does not satisfy the subset constraints of Array.dfy(257:12-257:13): Error: value does not satisfy the subset constraints of 'nat' Array.dfy(258:6-258:7): Error: value does not satisfy the subset constraints of 'nat' Array.dfy(260:4-260:5): Error: value does not satisfy the subset constraints of 'nat' -Array.dfy(332:4-332:5): Error: assignment might update an object not in the enclosing context's modifies clause -Array.dfy(338:5-338:6): Error: assignment might update an array element not in the enclosing context's modifies clause -Array.dfy(353:4-353:10): Error: assertion might not hold -Array.dfy(358:17-358:18): Error: left-hand sides that.x and this.x might refer to the same location +Array.dfy(332:4-332:5): Error: modified field could not be proved to be in the current modifies clause +Array.dfy(338:5-338:6): Error: modified array location could not be proved to be in the current modifies clause +Array.dfy(353:4-353:10): Error: assertion could not be proved +Array.dfy(358:17-358:18): Error: left-hand sides that.x and this.x could not be proved to refer to different locations Dafny program verifier finished with 41 verified, 27 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ArrayElementInit.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ArrayElementInit.dfy.expect index 36555bac90f..24cb7dfa253 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ArrayElementInit.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ArrayElementInit.dfy.expect @@ -1,13 +1,13 @@ ArrayElementInit.dfy(13,31): Error: possible division by zero ArrayElementInit.dfy(19,11): Error: all array indices must be in the domain of the initialization function ArrayElementInit.dfy(39,11): Error: all array indices must be in the domain of the initialization function -ArrayElementInit.dfy(66,2): Error: assertion might not hold +ArrayElementInit.dfy(66,2): Error: assertion could not be proved ArrayElementInit.dfy(86,21): Error: unless an initializer is provided for the array elements, a new array of 'D' must have empty size ArrayElementInit.dfy(88,23): Error: unless an initializer is provided for the array elements, a new array of 'D' must have empty size ArrayElementInit.dfy(102,24): Error: value does not satisfy the subset constraints of 'nat' ArrayElementInit.dfy(110,32): Error: value does not satisfy the subset constraints of 'nat' ArrayElementInit.dfy(113,20): Error: given array size must agree with the number of expressions in the initializing display (4) -ArrayElementInit.dfy(139,2): Error: assertion might not hold +ArrayElementInit.dfy(139,2): Error: assertion could not be proved ArrayElementInit.dfy(144,22): Error: function precondition could not be proved ArrayElementInit.dfy(152,21): Error: unless an initializer is provided for the array elements, a new array of 'D' must have empty size ArrayElementInit.dfy(154,21): Error: unless an initializer is provided for the array elements, a new array of 'D' must have empty size diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ArrayElementInitERR.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ArrayElementInitERR.dfy.expect index b2b1216b7bd..2bb891ed8e6 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ArrayElementInitERR.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ArrayElementInitERR.dfy.expect @@ -1,13 +1,13 @@ ArrayElementInitERR.dfy(13,31): Error: possible division by zero ArrayElementInitERR.dfy(19,11): Error: all array indices must be in the domain of the initialization function ArrayElementInitERR.dfy(39,11): Error: all array indices must be in the domain of the initialization function -ArrayElementInitERR.dfy(66,2): Error: assertion might not hold +ArrayElementInitERR.dfy(66,2): Error: assertion could not be proved ArrayElementInitERR.dfy(86,21): Error: unless an initializer is provided for the array elements, a new array of 'D' must have empty size ArrayElementInitERR.dfy(88,23): Error: unless an initializer is provided for the array elements, a new array of 'D' must have empty size ArrayElementInitERR.dfy(102,24): Error: value does not satisfy the subset constraints of 'nat' ArrayElementInitERR.dfy(110,32): Error: value does not satisfy the subset constraints of 'nat' ArrayElementInitERR.dfy(113,20): Error: given array size must agree with the number of expressions in the initializing display (4) -ArrayElementInitERR.dfy(139,2): Error: assertion might not hold +ArrayElementInitERR.dfy(139,2): Error: assertion could not be proved ArrayElementInitERR.dfy(144,22): Error: function precondition could not be proved ArrayElementInitERR.dfy(152,21): Error: unless an initializer is provided for the array elements, a new array of 'D' must have empty size ArrayElementInitERR.dfy(154,21): Error: unless an initializer is provided for the array elements, a new array of 'D' must have empty size diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/AsIs-UnusedTypeParameters.dfy.refresh.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/AsIs-UnusedTypeParameters.dfy.refresh.expect index f3fae19559e..bab95721074 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/AsIs-UnusedTypeParameters.dfy.refresh.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/AsIs-UnusedTypeParameters.dfy.refresh.expect @@ -1,7 +1,7 @@ -AsIs-UnusedTypeParameters.dfy(39,6): Error: assertion might not hold +AsIs-UnusedTypeParameters.dfy(39,6): Error: assertion could not be proved AsIs-UnusedTypeParameters.dfy(41,12): Error: value of expression (of type 'C>') is not known to be an instance of type 'C>' AsIs-UnusedTypeParameters.dfy(43,15): Error: value of expression (of type 'C>') is not known to be an instance of type 'C>' -AsIs-UnusedTypeParameters.dfy(57,6): Error: assertion might not hold +AsIs-UnusedTypeParameters.dfy(57,6): Error: assertion could not be proved AsIs-UnusedTypeParameters.dfy(59,12): Error: value of expression (of type 'C>') is not known to be an instance of type 'C>' AsIs-UnusedTypeParameters.dfy(61,15): Error: value of expression (of type 'C>') is not known to be an instance of type 'C>' diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/AsIs.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/AsIs.dfy.expect index e15ef09172f..d1fee2538ea 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/AsIs.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/AsIs.dfy.expect @@ -3,11 +3,11 @@ AsIs.dfy(62,15): Error: value of expression (of type 'object') is not known to b AsIs.dfy(64,15): Error: value of expression (of type 'object') is not known to be an instance of type 'B' AsIs.dfy(66,25): Error: value of expression (of type 'object') is not known to be an instance of type 'B' AsIs.dfy(68,15): Error: value of expression (of type 'object') is not known to be an instance of type 'A' -AsIs.dfy(119,4): Error: assertion might not hold -AsIs.dfy(123,4): Error: assertion might not hold -AsIs.dfy(128,4): Error: assertion might not hold -AsIs.dfy(139,4): Error: assertion might not hold -AsIs.dfy(143,4): Error: assertion might not hold -AsIs.dfy(148,4): Error: assertion might not hold +AsIs.dfy(119,4): Error: assertion could not be proved +AsIs.dfy(123,4): Error: assertion could not be proved +AsIs.dfy(128,4): Error: assertion could not be proved +AsIs.dfy(139,4): Error: assertion could not be proved +AsIs.dfy(143,4): Error: assertion could not be proved +AsIs.dfy(148,4): Error: assertion could not be proved Dafny program verifier finished with 7 verified, 11 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/AsIsAgain.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/AsIsAgain.dfy.expect index 191f49efd16..c47a17fd8f5 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/AsIsAgain.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/AsIsAgain.dfy.expect @@ -3,11 +3,11 @@ AsIsAgain.dfy(62,15): Error: value of expression (of type 'object') is not known AsIsAgain.dfy(64,15): Error: value of expression (of type 'object') is not known to be an instance of type 'B' AsIsAgain.dfy(66,25): Error: value of expression (of type 'object') is not known to be an instance of type 'B' AsIsAgain.dfy(68,15): Error: value of expression (of type 'object') is not known to be an instance of type 'A' -AsIsAgain.dfy(119,4): Error: assertion might not hold -AsIsAgain.dfy(123,4): Error: assertion might not hold -AsIsAgain.dfy(128,4): Error: assertion might not hold -AsIsAgain.dfy(139,4): Error: assertion might not hold -AsIsAgain.dfy(143,4): Error: assertion might not hold -AsIsAgain.dfy(148,4): Error: assertion might not hold +AsIsAgain.dfy(119,4): Error: assertion could not be proved +AsIsAgain.dfy(123,4): Error: assertion could not be proved +AsIsAgain.dfy(128,4): Error: assertion could not be proved +AsIsAgain.dfy(139,4): Error: assertion could not be proved +AsIsAgain.dfy(143,4): Error: assertion could not be proved +AsIsAgain.dfy(148,4): Error: assertion could not be proved Dafny program verifier finished with 7 verified, 11 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/AutoReq.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/AutoReq.dfy.expect index c9c5d88bc16..ff5f5dede79 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/AutoReq.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/AutoReq.dfy.expect @@ -4,15 +4,15 @@ AutoReq.dfy(25,3): Error: function precondition could not be proved AutoReq.dfy(5,13): Related location: this proposition could not be proved AutoReq.dfy(38,12): Error: function precondition could not be proved AutoReq.dfy(5,13): Related location: this proposition could not be proved -AutoReq.dfy(38,12): Error: assertion might not hold +AutoReq.dfy(38,12): Error: assertion could not be proved AutoReq.dfy(31,13): Related location: this proposition could not be proved AutoReq.dfy(7,4): Related location: this proposition could not be proved AutoReq.dfy(40,12): Error: function precondition could not be proved AutoReq.dfy(5,13): Related location: this proposition could not be proved -AutoReq.dfy(40,12): Error: assertion might not hold +AutoReq.dfy(40,12): Error: assertion could not be proved AutoReq.dfy(31,27): Related location: this proposition could not be proved AutoReq.dfy(7,4): Related location: this proposition could not be proved -AutoReq.dfy(45,12): Error: assertion might not hold +AutoReq.dfy(45,12): Error: assertion could not be proved AutoReq.dfy(31,13): Related location: this proposition could not be proved AutoReq.dfy(7,4): Related location: this proposition could not be proved AutoReq.dfy(247,6): Error: function precondition could not be proved diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Backticks.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Backticks.dfy.expect index a88d403b08f..e2a12962aad 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Backticks.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Backticks.dfy.expect @@ -1,4 +1,4 @@ Backticks.dfy(38,5): Error: insufficient reads clause to invoke function -Backticks.dfy(77,7): Error: call might violate context's modifies clause +Backticks.dfy(77,7): Error: modified object in call could not be proved to be in the current modifies clause Dafny program verifier finished with 12 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BadFunction.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BadFunction.dfy.expect index 779318f5de2..ccc95d6fc6c 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BadFunction.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BadFunction.dfy.expect @@ -1,3 +1,3 @@ -BadFunction.dfy(9,3): Error: decreases clause might not decrease +BadFunction.dfy(9,3): Error: decreases clause could not be proved to decrease Dafny program verifier finished with 1 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Basics.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Basics.dfy.expect index 9bf481cb04e..912b5a7f72b 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Basics.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Basics.dfy.expect @@ -1,22 +1,22 @@ -Basics.dfy(13,13): Error: variable 'g', which is subject to definite-assignment rules, might be uninitialized here -Basics.dfy(45,4): Error: assertion might not hold -Basics.dfy(69,41): Error: assertion might not hold -Basics.dfy(93,4): Error: assertion might not hold -Basics.dfy(99,4): Error: assertion might not hold -Basics.dfy(112,27): Error: target object might be null -Basics.dfy(114,13): Error: target object might be null -Basics.dfy(148,4): Error: assertion might not hold -Basics.dfy(167,9): Error: when left-hand sides a[b[18]] and a[4] refer to the same location, they must be assigned the same value -Basics.dfy(183,9): Error: when left-hand sides x.f and y.f refer to the same location, they must be assigned the same value -Basics.dfy(195,4): Error: assertion might not hold -Basics.dfy(197,9): Error: assignment might update an object not in the enclosing context's modifies clause -Basics.dfy(197,9): Error: target object might be null -Basics.dfy(202,11): Error: left-hand sides m.x and m.x might refer to the same location -Basics.dfy(213,4): Error: assertion might not hold -Basics.dfy(273,9): Error: when left-hand sides d.x and c.x refer to the same location, they must be assigned the same value -Basics.dfy(463,2): Error: assertion might not hold -Basics.dfy(474,4): Error: assertion might not hold -Basics.dfy(476,2): Error: assertion might not hold -Basics.dfy(623,17): Error: result of operation might violate newtype constraint for 'int8' +Basics.dfy(13,13): Error: variable 'g', which is subject to definite-assignment rules, could not be proved to be initialized here +Basics.dfy(45,4): Error: assertion could not be proved +Basics.dfy(69,41): Error: assertion could not be proved +Basics.dfy(93,4): Error: assertion could not be proved +Basics.dfy(99,4): Error: assertion could not be proved +Basics.dfy(112,27): Error: target object could not be proved to be non-null +Basics.dfy(114,13): Error: target object could not be proved to be non-null +Basics.dfy(148,4): Error: assertion could not be proved +Basics.dfy(167,9): Error: when left-hand sides a[b[18]] and a[4] could not be proved to refer to different locations, they must be assigned the same value +Basics.dfy(183,9): Error: when left-hand sides x.f and y.f could not be proved to refer to different locations, they must be assigned the same value +Basics.dfy(195,4): Error: assertion could not be proved +Basics.dfy(197,9): Error: modified field could not be proved to be in the current modifies clause +Basics.dfy(197,9): Error: target object could not be proved to be non-null +Basics.dfy(202,11): Error: left-hand sides m.x and m.x could not be proved to refer to different locations +Basics.dfy(213,4): Error: assertion could not be proved +Basics.dfy(273,9): Error: when left-hand sides d.x and c.x could not be proved to refer to different locations, they must be assigned the same value +Basics.dfy(463,2): Error: assertion could not be proved +Basics.dfy(474,4): Error: assertion could not be proved +Basics.dfy(476,2): Error: assertion could not be proved +Basics.dfy(623,17): Error: result of operation could not be proved to satisfy newtype constraint for 'int8' Dafny program verifier finished with 53 verified, 20 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BigOrdinals.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BigOrdinals.dfy.expect index 38d1ee5f200..f48a4e0e383 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BigOrdinals.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BigOrdinals.dfy.expect @@ -1,12 +1,12 @@ BigOrdinals.dfy(18,11): Error: a negative integer cannot be converted to an ORDINAL -BigOrdinals.dfy(20,11): Error: value to be converted might be bigger than every natural number -BigOrdinals.dfy(35,4): Error: assertion might not hold -BigOrdinals.dfy(53,4): Error: assertion might not hold -BigOrdinals.dfy(64,15): Error: ORDINAL subtraction might underflow a limit ordinal (that is, RHS might be too large) -BigOrdinals.dfy(66,15): Error: ORDINAL subtraction might underflow a limit ordinal (that is, RHS might be too large) -BigOrdinals.dfy(68,15): Error: ORDINAL subtraction might underflow a limit ordinal (that is, RHS might be too large) -BigOrdinals.dfy(73,15): Error: ORDINAL subtraction might underflow a limit ordinal (that is, RHS might be too large) -BigOrdinals.dfy(88,4): Error: assertion might not hold +BigOrdinals.dfy(20,11): Error: value to be converted could not be proved to be a natural number +BigOrdinals.dfy(35,4): Error: assertion could not be proved +BigOrdinals.dfy(53,4): Error: assertion could not be proved +BigOrdinals.dfy(64,15): Error: ORDINAL subtraction could not be proved to remain above limit ordinal (that is, RHS could not be proved to be sufficiently small) +BigOrdinals.dfy(66,15): Error: ORDINAL subtraction could not be proved to remain above limit ordinal (that is, RHS could not be proved to be sufficiently small) +BigOrdinals.dfy(68,15): Error: ORDINAL subtraction could not be proved to remain above limit ordinal (that is, RHS could not be proved to be sufficiently small) +BigOrdinals.dfy(73,15): Error: ORDINAL subtraction could not be proved to remain above limit ordinal (that is, RHS could not be proved to be sufficiently small) +BigOrdinals.dfy(88,4): Error: assertion could not be proved BigOrdinals.dfy(113,9): Error: value does not satisfy the subset constraints of 'ConstrainedOrdinal' BigOrdinals.dfy(120,9): Error: value does not satisfy the subset constraints of 'ConstrainedOrdinal' diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BindingGuards.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BindingGuards.dfy.expect index d0954d71747..9a20b90d191 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BindingGuards.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BindingGuards.dfy.expect @@ -309,7 +309,7 @@ method AltSyntax9(x: int, y: int, c: Color) datatype Color = Red | Green | Blue BindingGuards.dfy(85,10): Error: a postcondition could not be proved on this return path BindingGuards.dfy(71,12): Related location: this is the postcondition that could not be proved -BindingGuards.dfy(134,10): Error: assertion might not hold +BindingGuards.dfy(134,10): Error: assertion could not be proved BindingGuards.dfy(6,8): Related location: this proposition could not be proved BindingGuards.dfy(139,2): Error: alternative cases may not cover all possibilities BindingGuards.dfy(147,2): Error: alternative cases may not cover all possibilities diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BitvectorsMore.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BitvectorsMore.dfy.expect index 3564bde88c2..2a38a90d157 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BitvectorsMore.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BitvectorsMore.dfy.expect @@ -457,39 +457,39 @@ BitvectorsMore.dfy(21,13): Error: possible division by zero BitvectorsMore.dfy(25,13): Error: possible division by zero BitvectorsMore.dfy(30,15): Error: possible division by zero BitvectorsMore.dfy(32,15): Error: possible division by zero -BitvectorsMore.dfy(104,37): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv7 +BitvectorsMore.dfy(104,37): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv7 BitvectorsMore.dfy(105,35): Error: shift amount must not exceed the width of the result (67) -BitvectorsMore.dfy(105,38): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv7 +BitvectorsMore.dfy(105,38): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv7 BitvectorsMore.dfy(107,34): Error: shift amount must not exceed the width of the result (67) -BitvectorsMore.dfy(107,37): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv7 +BitvectorsMore.dfy(107,37): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv7 BitvectorsMore.dfy(108,34): Error: shift amount must not exceed the width of the result (67) -BitvectorsMore.dfy(115,42): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv7 +BitvectorsMore.dfy(115,42): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv7 BitvectorsMore.dfy(116,39): Error: shift amount must not exceed the width of the result (67) -BitvectorsMore.dfy(116,42): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv7 +BitvectorsMore.dfy(116,42): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv7 BitvectorsMore.dfy(124,28): Error: shift amount must not exceed the width of the result (67) -BitvectorsMore.dfy(124,31): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv7 +BitvectorsMore.dfy(124,31): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv7 BitvectorsMore.dfy(125,28): Error: shift amount must not exceed the width of the result (67) -BitvectorsMore.dfy(125,31): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv7 +BitvectorsMore.dfy(125,31): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv7 BitvectorsMore.dfy(135,24): Error: shift amount must not exceed the width of the result (32) -BitvectorsMore.dfy(135,27): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv6 +BitvectorsMore.dfy(135,27): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv6 BitvectorsMore.dfy(136,24): Error: shift amount must not exceed the width of the result (32) -BitvectorsMore.dfy(136,27): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv6 +BitvectorsMore.dfy(136,27): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv6 BitvectorsMore.dfy(137,24): Error: shift amount must not exceed the width of the result (32) -BitvectorsMore.dfy(137,27): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv6 -BitvectorsMore.dfy(146,35): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv3 -BitvectorsMore.dfy(147,35): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv3 -BitvectorsMore.dfy(148,35): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv3 +BitvectorsMore.dfy(137,27): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv6 +BitvectorsMore.dfy(146,35): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv3 +BitvectorsMore.dfy(147,35): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv3 +BitvectorsMore.dfy(148,35): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv3 BitvectorsMore.dfy(157,26): Error: shift amount must not exceed the width of the result (2) -BitvectorsMore.dfy(157,29): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv2 +BitvectorsMore.dfy(157,29): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv2 BitvectorsMore.dfy(158,26): Error: shift amount must not exceed the width of the result (2) -BitvectorsMore.dfy(158,29): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv2 +BitvectorsMore.dfy(158,29): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv2 BitvectorsMore.dfy(159,26): Error: shift amount must not exceed the width of the result (2) -BitvectorsMore.dfy(159,29): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv2 +BitvectorsMore.dfy(159,29): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv2 BitvectorsMore.dfy(160,26): Error: shift amount must not exceed the width of the result (2) -BitvectorsMore.dfy(168,33): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv0 -BitvectorsMore.dfy(169,33): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv0 -BitvectorsMore.dfy(170,33): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv0 -BitvectorsMore.dfy(171,33): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv0 +BitvectorsMore.dfy(168,33): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv0 +BitvectorsMore.dfy(169,33): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv0 +BitvectorsMore.dfy(170,33): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv0 +BitvectorsMore.dfy(171,33): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv0 BitvectorsMore.dfy(193,36): Error: rotate amount must not exceed the width of the result (5) BitvectorsMore.dfy(194,37): Error: rotate amount must not exceed the width of the result (5) diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BitvectorsMore.dfy.refresh.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BitvectorsMore.dfy.refresh.expect index fd45bb23c41..f9e988fa480 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BitvectorsMore.dfy.refresh.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BitvectorsMore.dfy.refresh.expect @@ -517,39 +517,39 @@ BitvectorsMore.dfy(21,13): Error: possible division by zero BitvectorsMore.dfy(25,13): Error: possible division by zero BitvectorsMore.dfy(30,15): Error: possible division by zero BitvectorsMore.dfy(32,15): Error: possible division by zero -BitvectorsMore.dfy(104,37): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv7 +BitvectorsMore.dfy(104,37): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv7 BitvectorsMore.dfy(105,35): Error: shift amount must not exceed the width of the result (67) -BitvectorsMore.dfy(105,38): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv7 +BitvectorsMore.dfy(105,38): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv7 BitvectorsMore.dfy(107,34): Error: shift amount must not exceed the width of the result (67) -BitvectorsMore.dfy(107,37): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv7 +BitvectorsMore.dfy(107,37): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv7 BitvectorsMore.dfy(108,34): Error: shift amount must not exceed the width of the result (67) -BitvectorsMore.dfy(115,42): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv7 +BitvectorsMore.dfy(115,42): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv7 BitvectorsMore.dfy(116,39): Error: shift amount must not exceed the width of the result (67) -BitvectorsMore.dfy(116,42): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv7 +BitvectorsMore.dfy(116,42): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv7 BitvectorsMore.dfy(124,28): Error: shift amount must not exceed the width of the result (67) -BitvectorsMore.dfy(124,31): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv7 +BitvectorsMore.dfy(124,31): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv7 BitvectorsMore.dfy(125,28): Error: shift amount must not exceed the width of the result (67) -BitvectorsMore.dfy(125,31): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv7 +BitvectorsMore.dfy(125,31): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv7 BitvectorsMore.dfy(135,24): Error: shift amount must not exceed the width of the result (32) -BitvectorsMore.dfy(135,27): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv6 +BitvectorsMore.dfy(135,27): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv6 BitvectorsMore.dfy(136,24): Error: shift amount must not exceed the width of the result (32) -BitvectorsMore.dfy(136,27): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv6 +BitvectorsMore.dfy(136,27): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv6 BitvectorsMore.dfy(137,24): Error: shift amount must not exceed the width of the result (32) -BitvectorsMore.dfy(137,27): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv6 -BitvectorsMore.dfy(146,35): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv3 -BitvectorsMore.dfy(147,35): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv3 -BitvectorsMore.dfy(148,35): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv3 +BitvectorsMore.dfy(137,27): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv6 +BitvectorsMore.dfy(146,35): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv3 +BitvectorsMore.dfy(147,35): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv3 +BitvectorsMore.dfy(148,35): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv3 BitvectorsMore.dfy(157,26): Error: shift amount must not exceed the width of the result (2) -BitvectorsMore.dfy(157,29): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv2 +BitvectorsMore.dfy(157,29): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv2 BitvectorsMore.dfy(158,26): Error: shift amount must not exceed the width of the result (2) -BitvectorsMore.dfy(158,29): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv2 +BitvectorsMore.dfy(158,29): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv2 BitvectorsMore.dfy(159,26): Error: shift amount must not exceed the width of the result (2) -BitvectorsMore.dfy(159,29): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv2 +BitvectorsMore.dfy(159,29): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv2 BitvectorsMore.dfy(160,26): Error: shift amount must not exceed the width of the result (2) -BitvectorsMore.dfy(168,33): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv0 -BitvectorsMore.dfy(169,33): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv0 -BitvectorsMore.dfy(170,33): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv0 -BitvectorsMore.dfy(171,33): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv0 +BitvectorsMore.dfy(168,33): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv0 +BitvectorsMore.dfy(169,33): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv0 +BitvectorsMore.dfy(170,33): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv0 +BitvectorsMore.dfy(171,33): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv0 BitvectorsMore.dfy(193,36): Error: rotate amount must not exceed the width of the result (5) BitvectorsMore.dfy(194,37): Error: rotate amount must not exceed the width of the result (5) diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BoundedPolymorphismVerification.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BoundedPolymorphismVerification.dfy.expect index e5ae64f36d9..12cdd2fcd0b 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BoundedPolymorphismVerification.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/BoundedPolymorphismVerification.dfy.expect @@ -1,10 +1,10 @@ BoundedPolymorphismVerification.dfy(13,28): Error: value of expression (of type 'Parent') is not known to be an instance of type 'TheOther' BoundedPolymorphismVerification.dfy(22,18): Error: value of expression (of type 'Trait') is not known to be an instance of type 'X' BoundedPolymorphismVerification.dfy(28,15): Error: value of expression (of type 'Z') is not known to be an instance of type 'object' -BoundedPolymorphismVerification.dfy(49,4): Error: assertion might not hold -BoundedPolymorphismVerification.dfy(60,6): Error: assertion might not hold -BoundedPolymorphismVerification.dfy(68,4): Error: assertion might not hold -BoundedPolymorphismVerification.dfy(115,6): Error: assertion might not hold +BoundedPolymorphismVerification.dfy(49,4): Error: assertion could not be proved +BoundedPolymorphismVerification.dfy(60,6): Error: assertion could not be proved +BoundedPolymorphismVerification.dfy(68,4): Error: assertion could not be proved +BoundedPolymorphismVerification.dfy(115,6): Error: assertion could not be proved BoundedPolymorphismVerification.dfy(144,11): Error: the method must provide an equal or more permissive precondition than in its parent trait BoundedPolymorphismVerification.dfy(148,22): Error: the function must provide an equal or more permissive precondition than in its parent trait BoundedPolymorphismVerification.dfy(173,16): Error: value of expression (of type 'Z') is not known to be an instance of type 'Trait' @@ -13,8 +13,8 @@ BoundedPolymorphismVerification.dfy(366,11): Error: value of expression (of type BoundedPolymorphismVerification.dfy(375,13): Error: value of expression (of type 'Generic') is not known to be an instance of type 'Generic' BoundedPolymorphismVerification.dfy(377,13): Error: value of expression (of type 'Generic') is not known to be an instance of type 'Generic' BoundedPolymorphismVerification.dfy(407,72): Error: value of expression (of type 'ReferenceTrait') is not known to be an instance of type 'ConstrainedReferenceTrait' -BoundedPolymorphismVerification.dfy(408,69): Error: value of expression (of type 'ReferenceTrait?') is not known to be an instance of type 'ReferenceTrait', because it might be null +BoundedPolymorphismVerification.dfy(408,69): Error: value of expression (of type 'ReferenceTrait?') is not known to be an instance of type 'ReferenceTrait', because it could not be proved to be non-null BoundedPolymorphismVerification.dfy(409,72): Error: value of expression (of type 'ReferenceTrait?') is not known to be an instance of type 'ConstrainedReferenceTrait' -BoundedPolymorphismVerification.dfy(420,9): Error: value of expression (of type 'E?') is not known to be an instance of type 'E', because it might be null +BoundedPolymorphismVerification.dfy(420,9): Error: value of expression (of type 'E?') is not known to be an instance of type 'E', because it could not be proved to be non-null Dafny program verifier finished with 33 verified, 18 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ByMethod.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ByMethod.dfy.expect index e39c155089c..6afd3a2de63 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ByMethod.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ByMethod.dfy.expect @@ -14,13 +14,13 @@ ByMethod.dfy(68,4): Error: a postcondition could not be proved on this return pa ByMethod.dfy(67,4): Related location: this is the postcondition that could not be proved ByMethod.dfy(74,12): Error: a postcondition could not be proved on this return path ByMethod.dfy(72,27): Related location: this is the postcondition that could not be proved -ByMethod.dfy(93,13): Error: decreases clause might not decrease -ByMethod.dfy(102,12): Error: decreases clause might not decrease -ByMethod.dfy(111,12): Error: decreases clause might not decrease +ByMethod.dfy(93,13): Error: decreases clause could not be proved to decrease +ByMethod.dfy(102,12): Error: decreases clause could not be proved to decrease +ByMethod.dfy(111,12): Error: decreases clause could not be proved to decrease ByMethod.dfy(126,10): Error: cannot prove termination; try supplying a decreases clause ByMethod.dfy(132,14): Error: cannot prove termination; try supplying a decreases clause ByMethod.dfy(148,11): Error: cannot prove termination; try supplying a decreases clause ByMethod.dfy(152,14): Error: cannot prove termination; try supplying a decreases clause -ByMethod.dfy(175,18): Error: decreases clause might not decrease +ByMethod.dfy(175,18): Error: decreases clause could not be proved to decrease Dafny program verifier finished with 15 verified, 16 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Calculations.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Calculations.dfy.expect index a9f8d00fd4d..5c2786e0f8c 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Calculations.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Calculations.dfy.expect @@ -1,8 +1,8 @@ Calculations.dfy(7,5): Error: index out of range -Calculations.dfy(12,6): Error: assertion might not hold +Calculations.dfy(12,6): Error: assertion could not be proved Calculations.dfy(12,14): Error: index out of range -Calculations.dfy(56,2): Error: assertion might not hold -Calculations.dfy(79,6): Error: assertion might not hold +Calculations.dfy(56,2): Error: assertion could not be proved +Calculations.dfy(79,6): Error: assertion could not be proved Calculations.dfy(79,14): Error: index out of range Dafny program verifier finished with 3 verified, 6 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ChainingDisjointTests.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ChainingDisjointTests.dfy.expect index ee9cf967055..e9943004f33 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ChainingDisjointTests.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ChainingDisjointTests.dfy.expect @@ -1,8 +1,8 @@ ChainingDisjointTests.dfy(49,2): Error: a postcondition could not be proved on this return path ChainingDisjointTests.dfy(48,14): Related location: this is the postcondition that could not be proved ChainingDisjointTests.dfy(42,22): Related location: this proposition could not be proved -ChainingDisjointTests.dfy(58,13): Error: assertion might not hold -ChainingDisjointTests.dfy(58,18): Error: assertion might not hold -ChainingDisjointTests.dfy(58,23): Error: assertion might not hold +ChainingDisjointTests.dfy(58,13): Error: assertion could not be proved +ChainingDisjointTests.dfy(58,18): Error: assertion could not be proved +ChainingDisjointTests.dfy(58,23): Error: assertion could not be proved Dafny program verifier finished with 4 verified, 4 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Char.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Char.dfy.expect index f7a8d982837..8bf31242dac 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Char.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Char.dfy.expect @@ -1,10 +1,10 @@ -Char.dfy(48,8): Error: assertion might not hold -Char.dfy(52,8): Error: assertion might not hold -Char.dfy(63,6): Error: assertion might not hold -Char.dfy(81,7): Error: char subtraction might underflow -Char.dfy(81,13): Error: char addition might overflow -Char.dfy(89,7): Error: char subtraction might underflow -Char.dfy(97,13): Error: char addition might overflow -Char.dfy(105,7): Error: char subtraction might underflow +Char.dfy(48,8): Error: assertion could not be proved +Char.dfy(52,8): Error: assertion could not be proved +Char.dfy(63,6): Error: assertion could not be proved +Char.dfy(81,7): Error: char subtraction could not be proved to remain above minimum +Char.dfy(81,13): Error: char addition could not be proved to remain below maximum +Char.dfy(89,7): Error: char subtraction could not be proved to remain above minimum +Char.dfy(97,13): Error: char addition could not be proved to remain below maximum +Char.dfy(105,7): Error: char subtraction could not be proved to remain above minimum Dafny program verifier finished with 8 verified, 8 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/CoPrefix.dfy b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/CoPrefix.dfy index f23c066103c..0175d173ebf 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/CoPrefix.dfy +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/CoPrefix.dfy @@ -202,9 +202,9 @@ module PrefixEquality { calc { s; ==#[_k-1] - t; // error: this step might not hold + t; // error: could not prove that the calculation of this step holds ==#[if 2 <= _k.Offset then _k-2 else _k-1] - s; // error: this step might not hold + s; // error: could not prove that the calculation of this step holds ==#[0] t; } diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/CoPrefix.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/CoPrefix.dfy.expect index 583894b649f..f23bd4afb13 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/CoPrefix.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/CoPrefix.dfy.expect @@ -1,9 +1,9 @@ -CoPrefix.dfy(63,56): Error: decreases clause might not decrease +CoPrefix.dfy(63,56): Error: decreases clause could not be proved to decrease CoPrefix.dfy(76,55): Error: cannot prove termination; try supplying a decreases clause CoPrefix.dfy(114,0): Error: a postcondition could not be proved on this return path CoPrefix.dfy(113,13): Related location: this is the postcondition that could not be proved CoPrefix.dfy(101,19): Related location: this proposition could not be proved -CoPrefix.dfy(142,24): Error: assertion might not hold +CoPrefix.dfy(142,24): Error: assertion could not be proved CoPrefix.dfy(117,22): Related location: this proposition could not be proved CoPrefix.dfy(151,0): Error: a postcondition could not be proved on this return path CoPrefix.dfy(150,10): Related location: this is the postcondition that could not be proved @@ -14,6 +14,6 @@ CoPrefix.dfy(168,14): Related location: this is the postcondition that could not CoPrefix.dfy(176,10): Error: cannot prove termination; try supplying a decreases clause CoPrefix.dfy(205,6): Error: the calculation step between the previous line and this line could not be proved CoPrefix.dfy(207,6): Error: the calculation step between the previous line and this line could not be proved -CoPrefix.dfy(220,12): Error: ORDINAL subtraction might underflow a limit ordinal (that is, RHS might be too large) +CoPrefix.dfy(220,12): Error: ORDINAL subtraction could not be proved to remain above limit ordinal (that is, RHS could not be proved to be sufficiently small) Dafny program verifier finished with 13 verified, 11 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/CoinductiveProofs.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/CoinductiveProofs.dfy.expect index 5db44086ad5..5000230e330 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/CoinductiveProofs.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/CoinductiveProofs.dfy.expect @@ -1,24 +1,24 @@ -CoinductiveProofs.dfy(30,18): Error: assertion might not hold +CoinductiveProofs.dfy(30,18): Error: assertion could not be proved CoinductiveProofs.dfy(15,45): Related location: this proposition could not be proved CoinductiveProofs.dfy(13,19): Related location: this proposition could not be proved -CoinductiveProofs.dfy(44,19): Error: assertion might not hold -CoinductiveProofs.dfy(48,21): Error: assertion might not hold +CoinductiveProofs.dfy(44,19): Error: assertion could not be proved +CoinductiveProofs.dfy(48,21): Error: assertion could not be proved CoinductiveProofs.dfy(13,19): Related location: this proposition could not be proved CoinductiveProofs.dfy(78,0): Error: a postcondition could not be proved on this return path CoinductiveProofs.dfy(77,11): Related location: this is the postcondition that could not be proved CoinductiveProofs.dfy(73,3): Related location: this proposition could not be proved -CoinductiveProofs.dfy(94,16): Error: assertion might not hold +CoinductiveProofs.dfy(94,16): Error: assertion could not be proved CoinductiveProofs.dfy(87,36): Related location: this proposition could not be proved CoinductiveProofs.dfy(73,3): Related location: this proposition could not be proved CoinductiveProofs.dfy(127,0): Error: a postcondition could not be proved on this return path CoinductiveProofs.dfy(126,11): Related location: this is the postcondition that could not be proved CoinductiveProofs.dfy(115,3): Related location: this proposition could not be proved -CoinductiveProofs.dfy(136,16): Error: assertion might not hold +CoinductiveProofs.dfy(136,16): Error: assertion could not be proved CoinductiveProofs.dfy(117,36): Related location: this proposition could not be proved CoinductiveProofs.dfy(115,3): Related location: this proposition could not be proved -CoinductiveProofs.dfy(149,17): Error: assertion might not hold +CoinductiveProofs.dfy(149,17): Error: assertion could not be proved CoinductiveProofs.dfy(115,3): Related location: this proposition could not be proved -CoinductiveProofs.dfy(153,19): Error: assertion might not hold +CoinductiveProofs.dfy(153,19): Error: assertion could not be proved CoinductiveProofs.dfy(115,3): Related location: this proposition could not be proved CoinductiveProofs.dfy(164,0): Error: a postcondition could not be proved on this return path CoinductiveProofs.dfy(163,11): Related location: this is the postcondition that could not be proved diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Comprehensions.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Comprehensions.dfy.expect index 4674ddcd4f9..01527066456 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Comprehensions.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Comprehensions.dfy.expect @@ -4,8 +4,8 @@ Comprehensions.dfy(24,7): Warning: Could not find a trigger for this quantifier. Comprehensions.dfy(25,11): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. Comprehensions.dfy(32,11): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. Comprehensions.dfy(54,11): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. -Comprehensions.dfy(12,2): Error: assertion might not hold -Comprehensions.dfy(78,4): Error: assertion might not hold +Comprehensions.dfy(12,2): Error: assertion could not be proved +Comprehensions.dfy(78,4): Error: assertion could not be proved Comprehensions.dfy(99,4): Error: insufficient reads clause to invoke the function passed as an argument to the sequence constructor Comprehensions.dfy(107,4): Error: insufficient reads clause to invoke the function passed as an argument to the sequence constructor Comprehensions.dfy(115,40): Error: insufficient reads clause to read field; Consider extracting x to a local variable before the lambda expression, or adding 'reads this' in the enclosing lambda specification for resolution diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ComprehensionsNewSyntax.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ComprehensionsNewSyntax.dfy.expect index 7e0f2d07196..fb04b13aa61 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ComprehensionsNewSyntax.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ComprehensionsNewSyntax.dfy.expect @@ -4,8 +4,8 @@ ComprehensionsNewSyntax.dfy(24,7): Warning: Could not find a trigger for this qu ComprehensionsNewSyntax.dfy(25,11): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. ComprehensionsNewSyntax.dfy(32,11): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. ComprehensionsNewSyntax.dfy(54,11): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. -ComprehensionsNewSyntax.dfy(12,2): Error: assertion might not hold -ComprehensionsNewSyntax.dfy(78,4): Error: assertion might not hold +ComprehensionsNewSyntax.dfy(12,2): Error: assertion could not be proved +ComprehensionsNewSyntax.dfy(78,4): Error: assertion could not be proved ComprehensionsNewSyntax.dfy(99,4): Error: insufficient reads clause to invoke the function passed as an argument to the sequence constructor ComprehensionsNewSyntax.dfy(107,4): Error: insufficient reads clause to invoke the function passed as an argument to the sequence constructor ComprehensionsNewSyntax.dfy(115,40): Error: insufficient reads clause to read field; Consider extracting x to a local variable before the lambda expression, or adding 'reads this' in the enclosing lambda specification for resolution diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ComputationsLoop.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ComputationsLoop.dfy.expect index 07df1e764c2..c2b8146e6aa 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ComputationsLoop.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ComputationsLoop.dfy.expect @@ -1,4 +1,4 @@ -ComputationsLoop.dfy(7,13): Error: decreases clause might not decrease -ComputationsLoop.dfy(12,25): Error: assertion might not hold +ComputationsLoop.dfy(7,13): Error: decreases clause could not be proved to decrease +ComputationsLoop.dfy(12,25): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ComputationsLoop2.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ComputationsLoop2.dfy.expect index 1182d1fde00..f978c57755c 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ComputationsLoop2.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ComputationsLoop2.dfy.expect @@ -1,5 +1,5 @@ ComputationsLoop2.dfy(6,16): Error: cannot prove termination; try supplying a decreases clause ComputationsLoop2.dfy(11,13): Error: cannot prove termination; try supplying a decreases clause -ComputationsLoop2.dfy(16,25): Error: assertion might not hold +ComputationsLoop2.dfy(16,25): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 3 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ComputationsNeg.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ComputationsNeg.dfy.expect index bb75ba7257e..1d5251323ae 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ComputationsNeg.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ComputationsNeg.dfy.expect @@ -1,10 +1,10 @@ -ComputationsNeg.dfy(7,5): Error: decreases clause might not decrease +ComputationsNeg.dfy(7,5): Error: decreases clause could not be proved to decrease ComputationsNeg.dfy(11,0): Error: a postcondition could not be proved on this return path ComputationsNeg.dfy(10,16): Related location: this is the postcondition that could not be proved ComputationsNeg.dfy(23,0): Error: a postcondition could not be proved on this return path ComputationsNeg.dfy(22,20): Related location: this is the postcondition that could not be proved ComputationsNeg.dfy(19,28): Related location: this proposition could not be proved -ComputationsNeg.dfy(36,2): Error: assertion might not hold -ComputationsNeg.dfy(45,2): Error: assertion might not hold +ComputationsNeg.dfy(36,2): Error: assertion could not be proved +ComputationsNeg.dfy(45,2): Error: assertion could not be proved Dafny program verifier finished with 5 verified, 5 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ControlStructures.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ControlStructures.dfy.expect index 4ad5390e18e..feac817b882 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ControlStructures.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ControlStructures.dfy.expect @@ -4,10 +4,10 @@ ControlStructures.dfy(17,2): Error: missing case in match statement: Purple ControlStructures.dfy(46,4): Error: missing case in match statement: Red ControlStructures.dfy(54,2): Error: missing case in match expression: Red ControlStructures.dfy(75,2): Error: alternative cases may not cover all possibilities -ControlStructures.dfy(218,8): Error: assertion might not hold -ControlStructures.dfy(235,6): Error: assertion might not hold -ControlStructures.dfy(238,4): Error: assertion might not hold -ControlStructures.dfy(241,2): Error: assertion might not hold +ControlStructures.dfy(218,8): Error: assertion could not be proved +ControlStructures.dfy(235,6): Error: assertion could not be proved +ControlStructures.dfy(238,4): Error: assertion could not be proved +ControlStructures.dfy(241,2): Error: assertion could not be proved ControlStructures.dfy(350,2): Error: cannot prove termination; try supplying a decreases clause for the loop ControlStructures.dfy(381,2): Error: cannot prove termination; try supplying a decreases clause for the loop ControlStructures.dfy(448,16): Error: this invariant could not be proved to be maintained by the loop diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Corecursion.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Corecursion.dfy.expect index b7b9fadda97..a7be7f8d719 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Corecursion.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Corecursion.dfy.expect @@ -4,7 +4,7 @@ Corecursion.dfy(58,11): Error: cannot prove termination; try supplying a decreas Corecursion.dfy(71,16): Error: cannot prove termination; try supplying a decreases clause (note that calls cannot be co-recursive in this context) Corecursion.dfy(93,15): Error: cannot prove termination; try supplying a decreases clause (note that a call can be co-recursive only if all intra-cluster calls are in non-destructive contexts) Corecursion.dfy(103,15): Error: cannot prove termination; try supplying a decreases clause (note that a call can be co-recursive only if all intra-cluster calls are in non-destructive contexts) -Corecursion.dfy(148,13): Error: decreases clause might not decrease (note that a call can be co-recursive only if all intra-cluster calls are in non-destructive contexts) -Corecursion.dfy(161,13): Error: decreases clause might not decrease (note that a call can be co-recursive only if all intra-cluster calls are in non-destructive contexts) +Corecursion.dfy(148,13): Error: decreases clause could not be proved to decrease (note that a call can be co-recursive only if all intra-cluster calls are in non-destructive contexts) +Corecursion.dfy(161,13): Error: decreases clause could not be proved to decrease (note that a call can be co-recursive only if all intra-cluster calls are in non-destructive contexts) Dafny program verifier finished with 14 verified, 8 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DTypes.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DTypes.dfy.expect index a77584c81d4..23f8a6120c5 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DTypes.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DTypes.dfy.expect @@ -6,16 +6,16 @@ DTypes.dfy(231,14): Warning: the type of the other operand is a non-null type, s DTypes.dfy(232,14): Warning: the type of the other operand is a non-null type, so this comparison with 'null' will always return 'false' (to make it possible for variable 'c' to have the value 'null', declare its type to be 'Cell?') DTypes.dfy(233,14): Warning: the type of the other operand is a non-null type, so this comparison with 'null' will always return 'false' (to make it possible for variable 'd' to have the value 'null', declare its type to be 'Cell?') DTypes.dfy(64,13): Warning: the type of the other operand is a non-null type, so this comparison with 'null' will always return 'true' (to make it possible for variable 'a' to have the value 'null', declare its type to be 'CP?') -DTypes.dfy(18,4): Error: assertion might not hold -DTypes.dfy(56,4): Error: assertion might not hold -DTypes.dfy(121,11): Error: assertion might not hold +DTypes.dfy(18,4): Error: assertion could not be proved +DTypes.dfy(56,4): Error: assertion could not be proved +DTypes.dfy(121,11): Error: assertion could not be proved DTypes.dfy(93,29): Related location: datatype constructor -DTypes.dfy(127,11): Error: assertion might not hold +DTypes.dfy(127,11): Error: assertion could not be proved DTypes.dfy(93,19): Related location: datatype constructor -DTypes.dfy(137,20): Error: assertion might not hold +DTypes.dfy(137,20): Error: assertion could not be proved DTypes.dfy(132,4): Related location: this proposition could not be proved DTypes.dfy(93,19): Related location: datatype constructor -DTypes.dfy(156,4): Error: assertion might not hold +DTypes.dfy(156,4): Error: assertion could not be proved DTypes.dfy(179,2): Error: a postcondition could not be proved on this return path DTypes.dfy(178,14): Related location: this is the postcondition that could not be proved diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Datatypes.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Datatypes.dfy.expect index 8fb65f46cb9..c3bb56e91fc 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Datatypes.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Datatypes.dfy.expect @@ -1,6 +1,6 @@ -Datatypes.dfy(82,10): Error: assertion might not hold -Datatypes.dfy(170,6): Error: assertion might not hold -Datatypes.dfy(172,6): Error: assertion might not hold +Datatypes.dfy(82,10): Error: assertion could not be proved +Datatypes.dfy(170,6): Error: assertion could not be proved +Datatypes.dfy(172,6): Error: assertion could not be proved Datatypes.dfy(201,12): Error: destructor 'Car' can only be applied to datatype values constructed by 'XCons' Datatypes.dfy(204,16): Error: destructor 'Car' can only be applied to datatype values constructed by 'XCons' Datatypes.dfy(225,16): Error: destructor 'c' can only be applied to datatype values constructed by 'T'' @@ -12,7 +12,7 @@ Datatypes.dfy(349,4): Error: missing case in match expression: Nil Datatypes.dfy(356,7): Error: missing case in match expression: Cons(_, _) Datatypes.dfy(356,7): Error: missing case in match expression: Nil Datatypes.dfy(377,21): Error: RHS is not certain to look like the pattern 'AAA' -Datatypes.dfy(493,6): Error: assertion might not hold -Datatypes.dfy(495,6): Error: assertion might not hold +Datatypes.dfy(493,6): Error: assertion could not be proved +Datatypes.dfy(495,6): Error: assertion could not be proved Dafny program verifier finished with 29 verified, 15 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DecreasesTo0.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DecreasesTo0.dfy.expect index 4956fcdca04..b72cd178670 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DecreasesTo0.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DecreasesTo0.dfy.expect @@ -1,12 +1,12 @@ -DecreasesTo0.dfy(22,2): Error: assertion might not hold -DecreasesTo0.dfy(26,2): Error: assertion might not hold -DecreasesTo0.dfy(30,2): Error: assertion might not hold -DecreasesTo0.dfy(34,2): Error: assertion might not hold -DecreasesTo0.dfy(38,2): Error: assertion might not hold -DecreasesTo0.dfy(42,2): Error: assertion might not hold -DecreasesTo0.dfy(52,4): Error: assertion might not hold -DecreasesTo0.dfy(56,4): Error: assertion might not hold -DecreasesTo0.dfy(58,4): Error: assertion might not hold -DecreasesTo0.dfy(67,2): Error: assertion might not hold +DecreasesTo0.dfy(22,2): Error: assertion could not be proved +DecreasesTo0.dfy(26,2): Error: assertion could not be proved +DecreasesTo0.dfy(30,2): Error: assertion could not be proved +DecreasesTo0.dfy(34,2): Error: assertion could not be proved +DecreasesTo0.dfy(38,2): Error: assertion could not be proved +DecreasesTo0.dfy(42,2): Error: assertion could not be proved +DecreasesTo0.dfy(52,4): Error: assertion could not be proved +DecreasesTo0.dfy(56,4): Error: assertion could not be proved +DecreasesTo0.dfy(58,4): Error: assertion could not be proved +DecreasesTo0.dfy(67,2): Error: assertion could not be proved Dafny program verifier finished with 4 verified, 10 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DecreasesTo1.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DecreasesTo1.dfy.expect index b9772de2560..dce170dc223 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DecreasesTo1.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DecreasesTo1.dfy.expect @@ -1,24 +1,24 @@ -DecreasesTo1.dfy(19,2): Error: assertion might not hold +DecreasesTo1.dfy(19,2): Error: assertion could not be proved Asserted expression: 0 decreases to 1 -DecreasesTo1.dfy(23,2): Error: assertion might not hold +DecreasesTo1.dfy(23,2): Error: assertion could not be proved Asserted expression: x - 1 decreases to x -DecreasesTo1.dfy(27,2): Error: assertion might not hold +DecreasesTo1.dfy(27,2): Error: assertion could not be proved Asserted expression: (x, y - 1 decreases to x, y) -DecreasesTo1.dfy(39,39): Error: decreases clause might not decrease +DecreasesTo1.dfy(39,39): Error: decreases clause could not be proved to decrease Asserted expression: n + m decreases to n + m + 1 -DecreasesTo1.dfy(49,20): Error: decreases clause might not decrease +DecreasesTo1.dfy(49,20): Error: decreases clause could not be proved to decrease Asserted expression: old(n + m) decreases to n + m + 1 -DecreasesTo1.dfy(57,2): Error: decreases expression might not decrease +DecreasesTo1.dfy(57,2): Error: decreases expression could not be proved to decrease Asserted expression: old@LoopEntry(prev_x') decreases to x' with the label `LoopEntry` applied to the loop and with the following declarations at the beginning of the loop body: var prev_x': int := x'; var prev_y': int := y'; -DecreasesTo1.dfy(69,2): Error: assertion might not hold +DecreasesTo1.dfy(69,2): Error: assertion could not be proved Asserted expression: 0 nonincreases to 1 -DecreasesTo1.dfy(73,2): Error: assertion might not hold +DecreasesTo1.dfy(73,2): Error: assertion could not be proved Asserted expression: i decreases to b -DecreasesTo1.dfy(77,2): Error: assertion might not hold +DecreasesTo1.dfy(77,2): Error: assertion could not be proved Asserted expression: 0 decreases to false Dafny program verifier finished with 2 verified, 9 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DecreasesTo3.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DecreasesTo3.dfy.expect index 544157aea1b..b6ecca7efe4 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DecreasesTo3.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DecreasesTo3.dfy.expect @@ -1,16 +1,16 @@ -DecreasesTo3.dfy(5,34): Error: assertion might not hold +DecreasesTo3.dfy(5,34): Error: assertion could not be proved Asserted expression: (1 decreases to 0) && (0 decreases to 1) -DecreasesTo3.dfy(9,2): Error: assertion might not hold +DecreasesTo3.dfy(9,2): Error: assertion could not be proved Asserted expression: 0 decreases to 1 -DecreasesTo3.dfy(13,2): Error: assertion might not hold +DecreasesTo3.dfy(13,2): Error: assertion could not be proved Asserted expression: b <==> (0, 1, 2 decreases to (0 nonincreases to 0), b <==> b, 6) <==> b -DecreasesTo3.dfy(17,2): Error: assertion might not hold +DecreasesTo3.dfy(17,2): Error: assertion could not be proved Asserted expression: b <==> (3 decreases to 2) <==> !b -DecreasesTo3.dfy(21,2): Error: assertion might not hold +DecreasesTo3.dfy(21,2): Error: assertion could not be proved Asserted expression: b <==> b decreases to var two: int := 2; two <= two -DecreasesTo3.dfy(28,2): Error: assertion might not hold +DecreasesTo3.dfy(28,2): Error: assertion could not be proved Asserted expression: (Lemma(); b) <==> (Lemma(); !b) decreases to (Lemma(); false) -DecreasesTo3.dfy(32,2): Error: assertion might not hold +DecreasesTo3.dfy(32,2): Error: assertion could not be proved Asserted expression: (b decreases to (Lemma(); true), (Lemma(); true)) Dafny program verifier finished with 0 verified, 7 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DefaultParameters.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DefaultParameters.dfy.expect index edd1f6bca0e..e42dda24135 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DefaultParameters.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DefaultParameters.dfy.expect @@ -3,8 +3,8 @@ DefaultParameters.dfy(63,42): Error: default value could not be proved to be all DefaultParameters.dfy(67,38): Error: default value could not be proved to be allocated in the two-state lemma's previous state DefaultParameters.dfy(92,2): Error: a postcondition could not be proved on this return path DefaultParameters.dfy(91,16): Related location: this is the postcondition that could not be proved -DefaultParameters.dfy(102,6): Error: assertion might not hold -DefaultParameters.dfy(110,6): Error: assertion might not hold +DefaultParameters.dfy(102,6): Error: assertion could not be proved +DefaultParameters.dfy(110,6): Error: assertion could not be proved DefaultParameters.dfy(124,37): Error: insufficient reads clause to read field; Mutable fields cannot be accessed within certain scopes, such as default values, the right-hand side of constants, or co-recursive calls DefaultParameters.dfy(131,40): Error: insufficient reads clause to read field; Mutable fields cannot be accessed within certain scopes, such as default values, the right-hand side of constants, or co-recursive calls DefaultParameters.dfy(135,49): Error: possible division by zero @@ -34,10 +34,10 @@ DefaultParameters.dfy(200,42): Error: default-value expression is not allowed to DefaultParameters.dfy(211,63): Error: default-value expression is not allowed to involve recursive or mutually recursive calls DefaultParameters.dfy(219,30): Error: default-value expression is not allowed to involve recursive or mutually recursive calls DefaultParameters.dfy(220,30): Error: default-value expression is not allowed to involve recursive or mutually recursive calls -DefaultParameters.dfy(229,9): Error: decreases clause might not decrease -DefaultParameters.dfy(235,5): Error: decreases clause might not decrease -DefaultParameters.dfy(235,7): Error: decreases clause might not decrease -DefaultParameters.dfy(241,5): Error: decreases clause might not decrease +DefaultParameters.dfy(229,9): Error: decreases clause could not be proved to decrease +DefaultParameters.dfy(235,5): Error: decreases clause could not be proved to decrease +DefaultParameters.dfy(235,7): Error: decreases clause could not be proved to decrease +DefaultParameters.dfy(241,5): Error: decreases clause could not be proved to decrease DefaultParameters.dfy(251,31): Error: insufficient reads clause to read field; Mutable fields cannot be accessed within certain scopes, such as default values, the right-hand side of constants, or co-recursive calls DefaultParameters.dfy(258,42): Error: default-value expression is not allowed to involve recursive or mutually recursive calls DefaultParameters.dfy(267,41): Error: possible division by zero @@ -74,7 +74,7 @@ DefaultParameters.dfy(520,38): Error: insufficient reads clause to read field; M DefaultParameters.dfy(521,40): Error: insufficient reads clause to read field; Mutable fields cannot be accessed within certain scopes, such as default values, the right-hand side of constants, or co-recursive calls DefaultParameters.dfy(524,49): Error: insufficient reads clause to read field; Mutable fields cannot be accessed within certain scopes, such as default values, the right-hand side of constants, or co-recursive calls DefaultParameters.dfy(548,38): Error: insufficient reads clause to read field; Mutable fields cannot be accessed within certain scopes, such as default values, the right-hand side of constants, or co-recursive calls -DefaultParameters.dfy(601,16): Error: assertion might not hold +DefaultParameters.dfy(601,16): Error: assertion could not be proved DefaultParameters.dfy(582,18): Related location: this proposition could not be proved Dafny program verifier finished with 72 verified, 74 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Definedness.dfy b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Definedness.dfy index 606d7741ba4..c0946f6eaec 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Definedness.dfy +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Definedness.dfy @@ -237,7 +237,7 @@ ghost function Postie3(c: Mountain?): Mountain? // all is cool ghost function Postie4(c: Mountain?): Mountain? requires c != null && c.x <= 5; reads c; ensures Postie4(c) != null && Postie4(c).x < 10; - ensures Postie4(c).x == 5; // error: postcondition might not hold + ensures Postie4(c).x == 5; // error: could not prove postcondition { c } diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Definedness.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Definedness.dfy.expect index bd28e97ab5e..0865b93c1a6 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Definedness.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Definedness.dfy.expect @@ -1,23 +1,23 @@ Definedness.dfy(11,6): Error: possible division by zero Definedness.dfy(18,15): Error: possible division by zero -Definedness.dfy(27,15): Error: target object might be null -Definedness.dfy(28,20): Error: target object might be null +Definedness.dfy(27,15): Error: target object could not be proved to be non-null +Definedness.dfy(28,20): Error: target object could not be proved to be non-null Definedness.dfy(29,16): Error: possible division by zero -Definedness.dfy(36,15): Error: target object might be null -Definedness.dfy(45,15): Error: target object might be null -Definedness.dfy(53,17): Error: target object might be null +Definedness.dfy(36,15): Error: target object could not be proved to be non-null +Definedness.dfy(45,15): Error: target object could not be proved to be non-null +Definedness.dfy(53,17): Error: target object could not be proved to be non-null Definedness.dfy(54,2): Error: a postcondition could not be proved on this return path Definedness.dfy(53,21): Related location: this is the postcondition that could not be proved -Definedness.dfy(60,17): Error: target object might be null +Definedness.dfy(60,17): Error: target object could not be proved to be non-null Definedness.dfy(61,2): Error: a postcondition could not be proved on this return path Definedness.dfy(60,21): Related location: this is the postcondition that could not be proved Definedness.dfy(68,2): Error: a postcondition could not be proved on this return path Definedness.dfy(67,21): Related location: this is the postcondition that could not be proved -Definedness.dfy(88,6): Error: target object might be null +Definedness.dfy(88,6): Error: target object could not be proved to be non-null Definedness.dfy(89,5): Error: function precondition could not be proved Definedness.dfy(79,15): Related location: this proposition could not be proved -Definedness.dfy(89,9): Error: assignment might update an object not in the enclosing context's modifies clause -Definedness.dfy(89,9): Error: target object might be null +Definedness.dfy(89,9): Error: modified field could not be proved to be in the current modifies clause +Definedness.dfy(89,9): Error: target object could not be proved to be non-null Definedness.dfy(90,10): Error: function precondition could not be proved Definedness.dfy(79,15): Related location: this proposition could not be proved Definedness.dfy(95,13): Error: possible division by zero @@ -47,7 +47,7 @@ Definedness.dfy(196,22): Error: this loop invariant could not be proved on entry Definedness.dfy(196,27): Error: possible division by zero Definedness.dfy(219,2): Error: a postcondition could not be proved on this return path Definedness.dfy(217,45): Related location: this is the postcondition that could not be proved -Definedness.dfy(224,21): Error: target object might be null +Definedness.dfy(224,21): Error: target object could not be proved to be non-null Definedness.dfy(242,2): Error: a postcondition could not be proved on this return path Definedness.dfy(240,23): Related location: this is the postcondition that could not be proved diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DefiniteAssignment.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DefiniteAssignment.dfy.expect index c3093ef3abe..5271bcc9b25 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DefiniteAssignment.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DefiniteAssignment.dfy.expect @@ -1,24 +1,24 @@ -DefiniteAssignment.dfy(11,9): Error: field 'y', which is subject to definite-assignment rules, might be uninitialized here -DefiniteAssignment.dfy(18,4): Error: field 'y', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body -DefiniteAssignment.dfy(23,2): Error: field 'y', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body -DefiniteAssignment.dfy(27,2): Error: field 'x', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body -DefiniteAssignment.dfy(31,9): Error: field 'y', which is subject to definite-assignment rules, might be uninitialized here -DefiniteAssignment.dfy(45,0): Error: out-parameter 'y', which is subject to definite-assignment rules, might be uninitialized at this return point -DefiniteAssignment.dfy(53,9): Error: variable 'z', which is subject to definite-assignment rules, might be uninitialized here -DefiniteAssignment.dfy(61,15): Error: variable 'j', which is subject to definite-assignment rules, might be uninitialized here -DefiniteAssignment.dfy(64,4): Error: out-parameter 'y', which is subject to definite-assignment rules, might be uninitialized at this return point -DefiniteAssignment.dfy(68,0): Error: out-parameter 'z', which is subject to definite-assignment rules, might be uninitialized at this return point -DefiniteAssignment.dfy(90,9): Error: variable 'y', which is subject to definite-assignment rules, might be uninitialized here +DefiniteAssignment.dfy(11,9): Error: field 'y', which is subject to definite-assignment rules, could not be proved to be initialized here +DefiniteAssignment.dfy(18,4): Error: field 'y', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body +DefiniteAssignment.dfy(23,2): Error: field 'y', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body +DefiniteAssignment.dfy(27,2): Error: field 'x', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body +DefiniteAssignment.dfy(31,9): Error: field 'y', which is subject to definite-assignment rules, could not be proved to be initialized here +DefiniteAssignment.dfy(45,0): Error: out-parameter 'y', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +DefiniteAssignment.dfy(53,9): Error: variable 'z', which is subject to definite-assignment rules, could not be proved to be initialized here +DefiniteAssignment.dfy(61,15): Error: variable 'j', which is subject to definite-assignment rules, could not be proved to be initialized here +DefiniteAssignment.dfy(64,4): Error: out-parameter 'y', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +DefiniteAssignment.dfy(68,0): Error: out-parameter 'z', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +DefiniteAssignment.dfy(90,9): Error: variable 'y', which is subject to definite-assignment rules, could not be proved to be initialized here DefiniteAssignment.dfy(99,5): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. -DefiniteAssignment.dfy(99,14): Error: variable 'e1', which is subject to definite-assignment rules, might be uninitialized here -DefiniteAssignment.dfy(132,7): Error: variable 'b', which is subject to definite-assignment rules, might be uninitialized here -DefiniteAssignment.dfy(133,0): Error: out-parameter 'g', which is subject to definite-assignment rules, might be uninitialized at this return point -DefiniteAssignment.dfy(148,8): Error: variable 'w', which is subject to definite-assignment rules, might be uninitialized here -DefiniteAssignment.dfy(242,12): Error: variable 'a', which is subject to definite-assignment rules, might be uninitialized here -DefiniteAssignment.dfy(243,12): Error: variable 'b', which is subject to definite-assignment rules, might be uninitialized here -DefiniteAssignment.dfy(281,13): Error: variable 'f', which is subject to definite-assignment rules, might be uninitialized here -DefiniteAssignment.dfy(286,13): Error: variable 'f', which is subject to definite-assignment rules, might be uninitialized here -DefiniteAssignment.dfy(294,13): Error: variable 'f', which is subject to definite-assignment rules, might be uninitialized here +DefiniteAssignment.dfy(99,14): Error: variable 'e1', which is subject to definite-assignment rules, could not be proved to be initialized here +DefiniteAssignment.dfy(132,7): Error: variable 'b', which is subject to definite-assignment rules, could not be proved to be initialized here +DefiniteAssignment.dfy(133,0): Error: out-parameter 'g', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +DefiniteAssignment.dfy(148,8): Error: variable 'w', which is subject to definite-assignment rules, could not be proved to be initialized here +DefiniteAssignment.dfy(242,12): Error: variable 'a', which is subject to definite-assignment rules, could not be proved to be initialized here +DefiniteAssignment.dfy(243,12): Error: variable 'b', which is subject to definite-assignment rules, could not be proved to be initialized here +DefiniteAssignment.dfy(281,13): Error: variable 'f', which is subject to definite-assignment rules, could not be proved to be initialized here +DefiniteAssignment.dfy(286,13): Error: variable 'f', which is subject to definite-assignment rules, could not be proved to be initialized here +DefiniteAssignment.dfy(294,13): Error: variable 'f', which is subject to definite-assignment rules, could not be proved to be initialized here DefiniteAssignment.dfy(305,13): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. DefiniteAssignment.dfy(310,13): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. DefiniteAssignment.dfy(315,6): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. @@ -26,14 +26,14 @@ DefiniteAssignment.dfy(321,6): Error: cannot establish the existence of LHS valu DefiniteAssignment.dfy(333,13): Error: cannot establish the existence of LHS values that satisfy the such-that predicate DefiniteAssignment.dfy(339,6): Error: cannot establish the existence of LHS values that satisfy the such-that predicate DefiniteAssignment.dfy(356,4): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. -DefiniteAssignment.dfy(375,11): Error: field 'y', which is subject to definite-assignment rules, might be uninitialized here -DefiniteAssignment.dfy(382,6): Error: field 'y', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body -DefiniteAssignment.dfy(387,4): Error: field 'y', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body -DefiniteAssignment.dfy(392,4): Error: field 'x', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body -DefiniteAssignment.dfy(427,9): Error: variable 'g', which is subject to definite-assignment rules, might be uninitialized here -DefiniteAssignment.dfy(433,11): Error: variable 'g', which is subject to definite-assignment rules, might be uninitialized here -DefiniteAssignment.dfy(438,13): Error: variable 'g', which is subject to definite-assignment rules, might be uninitialized here -DefiniteAssignment.dfy(441,2): Error: out-parameter 'r'', which is subject to definite-assignment rules, might be uninitialized at this return point -DefiniteAssignment.dfy(449,2): Error: out-parameter 'r', which is subject to definite-assignment rules, might be uninitialized at this return point +DefiniteAssignment.dfy(375,11): Error: field 'y', which is subject to definite-assignment rules, could not be proved to be initialized here +DefiniteAssignment.dfy(382,6): Error: field 'y', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body +DefiniteAssignment.dfy(387,4): Error: field 'y', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body +DefiniteAssignment.dfy(392,4): Error: field 'x', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body +DefiniteAssignment.dfy(427,9): Error: variable 'g', which is subject to definite-assignment rules, could not be proved to be initialized here +DefiniteAssignment.dfy(433,11): Error: variable 'g', which is subject to definite-assignment rules, could not be proved to be initialized here +DefiniteAssignment.dfy(438,13): Error: variable 'g', which is subject to definite-assignment rules, could not be proved to be initialized here +DefiniteAssignment.dfy(441,2): Error: out-parameter 'r'', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +DefiniteAssignment.dfy(449,2): Error: out-parameter 'r', which is subject to definite-assignment rules, could not be proved to be initialized at this return point Dafny program verifier finished with 14 verified, 37 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DiamondImports.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DiamondImports.dfy.expect index 85198cd6b44..d40497acf28 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DiamondImports.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DiamondImports.dfy.expect @@ -1,7 +1,7 @@ -DiamondImports.dfy(34,6): Error: assertion might not hold -DiamondImports.dfy(50,6): Error: assertion might not hold -DiamondImports.dfy(101,6): Error: assertion might not hold -DiamondImports.dfy(120,6): Error: assertion might not hold -DiamondImports.dfy(140,6): Error: assertion might not hold +DiamondImports.dfy(34,6): Error: assertion could not be proved +DiamondImports.dfy(50,6): Error: assertion could not be proved +DiamondImports.dfy(101,6): Error: assertion could not be proved +DiamondImports.dfy(120,6): Error: assertion could not be proved +DiamondImports.dfy(140,6): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 5 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DirtyLoops.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DirtyLoops.dfy.expect index 576f0185622..3c8cc21fb65 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DirtyLoops.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/DirtyLoops.dfy.expect @@ -43,53 +43,53 @@ DirtyLoops.dfy(452,6): Warning: this loop has no body (loop frame: i, $Heap) DirtyLoops.dfy(468,6): Warning: this loop has no body (loop frame: i, $Heap) DirtyLoops.dfy(485,6): Warning: this loop has no body (loop frame: j, $Heap) DirtyLoops.dfy(515,2): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. -DirtyLoops.dfy(30,2): Error: assertion might not hold -DirtyLoops.dfy(39,2): Error: assertion might not hold -DirtyLoops.dfy(48,2): Error: assertion might not hold -DirtyLoops.dfy(57,2): Error: assertion might not hold -DirtyLoops.dfy(59,2): Error: assertion might not hold -DirtyLoops.dfy(70,2): Error: assertion might not hold -DirtyLoops.dfy(72,2): Error: assertion might not hold -DirtyLoops.dfy(82,2): Error: assertion might not hold -DirtyLoops.dfy(83,2): Error: assertion might not hold -DirtyLoops.dfy(90,2): Error: assertion might not hold -DirtyLoops.dfy(110,2): Error: assertion might not hold -DirtyLoops.dfy(122,2): Error: assertion might not hold -DirtyLoops.dfy(136,2): Error: assertion might not hold -DirtyLoops.dfy(137,2): Error: assertion might not hold -DirtyLoops.dfy(149,2): Error: assertion might not hold -DirtyLoops.dfy(151,2): Error: assertion might not hold -DirtyLoops.dfy(164,2): Error: assertion might not hold -DirtyLoops.dfy(165,2): Error: assertion might not hold -DirtyLoops.dfy(180,2): Error: assertion might not hold -DirtyLoops.dfy(181,2): Error: assertion might not hold -DirtyLoops.dfy(193,2): Error: assertion might not hold -DirtyLoops.dfy(195,2): Error: assertion might not hold -DirtyLoops.dfy(196,2): Error: assertion might not hold -DirtyLoops.dfy(208,2): Error: assertion might not hold -DirtyLoops.dfy(221,2): Error: assertion might not hold -DirtyLoops.dfy(234,2): Error: assertion might not hold -DirtyLoops.dfy(244,2): Error: assertion might not hold -DirtyLoops.dfy(253,2): Error: assertion might not hold -DirtyLoops.dfy(261,2): Error: assertion might not hold -DirtyLoops.dfy(270,2): Error: assertion might not hold -DirtyLoops.dfy(285,2): Error: assertion might not hold -DirtyLoops.dfy(297,2): Error: assertion might not hold -DirtyLoops.dfy(298,2): Error: assertion might not hold -DirtyLoops.dfy(308,2): Error: assertion might not hold -DirtyLoops.dfy(309,2): Error: assertion might not hold -DirtyLoops.dfy(321,2): Error: assertion might not hold -DirtyLoops.dfy(356,2): Error: assertion might not hold -DirtyLoops.dfy(369,2): Error: assertion might not hold -DirtyLoops.dfy(380,2): Error: assertion might not hold +DirtyLoops.dfy(30,2): Error: assertion could not be proved +DirtyLoops.dfy(39,2): Error: assertion could not be proved +DirtyLoops.dfy(48,2): Error: assertion could not be proved +DirtyLoops.dfy(57,2): Error: assertion could not be proved +DirtyLoops.dfy(59,2): Error: assertion could not be proved +DirtyLoops.dfy(70,2): Error: assertion could not be proved +DirtyLoops.dfy(72,2): Error: assertion could not be proved +DirtyLoops.dfy(82,2): Error: assertion could not be proved +DirtyLoops.dfy(83,2): Error: assertion could not be proved +DirtyLoops.dfy(90,2): Error: assertion could not be proved +DirtyLoops.dfy(110,2): Error: assertion could not be proved +DirtyLoops.dfy(122,2): Error: assertion could not be proved +DirtyLoops.dfy(136,2): Error: assertion could not be proved +DirtyLoops.dfy(137,2): Error: assertion could not be proved +DirtyLoops.dfy(149,2): Error: assertion could not be proved +DirtyLoops.dfy(151,2): Error: assertion could not be proved +DirtyLoops.dfy(164,2): Error: assertion could not be proved +DirtyLoops.dfy(165,2): Error: assertion could not be proved +DirtyLoops.dfy(180,2): Error: assertion could not be proved +DirtyLoops.dfy(181,2): Error: assertion could not be proved +DirtyLoops.dfy(193,2): Error: assertion could not be proved +DirtyLoops.dfy(195,2): Error: assertion could not be proved +DirtyLoops.dfy(196,2): Error: assertion could not be proved +DirtyLoops.dfy(208,2): Error: assertion could not be proved +DirtyLoops.dfy(221,2): Error: assertion could not be proved +DirtyLoops.dfy(234,2): Error: assertion could not be proved +DirtyLoops.dfy(244,2): Error: assertion could not be proved +DirtyLoops.dfy(253,2): Error: assertion could not be proved +DirtyLoops.dfy(261,2): Error: assertion could not be proved +DirtyLoops.dfy(270,2): Error: assertion could not be proved +DirtyLoops.dfy(285,2): Error: assertion could not be proved +DirtyLoops.dfy(297,2): Error: assertion could not be proved +DirtyLoops.dfy(298,2): Error: assertion could not be proved +DirtyLoops.dfy(308,2): Error: assertion could not be proved +DirtyLoops.dfy(309,2): Error: assertion could not be proved +DirtyLoops.dfy(321,2): Error: assertion could not be proved +DirtyLoops.dfy(356,2): Error: assertion could not be proved +DirtyLoops.dfy(369,2): Error: assertion could not be proved +DirtyLoops.dfy(380,2): Error: assertion could not be proved DirtyLoops.dfy(401,18): Error: this loop invariant could not be proved on entry Related message: loop invariant violation -DirtyLoops.dfy(414,16): Error: target object might be null -DirtyLoops.dfy(452,6): Error: loop modifies clause might violate context's modifies clause -DirtyLoops.dfy(468,6): Error: loop modifies clause might violate context's modifies clause -DirtyLoops.dfy(485,6): Error: loop modifies clause might violate context's modifies clause -DirtyLoops.dfy(506,22): Error: assertion might not hold -DirtyLoops.dfy(533,2): Error: assertion might not hold +DirtyLoops.dfy(414,16): Error: target object could not be proved to be non-null +DirtyLoops.dfy(452,6): Error: modified object in loop modifies clause could not be proved to be in the current modifies clause +DirtyLoops.dfy(468,6): Error: modified object in loop modifies clause could not be proved to be in the current modifies clause +DirtyLoops.dfy(485,6): Error: modified object in loop modifies clause could not be proved to be in the current modifies clause +DirtyLoops.dfy(506,22): Error: assertion could not be proved +DirtyLoops.dfy(533,2): Error: assertion could not be proved Dafny program verifier finished with 22 verified, 46 errors DirtyLoops.dfy.tmp.dprint.dfy(408,2): Warning: the conclusion of the body of this forall statement will not be known outside the forall statement; consider using an 'ensures' clause diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/EqualityTypesModuleExports.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/EqualityTypesModuleExports.dfy.expect index fe3ec867fce..7f4a124a375 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/EqualityTypesModuleExports.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/EqualityTypesModuleExports.dfy.expect @@ -20,8 +20,8 @@ EqualityTypesModuleExports.dfy(13,23): Error: set argument type must support equ EqualityTypesModuleExports.dfy(32,18): Error: type parameter (X) passed to function Fib must support equality (got Y) (perhaps try declaring type parameter 'Y' on line 26 as 'Y(==)', which says it can only be instantiated with a type that supports equality) EqualityTypesModuleExports.dfy(32,23): Error: set argument type must support equality (got Y) (perhaps try declaring type parameter 'Y' on line 26 as 'Y(==)', which says it can only be instantiated with a type that supports equality) EqualityTypesModuleExports.dfy(34,13): Error: set argument type must support equality (got GG) (perhaps try declaring type parameter 'GG' on line 21 as 'GG(==)', which says it can only be instantiated with a type that supports equality) -EqualityTypesModuleExports.dfy(84,7): Error: type 'Syn4' declared as supporting equality, but the RHS type ((real, A)) might not (perhaps try declaring type parameter 'A' on line 84 as 'A(==)', which says it can only be instantiated with a type that supports equality) -EqualityTypesModuleExports.dfy(92,7): Error: type 'Subset4' declared as supporting equality, but the RHS type ((A, int)) might not (perhaps try declaring type parameter 'A' on line 92 as 'A(==)', which says it can only be instantiated with a type that supports equality) +EqualityTypesModuleExports.dfy(84,7): Error: type 'Syn4' declared as supporting equality, but the RHS type ((real, A)) could not be proved to support equality (perhaps try declaring type parameter 'A' on line 84 as 'A(==)', which says it can only be instantiated with a type that supports equality) +EqualityTypesModuleExports.dfy(92,7): Error: type 'Subset4' declared as supporting equality, but the RHS type ((A, int)) could not be proved to support equality (perhaps try declaring type parameter 'A' on line 92 as 'A(==)', which says it can only be instantiated with a type that supports equality) EqualityTypesModuleExports.dfy(149,7): Error: recursive constraint dependency involving a subset type: SubsetCo -> Co -> SubsetCo EqualityTypesModuleExports.dfy(162,11): Error: type parameter (A) passed to type MyClass must support equality (got Noeq) EqualityTypesModuleExports.dfy(163,11): Error: type parameter (A) passed to type Dt must support equality (got Noeq) @@ -46,18 +46,18 @@ EqualityTypesModuleExports.dfy(284,7): Error: == can only be applied to expressi EqualityTypesModuleExports.dfy(287,7): Error: == can only be applied to expressions of types that support equality (got YT) EqualityTypesModuleExports.dfy(290,7): Error: == can only be applied to expressions of types that support equality (got ZT) EqualityTypesModuleExports.dfy(293,7): Error: == can only be applied to expressions of types that support equality (got WT) -EqualityTypesModuleExports.dfy(318,7): Error: type 'A' declared as supporting equality, but the RHS type (QQQ1.Syn) might not -EqualityTypesModuleExports.dfy(333,7): Error: type 'ExportedType' declared as supporting equality, but the RHS type (PrivateType) might not (perhaps try declaring type parameter 'A' on line 333 as 'A(==)', which says it can only be instantiated with a type that supports equality) +EqualityTypesModuleExports.dfy(318,7): Error: type 'A' declared as supporting equality, but the RHS type (QQQ1.Syn) could not be proved to support equality +EqualityTypesModuleExports.dfy(333,7): Error: type 'ExportedType' declared as supporting equality, but the RHS type (PrivateType) could not be proved to support equality (perhaps try declaring type parameter 'A' on line 333 as 'A(==)', which says it can only be instantiated with a type that supports equality) EqualityTypesModuleExports.dfy(381,4): Error: == can only be applied to expressions of types that support equality (got List) (perhaps try declaring type parameter 'A' on line 379 as 'A(==)', which says it can only be instantiated with a type that supports equality) EqualityTypesModuleExports.dfy(401,9): Warning: this export set is empty (did you perhaps forget the 'provides' or 'reveals' keyword?) EqualityTypesModuleExports.dfy(444,7): Error: type 'Synonym' declared as being nonempty, but the RHS type (Empty) may be empty EqualityTypesModuleExports.dfy(445,7): Error: type 'AnotherSynonym' declared as being nonempty, but the RHS type (Empty) may be empty EqualityTypesModuleExports.dfy(448,7): Error: type 'NESynonym' declared as auto-initialization type, but the RHS type (NonEmpty) does not support auto-initialization EqualityTypesModuleExports.dfy(452,7): Error: type 'NoReference' declared as containing no reference types, but the RHS type (C?) may contain reference types -EqualityTypesModuleExports.dfy(455,7): Error: type 'PipeDreamEquality' declared as supporting equality, but the RHS type (Stream) might not +EqualityTypesModuleExports.dfy(455,7): Error: type 'PipeDreamEquality' declared as supporting equality, but the RHS type (Stream) could not be proved to support equality EqualityTypesModuleExports.dfy(460,7): Error: type 'Subset' declared as being nonempty, but the RHS type (Empty) may be empty EqualityTypesModuleExports.dfy(461,7): Error: type 'AnotherSubset' declared as being nonempty, but the RHS type (Empty) may be empty EqualityTypesModuleExports.dfy(464,7): Error: type 'NESynonym' declared as auto-initialization type, but the RHS type (NonEmpty) does not support auto-initialization EqualityTypesModuleExports.dfy(468,7): Error: type 'NoReference' declared as containing no reference types, but the RHS type (C?) may contain reference types -EqualityTypesModuleExports.dfy(471,7): Error: type 'PipeDreamEquality' declared as supporting equality, but the RHS type (Stream) might not +EqualityTypesModuleExports.dfy(471,7): Error: type 'PipeDreamEquality' declared as supporting equality, but the RHS type (Stream) could not be proved to support equality 61 resolution/type errors detected in EqualityTypesModuleExports.dfy diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ExtremeReads.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ExtremeReads.dfy.expect index 03925a2d138..f58e5b9a278 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ExtremeReads.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ExtremeReads.dfy.expect @@ -1,36 +1,36 @@ -ExtremeReads.dfy(47,12): Error: assertion might not hold +ExtremeReads.dfy(47,12): Error: assertion could not be proved ExtremeReads.dfy(13,21): Related location: this proposition could not be proved -ExtremeReads.dfy(50,12): Error: assertion might not hold +ExtremeReads.dfy(50,12): Error: assertion could not be proved ExtremeReads.dfy(13,21): Related location: this proposition could not be proved -ExtremeReads.dfy(69,12): Error: assertion might not hold +ExtremeReads.dfy(69,12): Error: assertion could not be proved ExtremeReads.dfy(20,21): Related location: this proposition could not be proved -ExtremeReads.dfy(83,12): Error: assertion might not hold +ExtremeReads.dfy(83,12): Error: assertion could not be proved ExtremeReads.dfy(26,3): Related location: this proposition could not be proved -ExtremeReads.dfy(105,12): Error: assertion might not hold +ExtremeReads.dfy(105,12): Error: assertion could not be proved ExtremeReads.dfy(89,3): Related location: this proposition could not be proved -ExtremeReads.dfy(127,16): Error: assertion might not hold +ExtremeReads.dfy(127,16): Error: assertion could not be proved ExtremeReads.dfy(9,19): Related location: this proposition could not be proved -ExtremeReads.dfy(127,16): Error: assertion might not hold +ExtremeReads.dfy(127,16): Error: assertion could not be proved ExtremeReads.dfy(13,21): Related location: this proposition could not be proved -ExtremeReads.dfy(130,16): Error: assertion might not hold +ExtremeReads.dfy(130,16): Error: assertion could not be proved ExtremeReads.dfy(9,19): Related location: this proposition could not be proved -ExtremeReads.dfy(130,16): Error: assertion might not hold +ExtremeReads.dfy(130,16): Error: assertion could not be proved ExtremeReads.dfy(13,21): Related location: this proposition could not be proved -ExtremeReads.dfy(149,16): Error: assertion might not hold +ExtremeReads.dfy(149,16): Error: assertion could not be proved ExtremeReads.dfy(16,19): Related location: this proposition could not be proved -ExtremeReads.dfy(149,16): Error: assertion might not hold +ExtremeReads.dfy(149,16): Error: assertion could not be proved ExtremeReads.dfy(20,21): Related location: this proposition could not be proved -ExtremeReads.dfy(168,16): Error: assertion might not hold +ExtremeReads.dfy(168,16): Error: assertion could not be proved ExtremeReads.dfy(23,19): Related location: this proposition could not be proved -ExtremeReads.dfy(168,16): Error: assertion might not hold +ExtremeReads.dfy(168,16): Error: assertion could not be proved ExtremeReads.dfy(26,3): Related location: this proposition could not be proved -ExtremeReads.dfy(171,16): Error: assertion might not hold +ExtremeReads.dfy(171,16): Error: assertion could not be proved ExtremeReads.dfy(23,19): Related location: this proposition could not be proved -ExtremeReads.dfy(171,16): Error: assertion might not hold +ExtremeReads.dfy(171,16): Error: assertion could not be proved ExtremeReads.dfy(26,3): Related location: this proposition could not be proved -ExtremeReads.dfy(181,16): Error: assertion might not hold +ExtremeReads.dfy(181,16): Error: assertion could not be proved ExtremeReads.dfy(86,16): Related location: this proposition could not be proved -ExtremeReads.dfy(181,16): Error: assertion might not hold +ExtremeReads.dfy(181,16): Error: assertion could not be proved ExtremeReads.dfy(89,3): Related location: this proposition could not be proved Dafny program verifier finished with 10 verified, 17 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ForLoops.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ForLoops.dfy.expect index be4f6d62afc..f034224f946 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ForLoops.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ForLoops.dfy.expect @@ -3,9 +3,9 @@ ForLoops.dfy(342,2): Warning: this loop has no body (loop frame: i, j) ForLoops.dfy(351,2): Warning: this loop has no body (loop frame: i, j) ForLoops.dfy(360,2): Warning: this loop has no body (loop frame: i, j) ForLoops.dfy(369,2): Warning: this loop has no body (loop frame: i, x) -ForLoops.dfy(19,4): Error: assertion might not hold +ForLoops.dfy(19,4): Error: assertion could not be proved ForLoops.dfy(24,11): Error: lower bound must not exceed upper bound -ForLoops.dfy(116,4): Error: assertion might not hold +ForLoops.dfy(116,4): Error: assertion could not be proved ForLoops.dfy(150,17): Error: possible division by zero ForLoops.dfy(155,21): Error: lower bound must not exceed upper bound ForLoops.dfy(204,6): Error: entire range must be assignable to index variable, but some value does not satisfy the subset constraints of 'Even' @@ -18,16 +18,16 @@ ForLoops.dfy(272,8): Error: entire range must be assignable to index variable, b ForLoops.dfy(275,8): Error: entire range must be assignable to index variable, but some value does not satisfy the subset constraints of 'nat' ForLoops.dfy(287,8): Error: entire range must be assignable to index variable, but some value does not satisfy the subset constraints of 'NotSeven' ForLoops.dfy(290,8): Error: entire range must be assignable to index variable, but some value does not satisfy the subset constraints of 'NotSeven' -ForLoops.dfy(298,22): Error: result of operation might violate newtype constraint for 'byte' -ForLoops.dfy(306,17): Error: result of operation might violate newtype constraint for 'byte' -ForLoops.dfy(311,16): Error: result of operation might violate newtype constraint for 'byte' -ForLoops.dfy(344,2): Error: assertion might not hold -ForLoops.dfy(362,2): Error: assertion might not hold -ForLoops.dfy(372,2): Error: assertion might not hold +ForLoops.dfy(298,22): Error: result of operation could not be proved to satisfy newtype constraint for 'byte' +ForLoops.dfy(306,17): Error: result of operation could not be proved to satisfy newtype constraint for 'byte' +ForLoops.dfy(311,16): Error: result of operation could not be proved to satisfy newtype constraint for 'byte' +ForLoops.dfy(344,2): Error: assertion could not be proved +ForLoops.dfy(362,2): Error: assertion could not be proved +ForLoops.dfy(372,2): Error: assertion could not be proved ForLoops.dfy(415,28): Error: this invariant could not be proved to be maintained by the loop Related message: loop invariant violation ForLoops.dfy(434,26): Error: decreases expression must be bounded below by 0 at end of loop iteration ForLoops.dfy(443,18): Error: decreases expression must be bounded below by 0 at end of loop iteration -ForLoops.dfy(457,2): Error: assertion might not hold +ForLoops.dfy(457,2): Error: assertion could not be proved Dafny program verifier finished with 23 verified, 25 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ForallStmt.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ForallStmt.dfy.expect index 09881bdfc2d..b7052628cd6 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ForallStmt.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ForallStmt.dfy.expect @@ -1,13 +1,13 @@ ForallStmt.dfy(33,9): Error: a precondition for this call could not be proved ForallStmt.dfy(59,13): Related location: this is the precondition that could not be proved -ForallStmt.dfy(37,4): Error: target object might be null +ForallStmt.dfy(37,4): Error: target object could not be proved to be non-null ForallStmt.dfy(41,17): Error: possible violation of postcondition of forall statement -ForallStmt.dfy(46,6): Error: assertion might not hold -ForallStmt.dfy(91,4): Error: assertion might not hold +ForallStmt.dfy(46,6): Error: assertion could not be proved +ForallStmt.dfy(91,4): Error: assertion could not be proved ForallStmt.dfy(97,19): Error: possible violation of postcondition of forall statement ForallStmt.dfy(119,11): Error: value does not satisfy the subset constraints of 'nat' -ForallStmt.dfy(182,11): Error: left-hand sides for different forall-statement bound variables might refer to the same location (and right-hand sides might not be equivalent) -ForallStmt.dfy(303,14): Error: assertion might not hold +ForallStmt.dfy(182,11): Error: left-hand sides for different forall-statement bound variables could not be proved to refer to different locations (and right-hand sides could not be proved to be equivalent) +ForallStmt.dfy(303,14): Error: assertion could not be proved ForallStmt.dfy(290,32): Related location: this proposition could not be proved Dafny program verifier finished with 19 verified, 9 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ForbidNondeterminism.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ForbidNondeterminism.dfy.expect index 2cd5cf89b77..6a7ea53ad19 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ForbidNondeterminism.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ForbidNondeterminism.dfy.expect @@ -1,6 +1,6 @@ -ForbidNondeterminism.dfy(9,2): Error: field 'y', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body +ForbidNondeterminism.dfy(9,2): Error: field 'y', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body ForbidNondeterminism.dfy(14,11): Error: unless an initializer is provided for the array elements, a new array of 'int' must have empty size ForbidNondeterminism.dfy(15,11): Error: unless an initializer is provided for the array elements, a new array of 'bool' must have empty size -ForbidNondeterminism.dfy(23,2): Error: field 'data', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body +ForbidNondeterminism.dfy(23,2): Error: field 'data', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body Dafny program verifier finished with 0 verified, 4 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Fuel.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Fuel.dfy.expect index ef4a432d124..a585520fb5e 100755 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Fuel.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Fuel.dfy.expect @@ -1,20 +1,20 @@ -Fuel.dfy(17,22): Error: assertion might not hold -Fuel.dfy(66,27): Error: assertion might not hold -Fuel.dfy(71,27): Error: assertion might not hold -Fuel.dfy(92,22): Error: assertion might not hold -Fuel.dfy(93,23): Error: assertion might not hold -Fuel.dfy(94,22): Error: assertion might not hold +Fuel.dfy(17,22): Error: assertion could not be proved +Fuel.dfy(66,27): Error: assertion could not be proved +Fuel.dfy(71,27): Error: assertion could not be proved +Fuel.dfy(92,22): Error: assertion could not be proved +Fuel.dfy(93,23): Error: assertion could not be proved +Fuel.dfy(94,22): Error: assertion could not be proved Fuel.dfy(129,8): Error: Fuel can only increase within a given scope. -Fuel.dfy(120,22): Error: assertion might not hold -Fuel.dfy(121,23): Error: assertion might not hold -Fuel.dfy(122,22): Error: assertion might not hold -Fuel.dfy(132,26): Error: assertion might not hold -Fuel.dfy(133,26): Error: assertion might not hold -Fuel.dfy(157,22): Error: assertion might not hold -Fuel.dfy(200,55): Error: assertion might not hold -Fuel.dfy(245,22): Error: assertion might not hold -Fuel.dfy(247,22): Error: assertion might not hold -Fuel.dfy(280,26): Error: assertion might not hold +Fuel.dfy(120,22): Error: assertion could not be proved +Fuel.dfy(121,23): Error: assertion could not be proved +Fuel.dfy(122,22): Error: assertion could not be proved +Fuel.dfy(132,26): Error: assertion could not be proved +Fuel.dfy(133,26): Error: assertion could not be proved +Fuel.dfy(157,22): Error: assertion could not be proved +Fuel.dfy(200,55): Error: assertion could not be proved +Fuel.dfy(245,22): Error: assertion could not be proved +Fuel.dfy(247,22): Error: assertion could not be proved +Fuel.dfy(280,26): Error: assertion could not be proved Fuel.dfy(335,40): Error: function precondition could not be proved Fuel.dfy(324,33): Related location: this proposition could not be proved Fuel.dfy(312,43): Related location: this proposition could not be proved @@ -57,11 +57,11 @@ Fuel.dfy(329,33): Related location: this proposition could not be proved Fuel.dfy(314,105): Related location: this proposition could not be proved Fuel.dfy(336,71): Error: index out of range Fuel.dfy(407,8): Error: Fuel can only increase within a given scope. -Fuel.dfy(397,22): Error: assertion might not hold -Fuel.dfy(398,22): Error: assertion might not hold -Fuel.dfy(399,23): Error: assertion might not hold -Fuel.dfy(435,22): Error: assertion might not hold -Fuel.dfy(436,22): Error: assertion might not hold -Fuel.dfy(437,23): Error: assertion might not hold +Fuel.dfy(397,22): Error: assertion could not be proved +Fuel.dfy(398,22): Error: assertion could not be proved +Fuel.dfy(399,23): Error: assertion could not be proved +Fuel.dfy(435,22): Error: assertion could not be proved +Fuel.dfy(436,22): Error: assertion could not be proved +Fuel.dfy(437,23): Error: assertion could not be proved Dafny program verifier finished with 31 verified, 39 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/FunctionSpecifications.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/FunctionSpecifications.dfy.expect index 203a0aa2d9c..73128e069af 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/FunctionSpecifications.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/FunctionSpecifications.dfy.expect @@ -3,14 +3,14 @@ FunctionSpecifications.dfy(31,12): Related location: this is the postcondition t FunctionSpecifications.dfy(61,23): Error: cannot prove termination; try supplying a decreases clause FunctionSpecifications.dfy(71,4): Error: a postcondition could not be proved on this return path FunctionSpecifications.dfy(69,40): Related location: this is the postcondition that could not be proved -FunctionSpecifications.dfy(117,2): Error: assertion might not hold -FunctionSpecifications.dfy(120,2): Error: assertion might not hold -FunctionSpecifications.dfy(135,26): Error: assertion might not hold -FunctionSpecifications.dfy(139,26): Error: assertion might not hold +FunctionSpecifications.dfy(117,2): Error: assertion could not be proved +FunctionSpecifications.dfy(120,2): Error: assertion could not be proved +FunctionSpecifications.dfy(135,26): Error: assertion could not be proved +FunctionSpecifications.dfy(139,26): Error: assertion could not be proved FunctionSpecifications.dfy(148,4): Error: a postcondition could not be proved on this return path FunctionSpecifications.dfy(146,28): Related location: this is the postcondition that could not be proved -FunctionSpecifications.dfy(155,3): Error: decreases clause might not decrease -FunctionSpecifications.dfy(162,3): Error: decreases clause might not decrease +FunctionSpecifications.dfy(155,3): Error: decreases clause could not be proved to decrease +FunctionSpecifications.dfy(162,3): Error: decreases clause could not be proved to decrease FunctionSpecifications.dfy(167,3): Error: cannot prove termination; try supplying a decreases clause Dafny program verifier finished with 11 verified, 11 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GeneralNewtypeMemberVerify.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GeneralNewtypeMemberVerify.dfy.expect index 911d5cb8961..8c0ec1ff452 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GeneralNewtypeMemberVerify.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GeneralNewtypeMemberVerify.dfy.expect @@ -1,3 +1,3 @@ -GeneralNewtypeMemberVerify.dfy(16,4): Error: assertion might not hold +GeneralNewtypeMemberVerify.dfy(16,4): Error: assertion could not be proved Dafny program verifier finished with 19 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GeneralNewtypeMemberVerifyReal.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GeneralNewtypeMemberVerifyReal.dfy.expect index 5d6b552c833..fb0583c3854 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GeneralNewtypeMemberVerifyReal.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GeneralNewtypeMemberVerifyReal.dfy.expect @@ -1,4 +1,4 @@ -GeneralNewtypeMemberVerifyReal.dfy(27,6): Error: assertion might not hold -GeneralNewtypeMemberVerifyReal.dfy(38,27): Error: result of operation might violate newtype constraint for 'NonNegativeReal' +GeneralNewtypeMemberVerifyReal.dfy(27,6): Error: assertion could not be proved +GeneralNewtypeMemberVerifyReal.dfy(38,27): Error: result of operation could not be proved to satisfy newtype constraint for 'NonNegativeReal' Dafny program verifier finished with 2 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GeneralNewtypeVerify.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GeneralNewtypeVerify.dfy.expect index 4d93e91e7cf..efa9a48df9e 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GeneralNewtypeVerify.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GeneralNewtypeVerify.dfy.expect @@ -1,62 +1,62 @@ -GeneralNewtypeVerify.dfy(10,4): Error: assertion might not hold -GeneralNewtypeVerify.dfy(20,21): Error: result of operation might violate newtype constraint for 'NoBool' +GeneralNewtypeVerify.dfy(10,4): Error: assertion could not be proved +GeneralNewtypeVerify.dfy(20,21): Error: result of operation could not be proved to satisfy newtype constraint for 'NoBool' GeneralNewtypeVerify.dfy(32,11): Error: cannot prove termination; try supplying a decreases clause -GeneralNewtypeVerify.dfy(73,9): Error: result of operation might violate newtype constraint for 'TrueBool' -GeneralNewtypeVerify.dfy(98,20): Error: result of operation might violate newtype constraint for 'TrueBool' -GeneralNewtypeVerify.dfy(109,27): Error: result of operation might violate newtype constraint for 'FalseBool' -GeneralNewtypeVerify.dfy(117,37): Error: result of operation might violate newtype constraint for 'FalseBool' -GeneralNewtypeVerify.dfy(119,35): Error: result of operation might violate newtype constraint for 'TrueBool' -GeneralNewtypeVerify.dfy(127,21): Error: result of operation might violate newtype constraint for 'TrueBool' -GeneralNewtypeVerify.dfy(129,21): Error: result of operation might violate newtype constraint for 'TrueBool' -GeneralNewtypeVerify.dfy(131,17): Error: result of operation might violate newtype constraint for 'FalseBool' -GeneralNewtypeVerify.dfy(133,21): Error: result of operation might violate newtype constraint for 'FalseBool' -GeneralNewtypeVerify.dfy(145,15): Error: result of operation might violate newtype constraint for 'TrueBool' -GeneralNewtypeVerify.dfy(149,20): Error: result of operation might violate newtype constraint for 'FalseBool' -GeneralNewtypeVerify.dfy(154,33): Error: result of operation might violate newtype constraint for 'TrueBool' -GeneralNewtypeVerify.dfy(167,13): Error: result of operation might violate newtype constraint for 'TrueBool' -GeneralNewtypeVerify.dfy(169,13): Error: result of operation might violate newtype constraint for 'TrueBool' -GeneralNewtypeVerify.dfy(171,13): Error: result of operation might violate newtype constraint for 'FalseBool' -GeneralNewtypeVerify.dfy(173,13): Error: result of operation might violate newtype constraint for 'FalseBool' +GeneralNewtypeVerify.dfy(73,9): Error: result of operation could not be proved to satisfy newtype constraint for 'TrueBool' +GeneralNewtypeVerify.dfy(98,20): Error: result of operation could not be proved to satisfy newtype constraint for 'TrueBool' +GeneralNewtypeVerify.dfy(109,27): Error: result of operation could not be proved to satisfy newtype constraint for 'FalseBool' +GeneralNewtypeVerify.dfy(117,37): Error: result of operation could not be proved to satisfy newtype constraint for 'FalseBool' +GeneralNewtypeVerify.dfy(119,35): Error: result of operation could not be proved to satisfy newtype constraint for 'TrueBool' +GeneralNewtypeVerify.dfy(127,21): Error: result of operation could not be proved to satisfy newtype constraint for 'TrueBool' +GeneralNewtypeVerify.dfy(129,21): Error: result of operation could not be proved to satisfy newtype constraint for 'TrueBool' +GeneralNewtypeVerify.dfy(131,17): Error: result of operation could not be proved to satisfy newtype constraint for 'FalseBool' +GeneralNewtypeVerify.dfy(133,21): Error: result of operation could not be proved to satisfy newtype constraint for 'FalseBool' +GeneralNewtypeVerify.dfy(145,15): Error: result of operation could not be proved to satisfy newtype constraint for 'TrueBool' +GeneralNewtypeVerify.dfy(149,20): Error: result of operation could not be proved to satisfy newtype constraint for 'FalseBool' +GeneralNewtypeVerify.dfy(154,33): Error: result of operation could not be proved to satisfy newtype constraint for 'TrueBool' +GeneralNewtypeVerify.dfy(167,13): Error: result of operation could not be proved to satisfy newtype constraint for 'TrueBool' +GeneralNewtypeVerify.dfy(169,13): Error: result of operation could not be proved to satisfy newtype constraint for 'TrueBool' +GeneralNewtypeVerify.dfy(171,13): Error: result of operation could not be proved to satisfy newtype constraint for 'FalseBool' +GeneralNewtypeVerify.dfy(173,13): Error: result of operation could not be proved to satisfy newtype constraint for 'FalseBool' GeneralNewtypeVerify.dfy(179,13): Error: prefix-equality limit must be at least 0 -GeneralNewtypeVerify.dfy(196,4): Error: assertion might not hold -GeneralNewtypeVerify.dfy(247,21): Error: result of operation might violate newtype constraint for 'UpperCase' -GeneralNewtypeVerify.dfy(266,13): Error: result of operation might violate subset type constraint for 'Subset' -GeneralNewtypeVerify.dfy(268,13): Error: result of operation might violate newtype constraint for 'MyChar' -GeneralNewtypeVerify.dfy(272,13): Error: result of operation might violate newtype constraint for 'MyChar' -GeneralNewtypeVerify.dfy(283,15): Error: result of operation might violate subset type constraint for 'NotRSubset' -GeneralNewtypeVerify.dfy(293,15): Error: result of operation might violate newtype constraint for 'NotRNewtype' -GeneralNewtypeVerify.dfy(317,14): Error: result of operation might violate newtype constraint for 'BV' +GeneralNewtypeVerify.dfy(196,4): Error: assertion could not be proved +GeneralNewtypeVerify.dfy(247,21): Error: result of operation could not be proved to satisfy newtype constraint for 'UpperCase' +GeneralNewtypeVerify.dfy(266,13): Error: result of operation could not be proved to satisfy subset type constraint for 'Subset' +GeneralNewtypeVerify.dfy(268,13): Error: result of operation could not be proved to satisfy newtype constraint for 'MyChar' +GeneralNewtypeVerify.dfy(272,13): Error: result of operation could not be proved to satisfy newtype constraint for 'MyChar' +GeneralNewtypeVerify.dfy(283,15): Error: result of operation could not be proved to satisfy subset type constraint for 'NotRSubset' +GeneralNewtypeVerify.dfy(293,15): Error: result of operation could not be proved to satisfy newtype constraint for 'NotRNewtype' +GeneralNewtypeVerify.dfy(317,14): Error: result of operation could not be proved to satisfy newtype constraint for 'BV' GeneralNewtypeVerify.dfy(329,24): Error: possible division by zero -GeneralNewtypeVerify.dfy(330,12): Error: result of operation might violate newtype constraint for 'BV' -GeneralNewtypeVerify.dfy(330,25): Error: result of operation might violate newtype constraint for 'BV' +GeneralNewtypeVerify.dfy(330,12): Error: result of operation could not be proved to satisfy newtype constraint for 'BV' +GeneralNewtypeVerify.dfy(330,25): Error: result of operation could not be proved to satisfy newtype constraint for 'BV' GeneralNewtypeVerify.dfy(351,11): Error: shift amount must not exceed the width of the result (5) GeneralNewtypeVerify.dfy(352,11): Error: shift amount must not exceed the width of the result (5) GeneralNewtypeVerify.dfy(354,13): Error: shift amount must be non-negative GeneralNewtypeVerify.dfy(361,23): Error: rotate amount must be non-negative GeneralNewtypeVerify.dfy(364,22): Error: rotate amount must not exceed the width of the result (5) -GeneralNewtypeVerify.dfy(367,27): Error: result of operation might violate subset type constraint for 'nat' -GeneralNewtypeVerify.dfy(371,35): Error: result of operation might violate newtype constraint for 'BV' +GeneralNewtypeVerify.dfy(367,27): Error: result of operation could not be proved to satisfy subset type constraint for 'nat' +GeneralNewtypeVerify.dfy(371,35): Error: result of operation could not be proved to satisfy newtype constraint for 'BV' GeneralNewtypeVerify.dfy(490,7): Error: cannot find witness that shows type is inhabited; try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type GeneralNewtypeVerify.dfy(491,10): Error: cannot find witness that shows type is inhabited; try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type -GeneralNewtypeVerify.dfy(496,7): Error: trying witness 0: result of operation might violate subset type constraint for 'Never' -GeneralNewtypeVerify.dfy(507,10): Error: trying witness 0: result of operation might violate newtype constraint for 'Never' -GeneralNewtypeVerify.dfy(518,10): Error: trying witness 0: result of operation might violate newtype constraint for 'Never' +GeneralNewtypeVerify.dfy(496,7): Error: trying witness 0: result of operation could not be proved to satisfy subset type constraint for 'Never' +GeneralNewtypeVerify.dfy(507,10): Error: trying witness 0: result of operation could not be proved to satisfy newtype constraint for 'Never' +GeneralNewtypeVerify.dfy(518,10): Error: trying witness 0: result of operation could not be proved to satisfy newtype constraint for 'Never' GeneralNewtypeVerify.dfy(536,38): Error: function precondition could not be proved GeneralNewtypeVerify.dfy(529,15): Related location GeneralNewtypeVerify.dfy(548,41): Error: function precondition could not be proved GeneralNewtypeVerify.dfy(541,15): Related location -GeneralNewtypeVerify.dfy(555,10): Error: trying witness 0: result of operation might violate newtype constraint for 'A' -GeneralNewtypeVerify.dfy(560,24): Error: result of operation might violate newtype constraint for 'A' -GeneralNewtypeVerify.dfy(561,30): Error: result of operation might violate newtype constraint for 'A' -GeneralNewtypeVerify.dfy(578,32): Error: result of operation might violate newtype constraint for 'MyChar' +GeneralNewtypeVerify.dfy(555,10): Error: trying witness 0: result of operation could not be proved to satisfy newtype constraint for 'A' +GeneralNewtypeVerify.dfy(560,24): Error: result of operation could not be proved to satisfy newtype constraint for 'A' +GeneralNewtypeVerify.dfy(561,30): Error: result of operation could not be proved to satisfy newtype constraint for 'A' +GeneralNewtypeVerify.dfy(578,32): Error: result of operation could not be proved to satisfy newtype constraint for 'MyChar' GeneralNewtypeVerify.dfy(580,26): Error: value does not satisfy the subset constraints of 'MyChar' -GeneralNewtypeVerify.dfy(582,35): Error: result of operation might violate newtype constraint for 'MyChar' +GeneralNewtypeVerify.dfy(582,35): Error: result of operation could not be proved to satisfy newtype constraint for 'MyChar' GeneralNewtypeVerify.dfy(584,29): Error: value does not satisfy the subset constraints of 'MyChar' GeneralNewtypeVerify.dfy(590,32): Error: value does not satisfy the subset constraints of 'LowerCase' -GeneralNewtypeVerify.dfy(599,26): Error: result of operation might violate newtype constraint for 'MyString' -GeneralNewtypeVerify.dfy(609,26): Error: result of operation might violate newtype constraint for 'MyString' -GeneralNewtypeVerify.dfy(611,26): Error: result of operation might violate newtype constraint for 'MyString' -GeneralNewtypeVerify.dfy(623,28): Error: result of operation might violate newtype constraint for 'LowerCase' -GeneralNewtypeVerify.dfy(625,25): Error: result of operation might violate newtype constraint for 'MyChar' +GeneralNewtypeVerify.dfy(599,26): Error: result of operation could not be proved to satisfy newtype constraint for 'MyString' +GeneralNewtypeVerify.dfy(609,26): Error: result of operation could not be proved to satisfy newtype constraint for 'MyString' +GeneralNewtypeVerify.dfy(611,26): Error: result of operation could not be proved to satisfy newtype constraint for 'MyString' +GeneralNewtypeVerify.dfy(623,28): Error: result of operation could not be proved to satisfy newtype constraint for 'LowerCase' +GeneralNewtypeVerify.dfy(625,25): Error: result of operation could not be proved to satisfy newtype constraint for 'MyChar' Dafny program verifier finished with 43 verified, 58 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GhostAllocations.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GhostAllocations.dfy.expect index 582ee6bc26a..31cb7279a8f 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GhostAllocations.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GhostAllocations.dfy.expect @@ -1,18 +1,18 @@ GhostAllocations.dfy(88,11): Warning: the modify statement with a block statement is deprecated GhostAllocations.dfy(99,13): Warning: the modify statement with a block statement is deprecated -GhostAllocations.dfy(28,4): Error: assertion might not hold -GhostAllocations.dfy(31,4): Error: assertion might not hold -GhostAllocations.dfy(63,2): Error: assertion might not hold -GhostAllocations.dfy(76,2): Error: assertion might not hold -GhostAllocations.dfy(82,2): Error: assertion might not hold -GhostAllocations.dfy(93,2): Error: assertion might not hold -GhostAllocations.dfy(105,2): Error: assertion might not hold -GhostAllocations.dfy(138,2): Error: field 'g', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body -GhostAllocations.dfy(177,2): Error: field 'h', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body -GhostAllocations.dfy(180,2): Error: field 'g', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body -GhostAllocations.dfy(180,2): Error: field 'h', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body -GhostAllocations.dfy(184,2): Error: field 'h', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body -GhostAllocations.dfy(187,2): Error: field 'g', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body -GhostAllocations.dfy(187,2): Error: field 'h', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body +GhostAllocations.dfy(28,4): Error: assertion could not be proved +GhostAllocations.dfy(31,4): Error: assertion could not be proved +GhostAllocations.dfy(63,2): Error: assertion could not be proved +GhostAllocations.dfy(76,2): Error: assertion could not be proved +GhostAllocations.dfy(82,2): Error: assertion could not be proved +GhostAllocations.dfy(93,2): Error: assertion could not be proved +GhostAllocations.dfy(105,2): Error: assertion could not be proved +GhostAllocations.dfy(138,2): Error: field 'g', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body +GhostAllocations.dfy(177,2): Error: field 'h', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body +GhostAllocations.dfy(180,2): Error: field 'g', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body +GhostAllocations.dfy(180,2): Error: field 'h', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body +GhostAllocations.dfy(184,2): Error: field 'h', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body +GhostAllocations.dfy(187,2): Error: field 'g', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body +GhostAllocations.dfy(187,2): Error: field 'h', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body Dafny program verifier finished with 6 verified, 14 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GhostAutoInit.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GhostAutoInit.dfy.expect index 7cb74e2f668..c5352f87c72 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GhostAutoInit.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GhostAutoInit.dfy.expect @@ -1,45 +1,45 @@ -GhostAutoInit.dfy(22,15): Error: variable 'a', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(24,15): Error: variable 'b', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(35,21): Error: variable 'a', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(48,21): Error: variable 'a', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(50,21): Error: variable 'b', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(61,20): Error: variable 'a', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(63,20): Error: variable 'b', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(76,25): Error: variable 'a', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(78,25): Error: variable 'b', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(91,25): Error: variable 'a', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(112,15): Error: variable 'a', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(114,15): Error: variable 'b', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(125,21): Error: variable 'a', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(138,21): Error: variable 'a', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(140,21): Error: variable 'b', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(153,2): Error: out-parameter 'e', which is subject to definite-assignment rules, might be uninitialized at this return point +GhostAutoInit.dfy(22,15): Error: variable 'a', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(24,15): Error: variable 'b', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(35,21): Error: variable 'a', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(48,21): Error: variable 'a', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(50,21): Error: variable 'b', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(61,20): Error: variable 'a', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(63,20): Error: variable 'b', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(76,25): Error: variable 'a', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(78,25): Error: variable 'b', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(91,25): Error: variable 'a', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(112,15): Error: variable 'a', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(114,15): Error: variable 'b', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(125,21): Error: variable 'a', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(138,21): Error: variable 'a', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(140,21): Error: variable 'b', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(153,2): Error: out-parameter 'e', which is subject to definite-assignment rules, could not be proved to be initialized at this return point GhostAutoInit.dfy(161,21): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. -GhostAutoInit.dfy(162,2): Error: out-parameter 'e', which is subject to definite-assignment rules, might be uninitialized at this return point -GhostAutoInit.dfy(174,2): Error: out-parameter 'c', which is subject to definite-assignment rules, might be uninitialized at this return point -GhostAutoInit.dfy(174,2): Error: out-parameter 'd', which is subject to definite-assignment rules, might be uninitialized at this return point -GhostAutoInit.dfy(174,2): Error: out-parameter 'h', which is subject to definite-assignment rules, might be uninitialized at this return point -GhostAutoInit.dfy(179,20): Error: variable 'm', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(182,20): Error: variable 'x', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(182,25): Error: variable 'y', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(191,20): Error: variable 'x', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(191,25): Error: variable 'y', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(192,2): Error: out-parameter 'h', which is subject to definite-assignment rules, might be uninitialized at this return point -GhostAutoInit.dfy(197,2): Error: out-parameter 'c', which is subject to definite-assignment rules, might be uninitialized at this return point -GhostAutoInit.dfy(197,2): Error: out-parameter 'd', which is subject to definite-assignment rules, might be uninitialized at this return point -GhostAutoInit.dfy(197,2): Error: out-parameter 'h', which is subject to definite-assignment rules, might be uninitialized at this return point -GhostAutoInit.dfy(206,22): Error: variable 'x', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(206,27): Error: variable 'y', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(218,22): Error: variable 'x', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(218,27): Error: variable 'y', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(233,26): Error: variable 'x', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(233,31): Error: variable 'y', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(244,11): Error: variable 'm', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(244,17): Error: variable 'x', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(244,20): Error: variable 'y', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(257,23): Error: variable 'm', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(257,29): Error: variable 'x', which is subject to definite-assignment rules, might be uninitialized here -GhostAutoInit.dfy(257,32): Error: variable 'y', which is subject to definite-assignment rules, might be uninitialized here +GhostAutoInit.dfy(162,2): Error: out-parameter 'e', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +GhostAutoInit.dfy(174,2): Error: out-parameter 'c', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +GhostAutoInit.dfy(174,2): Error: out-parameter 'd', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +GhostAutoInit.dfy(174,2): Error: out-parameter 'h', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +GhostAutoInit.dfy(179,20): Error: variable 'm', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(182,20): Error: variable 'x', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(182,25): Error: variable 'y', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(191,20): Error: variable 'x', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(191,25): Error: variable 'y', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(192,2): Error: out-parameter 'h', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +GhostAutoInit.dfy(197,2): Error: out-parameter 'c', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +GhostAutoInit.dfy(197,2): Error: out-parameter 'd', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +GhostAutoInit.dfy(197,2): Error: out-parameter 'h', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +GhostAutoInit.dfy(206,22): Error: variable 'x', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(206,27): Error: variable 'y', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(218,22): Error: variable 'x', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(218,27): Error: variable 'y', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(233,26): Error: variable 'x', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(233,31): Error: variable 'y', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(244,11): Error: variable 'm', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(244,17): Error: variable 'x', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(244,20): Error: variable 'y', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(257,23): Error: variable 'm', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(257,29): Error: variable 'x', which is subject to definite-assignment rules, could not be proved to be initialized here +GhostAutoInit.dfy(257,32): Error: variable 'y', which is subject to definite-assignment rules, could not be proved to be initialized here GhostAutoInit.dfy(282,7): Error: cannot find witness that shows type is inhabited (only tried 0); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type GhostAutoInit.dfy(298,2): Error: a postcondition could not be proved on this return path GhostAutoInit.dfy(297,12): Related location: this is the postcondition that could not be proved @@ -48,8 +48,8 @@ GhostAutoInit.dfy(308,9): Error: value does not satisfy the subset constraints o GhostAutoInit.dfy(315,9): Error: value does not satisfy the subset constraints of 'nat' GhostAutoInit.dfy(322,9): Error: value does not satisfy the subset constraints of 'nat' GhostAutoInit.dfy(329,9): Error: value does not satisfy the subset constraints of 'nat' -GhostAutoInit.dfy(331,19): Error: variable 'cell', which is subject to definite-assignment rules, might be uninitialized here +GhostAutoInit.dfy(331,19): Error: variable 'cell', which is subject to definite-assignment rules, could not be proved to be initialized here GhostAutoInit.dfy(332,11): Error: value does not satisfy the subset constraints of 'nat' -GhostAutoInit.dfy(335,19): Error: variable 'e', which is subject to definite-assignment rules, might be uninitialized here +GhostAutoInit.dfy(335,19): Error: variable 'e', which is subject to definite-assignment rules, could not be proved to be initialized here Dafny program verifier finished with 7 verified, 52 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GhostDatatypeConstructors-Verification.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GhostDatatypeConstructors-Verification.dfy.expect index 40ae5533b61..850cd984ff4 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GhostDatatypeConstructors-Verification.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/GhostDatatypeConstructors-Verification.dfy.expect @@ -9,8 +9,8 @@ GhostDatatypeConstructors-Verification.dfy(81,14): Error: in a compiled context, GhostDatatypeConstructors-Verification.dfy(89,14): Error: in a compiled context, update of 'z' cannot be applied to a datatype value of a ghost variant (ghost constructor 'G1') GhostDatatypeConstructors-Verification.dfy(91,14): Error: in a compiled context, update of 'z' and 'y' cannot be applied to a datatype value of a ghost variant (ghost constructor 'G1') GhostDatatypeConstructors-Verification.dfy(99,14): Error: source of datatype update must be constructed by 'D0' -GhostDatatypeConstructors-Verification.dfy(120,2): Error: out-parameter 'g', which is subject to definite-assignment rules, might be uninitialized at this return point -GhostDatatypeConstructors-Verification.dfy(123,2): Error: out-parameter 'g', which is subject to definite-assignment rules, might be uninitialized at this return point +GhostDatatypeConstructors-Verification.dfy(120,2): Error: out-parameter 'g', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +GhostDatatypeConstructors-Verification.dfy(123,2): Error: out-parameter 'g', which is subject to definite-assignment rules, could not be proved to be initialized at this return point GhostDatatypeConstructors-Verification.dfy(143,9): Error: in a compiled context, discriminator 'C?' cannot be applied to a datatype value of a ghost variant (ghost constructor 'A') GhostDatatypeConstructors-Verification.dfy(170,10): Error: in a compiled context, equality cannot be applied to a datatype value of a ghost variant (ghost constructor 'G0' or 'G1') GhostDatatypeConstructors-Verification.dfy(186,11): Error: in a compiled context, equality cannot be applied to a datatype value of a ghost variant (ghost constructor 'EnumA') diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/IMaps.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/IMaps.dfy.expect index b7dbafac97d..43a88ed14da 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/IMaps.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/IMaps.dfy.expect @@ -2,6 +2,6 @@ IMaps.dfy(36,18): Warning: Could not find a trigger for this quantifier. Without IMaps.dfy(36,49): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. IMaps.dfy(51,18): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. IMaps.dfy(79,33): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. -IMaps.dfy(52,7): Error: element might not be in domain +IMaps.dfy(52,7): Error: element could not be proved to be in domain Dafny program verifier finished with 14 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Include.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Include.dfy.expect index 8566787a1da..d0ef57b984d 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Include.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Include.dfy.expect @@ -1,7 +1,7 @@ Include.dfy(32,7): Warning: the ... refinement feature in statements is deprecated Include.dfy(22,6): Error: a postcondition could not be proved on this return path Includee.dfy(17,19): Related location: this is the postcondition that could not be proved -Includee.dfy(22,15): Error: assertion might not hold +Includee.dfy(22,15): Error: assertion could not be proved Include.dfy(18,7): Related location: refining module Include.dfy(28,6): Error: a postcondition could not be proved on this return path Includee.dfy(20,14): Related location: this is the postcondition that could not be proved @@ -11,13 +11,13 @@ Dafny program verifier finished with 1 verified, 3 errors Include.dfy(32,7): Warning: the ... refinement feature in statements is deprecated Includee.dfy(6,0): Error: a postcondition could not be proved on this return path Includee.dfy(5,12): Related location: this is the postcondition that could not be proved -Includee.dfy(7,0): Error: out-parameter 'y', which is subject to definite-assignment rules, might be uninitialized at this return point +Includee.dfy(7,0): Error: out-parameter 'y', which is subject to definite-assignment rules, could not be proved to be initialized at this return point Includee.dfy(21,2): Error: a postcondition could not be proved on this return path Includee.dfy(20,14): Related location: this is the postcondition that could not be proved -Includee.dfy(24,4): Error: assertion might not hold +Includee.dfy(24,4): Error: assertion could not be proved Include.dfy(22,6): Error: a postcondition could not be proved on this return path Includee.dfy(17,19): Related location: this is the postcondition that could not be proved -Includee.dfy(22,15): Error: assertion might not hold +Includee.dfy(22,15): Error: assertion could not be proved Include.dfy(18,7): Related location: refining module Include.dfy(28,6): Error: a postcondition could not be proved on this return path Includee.dfy(20,14): Related location: this is the postcondition that could not be proved diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Includee.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Includee.dfy.expect index 6986a9c9417..474055a707b 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Includee.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Includee.dfy.expect @@ -2,6 +2,6 @@ Includee.dfy(6,0): Error: a postcondition could not be proved on this return pat Includee.dfy(5,12): Related location: this is the postcondition that could not be proved Includee.dfy(21,2): Error: a postcondition could not be proved on this return path Includee.dfy(20,14): Related location: this is the postcondition that could not be proved -Includee.dfy(24,4): Error: assertion might not hold +Includee.dfy(24,4): Error: assertion could not be proved Dafny program verifier finished with 1 verified, 3 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/IndexIntoUpdate.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/IndexIntoUpdate.dfy.expect index cddc725af25..b8f7e7e8dc0 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/IndexIntoUpdate.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/IndexIntoUpdate.dfy.expect @@ -1,3 +1,3 @@ -IndexIntoUpdate.dfy(7,9): Error: assertion might not hold +IndexIntoUpdate.dfy(7,9): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/InductivePredicates.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/InductivePredicates.dfy.expect index f446ce813f9..d584f54f78b 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/InductivePredicates.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/InductivePredicates.dfy.expect @@ -1,4 +1,4 @@ -InductivePredicates.dfy(80,2): Error: assertion might not hold -InductivePredicates.dfy(92,14): Error: assertion might not hold +InductivePredicates.dfy(80,2): Error: assertion could not be proved +InductivePredicates.dfy(92,14): Error: assertion could not be proved Dafny program verifier finished with 32 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Iterators.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Iterators.dfy.expect index ed2a28c406f..342012650dd 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Iterators.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Iterators.dfy.expect @@ -1,16 +1,16 @@ Iterators.dfy(40,21): Error: a precondition for this call could not be proved Iterators.dfy(4,9): Related location: this is the precondition that could not be proved -Iterators.dfy(89,2): Error: assertion might not hold -Iterators.dfy(103,2): Error: assertion might not hold -Iterators.dfy(106,2): Error: assertion might not hold -Iterators.dfy(119,4): Error: assertion might not hold -Iterators.dfy(150,4): Error: assertion might not hold +Iterators.dfy(89,2): Error: assertion could not be proved +Iterators.dfy(103,2): Error: assertion could not be proved +Iterators.dfy(106,2): Error: assertion could not be proved +Iterators.dfy(119,4): Error: assertion could not be proved +Iterators.dfy(150,4): Error: assertion could not be proved Iterators.dfy(155,23): Error: a precondition for this call could not be proved Iterators.dfy(125,9): Related location: this is the precondition that could not be proved -Iterators.dfy(177,18): Error: assertion might not hold +Iterators.dfy(177,18): Error: assertion could not be proved Iterators.dfy(208,6): Error: an assignment to _new is only allowed to shrink the set -Iterators.dfy(212,6): Error: assertion might not hold -Iterators.dfy(234,6): Error: assertion might not hold +Iterators.dfy(212,6): Error: assertion could not be proved +Iterators.dfy(234,6): Error: assertion could not be proved Iterators.dfy(413,16): Error: this invariant could not be proved to be maintained by the loop Related message: loop invariant violation Iterators.dfy(414,21): Error: this invariant could not be proved to be maintained by the loop @@ -31,14 +31,14 @@ Iterators.dfy(461,21): Error: this invariant could not be proved to be maintaine Related message: loop invariant violation Iterators.dfy(470,4): Error: possible violation of yield-ensures condition Iterators.dfy(451,21): Related location: this is the yield ensures that could not be proved -Iterators.dfy(251,9): Error: decreases clause might not decrease -Iterators.dfy(274,9): Error: decreases clause might not decrease -Iterators.dfy(284,31): Error: decreases clause might not decrease +Iterators.dfy(251,9): Error: decreases clause could not be proved to decrease +Iterators.dfy(274,9): Error: decreases clause could not be proved to decrease +Iterators.dfy(284,31): Error: decreases clause could not be proved to decrease Iterators.dfy(296,9): Error: cannot prove termination; try supplying a decreases clause Iterators.dfy(317,9): Error: cannot prove termination; try supplying a decreases clause Iterators.dfy(326,31): Error: cannot prove termination; try supplying a decreases clause -Iterators.dfy(343,9): Error: decreases clause might not decrease +Iterators.dfy(343,9): Error: decreases clause could not be proved to decrease Iterators.dfy(353,31): Error: cannot prove termination; try supplying a decreases clause -Iterators.dfy(370,9): Error: decreases clause might not decrease +Iterators.dfy(370,9): Error: decreases clause could not be proved to decrease Dafny program verifier finished with 35 verified, 30 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LabeledAsserts.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LabeledAsserts.dfy.expect index 355d863b1b4..a73ff544964 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LabeledAsserts.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LabeledAsserts.dfy.expect @@ -1,30 +1,30 @@ LabeledAsserts.dfy(63,9): Warning: Argument to 'old' does not dereference the mutable heap, so this use of 'old' has no effect LabeledAsserts.dfy(63,30): Warning: Argument to 'old' does not dereference the mutable heap, so this use of 'old' has no effect -LabeledAsserts.dfy(16,2): Error: assertion might not hold -LabeledAsserts.dfy(42,2): Error: assertion might not hold -LabeledAsserts.dfy(43,2): Error: assertion might not hold -LabeledAsserts.dfy(91,4): Error: assertion might not hold -LabeledAsserts.dfy(105,4): Error: assertion might not hold -LabeledAsserts.dfy(107,4): Error: assertion might not hold -LabeledAsserts.dfy(128,4): Error: assertion might not hold -LabeledAsserts.dfy(142,6): Error: assertion might not hold -LabeledAsserts.dfy(146,6): Error: assertion might not hold -LabeledAsserts.dfy(206,4): Error: assertion might not hold -LabeledAsserts.dfy(207,4): Error: assertion might not hold -LabeledAsserts.dfy(211,4): Error: assertion might not hold -LabeledAsserts.dfy(224,4): Error: assertion might not hold -LabeledAsserts.dfy(226,4): Error: assertion might not hold -LabeledAsserts.dfy(232,4): Error: assertion might not hold +LabeledAsserts.dfy(16,2): Error: assertion could not be proved +LabeledAsserts.dfy(42,2): Error: assertion could not be proved +LabeledAsserts.dfy(43,2): Error: assertion could not be proved +LabeledAsserts.dfy(91,4): Error: assertion could not be proved +LabeledAsserts.dfy(105,4): Error: assertion could not be proved +LabeledAsserts.dfy(107,4): Error: assertion could not be proved +LabeledAsserts.dfy(128,4): Error: assertion could not be proved +LabeledAsserts.dfy(142,6): Error: assertion could not be proved +LabeledAsserts.dfy(146,6): Error: assertion could not be proved +LabeledAsserts.dfy(206,4): Error: assertion could not be proved +LabeledAsserts.dfy(207,4): Error: assertion could not be proved +LabeledAsserts.dfy(211,4): Error: assertion could not be proved +LabeledAsserts.dfy(224,4): Error: assertion could not be proved +LabeledAsserts.dfy(226,4): Error: assertion could not be proved +LabeledAsserts.dfy(232,4): Error: assertion could not be proved LabeledAsserts.dfy(252,6): Error: the calculation step between the previous line and this line could not be proved -LabeledAsserts.dfy(265,2): Error: assertion might not hold -LabeledAsserts.dfy(25,2): Error: assertion might not hold -LabeledAsserts.dfy(27,2): Error: assertion might not hold -LabeledAsserts.dfy(28,2): Error: assertion might not hold -LabeledAsserts.dfy(29,2): Error: assertion might not hold -LabeledAsserts.dfy(32,2): Error: assertion might not hold -LabeledAsserts.dfy(162,2): Error: assertion might not hold -LabeledAsserts.dfy(172,4): Error: assertion might not hold -LabeledAsserts.dfy(189,6): Error: assertion might not hold -LabeledAsserts.dfy(193,6): Error: assertion might not hold +LabeledAsserts.dfy(265,2): Error: assertion could not be proved +LabeledAsserts.dfy(25,2): Error: assertion could not be proved +LabeledAsserts.dfy(27,2): Error: assertion could not be proved +LabeledAsserts.dfy(28,2): Error: assertion could not be proved +LabeledAsserts.dfy(29,2): Error: assertion could not be proved +LabeledAsserts.dfy(32,2): Error: assertion could not be proved +LabeledAsserts.dfy(162,2): Error: assertion could not be proved +LabeledAsserts.dfy(172,4): Error: assertion could not be proved +LabeledAsserts.dfy(189,6): Error: assertion could not be proved +LabeledAsserts.dfy(193,6): Error: assertion could not be proved Dafny program verifier finished with 11 verified, 26 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LabelsOldAt.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LabelsOldAt.dfy.expect index 7234bcee852..3905f5f5420 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LabelsOldAt.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LabelsOldAt.dfy.expect @@ -1,15 +1,15 @@ LabelsOldAt.dfy(429,9): Warning: Argument to 'old' does not dereference the mutable heap, so this use of 'old' has no effect LabelsOldAt.dfy(430,9): Warning: Argument to 'old' does not dereference the mutable heap, so this use of 'old' has no effect LabelsOldAt.dfy(160,13): Warning: Argument to 'old' does not dereference the mutable heap, so this use of 'old' has no effect -LabelsOldAt.dfy(34,4): Error: assertion might not hold -LabelsOldAt.dfy(56,4): Error: assertion might not hold -LabelsOldAt.dfy(78,6): Error: assertion might not hold -LabelsOldAt.dfy(110,6): Error: assertion might not hold -LabelsOldAt.dfy(112,6): Error: assertion might not hold -LabelsOldAt.dfy(116,6): Error: assertion might not hold -LabelsOldAt.dfy(118,6): Error: assertion might not hold -LabelsOldAt.dfy(140,6): Error: assertion might not hold -LabelsOldAt.dfy(142,6): Error: assertion might not hold +LabelsOldAt.dfy(34,4): Error: assertion could not be proved +LabelsOldAt.dfy(56,4): Error: assertion could not be proved +LabelsOldAt.dfy(78,6): Error: assertion could not be proved +LabelsOldAt.dfy(110,6): Error: assertion could not be proved +LabelsOldAt.dfy(112,6): Error: assertion could not be proved +LabelsOldAt.dfy(116,6): Error: assertion could not be proved +LabelsOldAt.dfy(118,6): Error: assertion could not be proved +LabelsOldAt.dfy(140,6): Error: assertion could not be proved +LabelsOldAt.dfy(142,6): Error: assertion could not be proved LabelsOldAt.dfy(164,21): Error: receiver could not be proved to be allocated in the state in which its fields are accessed LabelsOldAt.dfy(166,27): Error: receiver could not be proved to be allocated in the state in which its fields are accessed LabelsOldAt.dfy(175,19): Error: array could not be proved to be allocated @@ -20,21 +20,21 @@ LabelsOldAt.dfy(207,31): Error: some set element could not be proved to be alloc LabelsOldAt.dfy(236,14): Error: receiver could not be proved to be allocated in the state in which its fields are accessed LabelsOldAt.dfy(244,29): Error: object could not be proved to be allocated in the old-state of the 'unchanged' predicate LabelsOldAt.dfy(246,29): Error: some set element could not be proved to be allocated in the old-state of the 'unchanged' predicate -LabelsOldAt.dfy(266,15): Error: object might be null -LabelsOldAt.dfy(267,15): Error: some set element might be null -LabelsOldAt.dfy(268,15): Error: some sequence element might be null +LabelsOldAt.dfy(266,15): Error: object could not be proved to be non-null +LabelsOldAt.dfy(267,15): Error: some set element could not be proved to be non-null +LabelsOldAt.dfy(268,15): Error: some sequence element could not be proved to be non-null LabelsOldAt.dfy(274,15): Error: object could not be proved to be allocated in the old-state of the 'unchanged' predicate LabelsOldAt.dfy(275,15): Error: some set element could not be proved to be allocated in the old-state of the 'unchanged' predicate LabelsOldAt.dfy(276,15): Error: some sequence element could not be proved to be allocated in the old-state of the 'unchanged' predicate LabelsOldAt.dfy(281,15): Error: object could not be proved to be allocated in the old-state of the 'unchanged' predicate -LabelsOldAt.dfy(281,15): Error: object might be null +LabelsOldAt.dfy(281,15): Error: object could not be proved to be non-null LabelsOldAt.dfy(286,15): Error: some set element could not be proved to be allocated in the old-state of the 'unchanged' predicate -LabelsOldAt.dfy(286,15): Error: some set element might be null +LabelsOldAt.dfy(286,15): Error: some set element could not be proved to be non-null LabelsOldAt.dfy(291,15): Error: some sequence element could not be proved to be allocated in the old-state of the 'unchanged' predicate -LabelsOldAt.dfy(291,15): Error: some sequence element might be null -LabelsOldAt.dfy(358,4): Error: assertion might not hold -LabelsOldAt.dfy(367,4): Error: assertion might not hold -LabelsOldAt.dfy(376,4): Error: assertion might not hold -LabelsOldAt.dfy(385,4): Error: assertion might not hold +LabelsOldAt.dfy(291,15): Error: some sequence element could not be proved to be non-null +LabelsOldAt.dfy(358,4): Error: assertion could not be proved +LabelsOldAt.dfy(367,4): Error: assertion could not be proved +LabelsOldAt.dfy(376,4): Error: assertion could not be proved +LabelsOldAt.dfy(385,4): Error: assertion could not be proved Dafny program verifier finished with 28 verified, 35 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LegacyConversions.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LegacyConversions.dfy.expect index fafed635197..672bccb62a2 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LegacyConversions.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LegacyConversions.dfy.expect @@ -1,26 +1,26 @@ -LegacyConversions.dfy(14,13): Error: result of operation might violate subset type constraint for 'CharSubset' -LegacyConversions.dfy(16,13): Error: result of operation might violate subset type constraint for 'MyChar' -LegacyConversions.dfy(20,13): Error: result of operation might violate subset type constraint for 'MyChar' -LegacyConversions.dfy(34,14): Error: result of operation might violate subset type constraint for 'NotSpace' -LegacyConversions.dfy(38,15): Error: result of operation might violate subset type constraint for 'NotSpace' -LegacyConversions.dfy(40,14): Error: result of operation might violate subset type constraint for 'NotSpace' -LegacyConversions.dfy(42,14): Error: result of operation might violate subset type constraint for 'NotSpace' -LegacyConversions.dfy(48,13): Error: result of operation might violate subset type constraint for 'BV' -LegacyConversions.dfy(48,13): Error: value to be converted might not fit in BV -LegacyConversions.dfy(50,13): Error: result of operation might violate subset type constraint for 'BV' -LegacyConversions.dfy(52,13): Error: value to be converted might not fit in BV -LegacyConversions.dfy(60,13): Error: value to be converted might not fit in bv6 -LegacyConversions.dfy(66,13): Error: result of operation might violate subset type constraint for 'BV' -LegacyConversions.dfy(66,13): Error: value to be converted might not fit in BV -LegacyConversions.dfy(70,14): Error: result of operation might violate subset type constraint for 'BV' -LegacyConversions.dfy(82,13): Error: result of operation might violate subset type constraint for 'BV' -LegacyConversions.dfy(82,13): Error: value to be converted might not fit in BV -LegacyConversions.dfy(84,13): Error: result of operation might violate subset type constraint for 'BV' -LegacyConversions.dfy(84,13): Error: value to be converted might not fit in BV -LegacyConversions.dfy(90,13): Error: value to be converted might not fit in BV -LegacyConversions.dfy(92,13): Error: result of operation might violate subset type constraint for 'BV' -LegacyConversions.dfy(109,16): Error: bit-vector value to be converted might not fit in NotSpace -LegacyConversions.dfy(109,16): Error: result of operation might violate subset type constraint for 'NotSpace' -LegacyConversions.dfy(111,16): Error: bit-vector value to be converted might not fit in AnyChar +LegacyConversions.dfy(14,13): Error: result of operation could not be proved to satisfy subset type constraint for 'CharSubset' +LegacyConversions.dfy(16,13): Error: result of operation could not be proved to satisfy subset type constraint for 'MyChar' +LegacyConversions.dfy(20,13): Error: result of operation could not be proved to satisfy subset type constraint for 'MyChar' +LegacyConversions.dfy(34,14): Error: result of operation could not be proved to satisfy subset type constraint for 'NotSpace' +LegacyConversions.dfy(38,15): Error: result of operation could not be proved to satisfy subset type constraint for 'NotSpace' +LegacyConversions.dfy(40,14): Error: result of operation could not be proved to satisfy subset type constraint for 'NotSpace' +LegacyConversions.dfy(42,14): Error: result of operation could not be proved to satisfy subset type constraint for 'NotSpace' +LegacyConversions.dfy(48,13): Error: result of operation could not be proved to satisfy subset type constraint for 'BV' +LegacyConversions.dfy(48,13): Error: value to be converted could not be proved to fit in BV +LegacyConversions.dfy(50,13): Error: result of operation could not be proved to satisfy subset type constraint for 'BV' +LegacyConversions.dfy(52,13): Error: value to be converted could not be proved to fit in BV +LegacyConversions.dfy(60,13): Error: value to be converted could not be proved to fit in bv6 +LegacyConversions.dfy(66,13): Error: result of operation could not be proved to satisfy subset type constraint for 'BV' +LegacyConversions.dfy(66,13): Error: value to be converted could not be proved to fit in BV +LegacyConversions.dfy(70,14): Error: result of operation could not be proved to satisfy subset type constraint for 'BV' +LegacyConversions.dfy(82,13): Error: result of operation could not be proved to satisfy subset type constraint for 'BV' +LegacyConversions.dfy(82,13): Error: value to be converted could not be proved to fit in BV +LegacyConversions.dfy(84,13): Error: result of operation could not be proved to satisfy subset type constraint for 'BV' +LegacyConversions.dfy(84,13): Error: value to be converted could not be proved to fit in BV +LegacyConversions.dfy(90,13): Error: value to be converted could not be proved to fit in BV +LegacyConversions.dfy(92,13): Error: result of operation could not be proved to satisfy subset type constraint for 'BV' +LegacyConversions.dfy(109,16): Error: bit-vector value to be converted could not be proved to fit in NotSpace +LegacyConversions.dfy(109,16): Error: result of operation could not be proved to satisfy subset type constraint for 'NotSpace' +LegacyConversions.dfy(111,16): Error: bit-vector value to be converted could not be proved to fit in AnyChar Dafny program verifier finished with 10 verified, 24 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LetExpr.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LetExpr.dfy.expect index 91138db6b64..83fcda42311 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LetExpr.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LetExpr.dfy.expect @@ -1,18 +1,18 @@ LetExpr.dfy(45,2): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. LetExpr.dfy(206,4): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. -LetExpr.dfy(9,2): Error: assertion might not hold -LetExpr.dfy(109,6): Error: assertion might not hold +LetExpr.dfy(9,2): Error: assertion could not be proved +LetExpr.dfy(109,6): Error: assertion could not be proved LetExpr.dfy(260,42): Error: value of expression (of type 'Tuple') is not known to be an instance of type 'Tuple' LetExpr.dfy(263,18): Error: value does not satisfy the subset constraints of 'nat' LetExpr.dfy(265,23): Error: value does not satisfy the subset constraints of 'nat' LetExpr.dfy(294,13): Error: RHS is not certain to look like the pattern 'Agnes' LetExpr.dfy(312,11): Error: value of expression (of type 'Tuple, Tuple, Tuple>>') is not known to be an instance of type 'Tuple, Tuple, Tuple>>' -LetExpr.dfy(313,2): Error: assertion might not hold +LetExpr.dfy(313,2): Error: assertion could not be proved LetExpr.dfy(323,11): Error: to be compilable, the value of a let-such-that expression must be uniquely determined LetExpr.dfy(340,34): Error: value of expression (of type 'Tuple') is not known to be an instance of type 'Tuple' LetExpr.dfy(344,29): Error: value of expression (of type 'Tuple') is not known to be an instance of type 'Tuple' -LetExpr.dfy(390,33): Error: assertion might not hold -LetExpr.dfy(403,24): Error: assertion might not hold +LetExpr.dfy(390,33): Error: assertion could not be proved +LetExpr.dfy(403,24): Error: assertion could not be proved Dafny program verifier finished with 39 verified, 13 errors LetExpr.dfy.tmp.print.dfy(44,2): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LhsDuplicates.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LhsDuplicates.dfy.expect index 2f10a8dcc21..2a9ccfced30 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LhsDuplicates.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LhsDuplicates.dfy.expect @@ -1,8 +1,8 @@ -LhsDuplicates.dfy(21,9): Error: left-hand sides for different forall-statement bound variables might refer to the same location (and right-hand sides might not be equivalent) -LhsDuplicates.dfy(36,11): Error: left-hand sides for different forall-statement bound variables might refer to the same location (and right-hand sides might not be equivalent) -LhsDuplicates.dfy(42,5): Error: left-hand sides a and a refer to the same location -LhsDuplicates.dfy(51,11): Error: left-hand sides c0.f and c0.f might refer to the same location -LhsDuplicates.dfy(60,9): Error: left-hand sides a[i] and a[i] might refer to the same location -LhsDuplicates.dfy(69,11): Error: left-hand sides a[i, j] and a[i, j] might refer to the same location +LhsDuplicates.dfy(21,9): Error: left-hand sides for different forall-statement bound variables could not be proved to refer to different locations (and right-hand sides could not be proved to be equivalent) +LhsDuplicates.dfy(36,11): Error: left-hand sides for different forall-statement bound variables could not be proved to refer to different locations (and right-hand sides could not be proved to be equivalent) +LhsDuplicates.dfy(42,5): Error: left-hand sides a and a could not be proved to refer to different locations +LhsDuplicates.dfy(51,11): Error: left-hand sides c0.f and c0.f could not be proved to refer to different locations +LhsDuplicates.dfy(60,9): Error: left-hand sides a[i] and a[i] could not be proved to refer to different locations +LhsDuplicates.dfy(69,11): Error: left-hand sides a[i, j] and a[i, j] could not be proved to refer to different locations Dafny program verifier finished with 1 verified, 6 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LitTriggers.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LitTriggers.dfy.expect index 640bb8f4a52..a13a084833c 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LitTriggers.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LitTriggers.dfy.expect @@ -1,3 +1,3 @@ -LitTriggers.dfy(56,27): Error: assertion might not hold +LitTriggers.dfy(56,27): Error: assertion could not be proved Dafny program verifier finished with 5 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LoopModifies.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LoopModifies.dfy.expect index 9ed345409f8..07387e0bd51 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LoopModifies.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/LoopModifies.dfy.expect @@ -1,11 +1,11 @@ -LoopModifies.dfy(8,4): Error: assignment might update an array element not in the enclosing context's modifies clause -LoopModifies.dfy(19,7): Error: assignment might update an array element not in the enclosing context's modifies clause -LoopModifies.dfy(48,7): Error: assignment might update an array element not in the enclosing context's modifies clause -LoopModifies.dfy(63,7): Error: assignment might update an array element not in the enclosing context's modifies clause -LoopModifies.dfy(76,3): Error: loop modifies clause might violate context's modifies clause -LoopModifies.dfy(100,7): Error: assignment might update an array element not in the enclosing context's modifies clause -LoopModifies.dfy(148,10): Error: assignment might update an array element not in the enclosing context's modifies clause -LoopModifies.dfy(199,9): Error: assignment might update an array element not in the enclosing context's modifies clause -LoopModifies.dfy(287,12): Error: assignment might update an array element not in the enclosing context's modifies clause +LoopModifies.dfy(8,4): Error: modified array location could not be proved to be in the current modifies clause +LoopModifies.dfy(19,7): Error: modified array location could not be proved to be in the current modifies clause +LoopModifies.dfy(48,7): Error: modified array location could not be proved to be in the current modifies clause +LoopModifies.dfy(63,7): Error: modified array location could not be proved to be in the current modifies clause +LoopModifies.dfy(76,3): Error: modified object in loop modifies clause could not be proved to be in the current modifies clause +LoopModifies.dfy(100,7): Error: modified array location could not be proved to be in the current modifies clause +LoopModifies.dfy(148,10): Error: modified array location could not be proved to be in the current modifies clause +LoopModifies.dfy(199,9): Error: modified array location could not be proved to be in the current modifies clause +LoopModifies.dfy(287,12): Error: modified array location could not be proved to be in the current modifies clause Dafny program verifier finished with 21 verified, 9 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Maps.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Maps.dfy.expect index 455a9595397..ef528e116d0 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Maps.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Maps.dfy.expect @@ -1,37 +1,37 @@ Maps.dfy(200,11): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. -Maps.dfy(78,7): Error: element might not be in domain -Maps.dfy(128,3): Error: assertion might not hold -Maps.dfy(220,36): Error: key expressions might be referring to the same value -Maps.dfy(226,36): Error: key expressions might be referring to the same value -Maps.dfy(232,37): Error: key expressions might be referring to the same value -Maps.dfy(234,24): Error: key expressions might be referring to the same value +Maps.dfy(78,7): Error: element could not be proved to be in domain +Maps.dfy(128,3): Error: assertion could not be proved +Maps.dfy(220,36): Error: key expressions could not be proved to refer to different values +Maps.dfy(226,36): Error: key expressions could not be proved to refer to different values +Maps.dfy(232,37): Error: key expressions could not be proved to refer to different values +Maps.dfy(234,24): Error: key expressions could not be proved to refer to different values Maps.dfy(241,42): Error: function precondition could not be proved Maps.dfy(215,13): Related location: this proposition could not be proved -Maps.dfy(243,37): Error: key expressions might be referring to the same value +Maps.dfy(243,37): Error: key expressions could not be proved to refer to different values Maps.dfy(243,37): Error: function precondition could not be proved Maps.dfy(215,13): Related location: this proposition could not be proved -Maps.dfy(264,54): Error: assertion might not hold +Maps.dfy(264,54): Error: assertion could not be proved Maps.dfy(309,11): Error: index out of range Maps.dfy(311,16): Error: value does not satisfy the subset constraints of 'nat' Maps.dfy(317,11): Error: value does not satisfy the subset constraints of 'nat' -Maps.dfy(319,16): Error: new number of occurrences might be negative +Maps.dfy(319,16): Error: new number of occurrences could not be proved to be non-negative Maps.dfy(328,11): Error: value does not satisfy the subset constraints of 'nat' Maps.dfy(330,17): Error: value does not satisfy the subset constraints of 'nat' Maps.dfy(339,11): Error: index out of range -Maps.dfy(341,16): Error: value of expression (of type 'Elem?') is not known to be an instance of type 'Elem', because it might be null -Maps.dfy(347,11): Error: value of expression (of type 'Elem?') is not known to be an instance of type 'Elem', because it might be null -Maps.dfy(349,16): Error: new number of occurrences might be negative -Maps.dfy(358,11): Error: value of expression (of type 'Elem?') is not known to be an instance of type 'Elem', because it might be null -Maps.dfy(360,16): Error: value of expression (of type 'Elem?') is not known to be an instance of type 'Elem', because it might be null -Maps.dfy(424,4): Error: assertion might not hold -Maps.dfy(429,4): Error: assertion might not hold -Maps.dfy(430,4): Error: assertion might not hold -Maps.dfy(442,4): Error: assertion might not hold -Maps.dfy(447,4): Error: assertion might not hold -Maps.dfy(448,4): Error: assertion might not hold -Maps.dfy(520,2): Error: assertion might not hold -Maps.dfy(525,2): Error: assertion might not hold -Maps.dfy(562,2): Error: decreases expression might not decrease -Maps.dfy(576,2): Error: decreases expression might not decrease +Maps.dfy(341,16): Error: value of expression (of type 'Elem?') is not known to be an instance of type 'Elem', because it could not be proved to be non-null +Maps.dfy(347,11): Error: value of expression (of type 'Elem?') is not known to be an instance of type 'Elem', because it could not be proved to be non-null +Maps.dfy(349,16): Error: new number of occurrences could not be proved to be non-negative +Maps.dfy(358,11): Error: value of expression (of type 'Elem?') is not known to be an instance of type 'Elem', because it could not be proved to be non-null +Maps.dfy(360,16): Error: value of expression (of type 'Elem?') is not known to be an instance of type 'Elem', because it could not be proved to be non-null +Maps.dfy(424,4): Error: assertion could not be proved +Maps.dfy(429,4): Error: assertion could not be proved +Maps.dfy(430,4): Error: assertion could not be proved +Maps.dfy(442,4): Error: assertion could not be proved +Maps.dfy(447,4): Error: assertion could not be proved +Maps.dfy(448,4): Error: assertion could not be proved +Maps.dfy(520,2): Error: assertion could not be proved +Maps.dfy(525,2): Error: assertion could not be proved +Maps.dfy(562,2): Error: decreases expression could not be proved to decrease +Maps.dfy(576,2): Error: decreases expression could not be proved to decrease Dafny program verifier finished with 49 verified, 32 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/MiscTypeInferenceTests.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/MiscTypeInferenceTests.dfy.expect index 6cf6c23d85f..950ce405eb0 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/MiscTypeInferenceTests.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/MiscTypeInferenceTests.dfy.expect @@ -3,7 +3,7 @@ MiscTypeInferenceTests.dfy(95,16): Warning: the type of the other operand is a s MiscTypeInferenceTests.dfy(14,59): Error: value does not satisfy the subset constraints of 'neg' MiscTypeInferenceTests.dfy(24,11): Error: value does not satisfy the subset constraints of 'int -> int' (possible cause: it may be partial or have read effects) MiscTypeInferenceTests.dfy(27,11): Error: value of expression (of type 'int -> int') is not known to be an instance of type 'int ~> nat' -MiscTypeInferenceTests.dfy(50,4): Error: assertion might not hold +MiscTypeInferenceTests.dfy(50,4): Error: assertion could not be proved MiscTypeInferenceTests.dfy(50,13): Error: function precondition could not be proved MiscTypeInferenceTests.dfy(109,18): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. MiscTypeInferenceTests.dfy(110,18): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ModifyStmt.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ModifyStmt.dfy.expect index e90ec9a5eca..f31aca6069d 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ModifyStmt.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ModifyStmt.dfy.expect @@ -6,16 +6,16 @@ ModifyStmt.dfy(158,17): Warning: the modify statement with a block statement is ModifyStmt.dfy(157,21): Warning: the modify statement with a block statement is deprecated ModifyStmt.dfy(155,24): Warning: the modify statement with a block statement is deprecated ModifyStmt.dfy(178,16): Warning: the modify statement with a block statement is deprecated -ModifyStmt.dfy(27,4): Error: assertion might not hold -ModifyStmt.dfy(42,4): Error: modify statement might violate context's modifies clause -ModifyStmt.dfy(48,4): Error: modify statement might violate context's modifies clause -ModifyStmt.dfy(61,4): Error: modify statement might violate context's modifies clause -ModifyStmt.dfy(70,4): Error: assertion might not hold -ModifyStmt.dfy(89,4): Error: assertion might not hold -ModifyStmt.dfy(99,4): Error: assertion might not hold -ModifyStmt.dfy(110,4): Error: assertion might not hold -ModifyStmt.dfy(122,6): Error: assertion might not hold -ModifyStmt.dfy(134,6): Error: assignment might update an object not in the enclosing context's modifies clause -ModifyStmt.dfy(172,4): Error: assertion might not hold +ModifyStmt.dfy(27,4): Error: assertion could not be proved +ModifyStmt.dfy(42,4): Error: modified object in modify statement could not be proved to be in the current modifies clause +ModifyStmt.dfy(48,4): Error: modified object in modify statement could not be proved to be in the current modifies clause +ModifyStmt.dfy(61,4): Error: modified object in modify statement could not be proved to be in the current modifies clause +ModifyStmt.dfy(70,4): Error: assertion could not be proved +ModifyStmt.dfy(89,4): Error: assertion could not be proved +ModifyStmt.dfy(99,4): Error: assertion could not be proved +ModifyStmt.dfy(110,4): Error: assertion could not be proved +ModifyStmt.dfy(122,6): Error: assertion could not be proved +ModifyStmt.dfy(134,6): Error: modified field could not be proved to be in the current modifies clause +ModifyStmt.dfy(172,4): Error: assertion could not be proved Dafny program verifier finished with 11 verified, 11 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Modules1.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Modules1.dfy.expect index ef074b012ce..2d0490f2dce 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Modules1.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Modules1.dfy.expect @@ -1,15 +1,15 @@ Modules1.dfy(131,14): Warning: This ensures clause is part of a bodyless method. Add the {:axiom} attribute to it or the enclosing method to suppress this warning Modules1.dfy(56,8): Error: decreases expression must be bounded below by 0 Modules1.dfy(54,12): Related location: this decreases clause was not satisfied -Modules1.dfy(62,8): Error: decreases clause might not decrease -Modules1.dfy(82,6): Error: assertion might not hold -Modules1.dfy(95,6): Error: assertion might not hold -Modules1.dfy(97,6): Error: assertion might not hold -Modules1.dfy(211,4): Error: assertion might not hold -Modules1.dfy(212,4): Error: assertion might not hold -Modules1.dfy(213,4): Error: assertion might not hold -Modules1.dfy(219,4): Error: assertion might not hold -Modules1.dfy(220,4): Error: assertion might not hold -Modules1.dfy(221,4): Error: assertion might not hold +Modules1.dfy(62,8): Error: decreases clause could not be proved to decrease +Modules1.dfy(82,6): Error: assertion could not be proved +Modules1.dfy(95,6): Error: assertion could not be proved +Modules1.dfy(97,6): Error: assertion could not be proved +Modules1.dfy(211,4): Error: assertion could not be proved +Modules1.dfy(212,4): Error: assertion could not be proved +Modules1.dfy(213,4): Error: assertion could not be proved +Modules1.dfy(219,4): Error: assertion could not be proved +Modules1.dfy(220,4): Error: assertion could not be proved +Modules1.dfy(221,4): Error: assertion could not be proved Dafny program verifier finished with 9 verified, 11 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/MultiDimArray.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/MultiDimArray.dfy.expect index b7190c6d7ba..bbe81b570dc 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/MultiDimArray.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/MultiDimArray.dfy.expect @@ -1,4 +1,4 @@ -MultiDimArray.dfy(53,8): Error: assertion might not hold -MultiDimArray.dfy(79,8): Error: assertion might not hold +MultiDimArray.dfy(53,8): Error: assertion could not be proved +MultiDimArray.dfy(79,8): Error: assertion could not be proved Dafny program verifier finished with 5 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/MultiSets.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/MultiSets.dfy.expect index 94d3ea8e80c..493103b4841 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/MultiSets.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/MultiSets.dfy.expect @@ -2,8 +2,8 @@ MultiSets.dfy(158,2): Error: a postcondition could not be proved on this return MultiSets.dfy(157,14): Related location: this is the postcondition that could not be proved MultiSets.dfy(164,2): Error: a postcondition could not be proved on this return path MultiSets.dfy(163,14): Related location: this is the postcondition that could not be proved -MultiSets.dfy(177,19): Error: new number of occurrences might be negative -MultiSets.dfy(268,4): Error: assertion might not hold -MultiSets.dfy(291,6): Error: assertion might not hold +MultiSets.dfy(177,19): Error: new number of occurrences could not be proved to be non-negative +MultiSets.dfy(268,4): Error: assertion could not be proved +MultiSets.dfy(291,6): Error: assertion could not be proved Dafny program verifier finished with 34 verified, 5 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/NatTypes.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/NatTypes.dfy.expect index b30bbbf8577..868dacb3c64 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/NatTypes.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/NatTypes.dfy.expect @@ -1,18 +1,18 @@ NatTypes.dfy(10,4): Error: value does not satisfy the subset constraints of 'nat' NatTypes.dfy(35,11): Error: value does not satisfy the subset constraints of 'nat' -NatTypes.dfy(45,6): Error: assertion might not hold -NatTypes.dfy(48,6): Error: assertion might not hold -NatTypes.dfy(51,6): Error: assertion might not hold -NatTypes.dfy(54,6): Error: assertion might not hold -NatTypes.dfy(65,6): Error: assertion might not hold -NatTypes.dfy(71,6): Error: assertion might not hold -NatTypes.dfy(74,6): Error: assertion might not hold -NatTypes.dfy(91,6): Error: assertion might not hold -NatTypes.dfy(105,6): Error: assertion might not hold +NatTypes.dfy(45,6): Error: assertion could not be proved +NatTypes.dfy(48,6): Error: assertion could not be proved +NatTypes.dfy(51,6): Error: assertion could not be proved +NatTypes.dfy(54,6): Error: assertion could not be proved +NatTypes.dfy(65,6): Error: assertion could not be proved +NatTypes.dfy(71,6): Error: assertion could not be proved +NatTypes.dfy(74,6): Error: assertion could not be proved +NatTypes.dfy(91,6): Error: assertion could not be proved +NatTypes.dfy(105,6): Error: assertion could not be proved NatTypes.dfy(126,21): Error: value does not satisfy the subset constraints of 'nat' NatTypes.dfy(141,44): Error: value does not satisfy the subset constraints of 'nat' NatTypes.dfy(164,34): Error: value does not satisfy the subset constraints of 'nat' -NatTypes.dfy(182,18): Error: result of operation might violate subset type constraint for 'nat' +NatTypes.dfy(182,18): Error: result of operation could not be proved to satisfy subset type constraint for 'nat' NatTypes.dfy(190,19): Error: value of expression (of type 'GList') is not known to be an instance of type 'GList' Dafny program verifier finished with 6 verified, 16 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Newtypes.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Newtypes.dfy.expect index ebbd5134d99..cfc9e60685a 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Newtypes.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Newtypes.dfy.expect @@ -1,18 +1,18 @@ Newtypes.dfy(74,10): Error: cannot find witness that shows type is inhabited (only tried 0); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type Newtypes.dfy(76,44): Error: possible division by zero -Newtypes.dfy(87,13): Error: result of operation might violate newtype constraint for 'char8' -Newtypes.dfy(95,11): Error: result of operation might violate newtype constraint for 'char8' -Newtypes.dfy(97,13): Error: result of operation might violate newtype constraint for 'char8' -Newtypes.dfy(104,15): Error: result of operation might violate newtype constraint for 'char8' -Newtypes.dfy(177,13): Error: result of operation might violate newtype constraint for 'Even' +Newtypes.dfy(87,13): Error: result of operation could not be proved to satisfy newtype constraint for 'char8' +Newtypes.dfy(95,11): Error: result of operation could not be proved to satisfy newtype constraint for 'char8' +Newtypes.dfy(97,13): Error: result of operation could not be proved to satisfy newtype constraint for 'char8' +Newtypes.dfy(104,15): Error: result of operation could not be proved to satisfy newtype constraint for 'char8' +Newtypes.dfy(177,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Even' Newtypes.dfy(193,67): Error: index 0 out of range Newtypes.dfy(194,70): Error: index 1 out of range -Newtypes.dfy(223,21): Error: new number of occurrences might be negative -Newtypes.dfy(226,39): Error: result of operation might violate newtype constraint for 'Even' -Newtypes.dfy(238,18): Error: result of operation might violate newtype constraint for 'N' -Newtypes.dfy(278,18): Error: result of operation might violate newtype constraint for 'R' -Newtypes.dfy(367,10): Error: trying witness 0: result of operation might violate newtype constraint for 'A' -Newtypes.dfy(372,24): Error: result of operation might violate newtype constraint for 'A' -Newtypes.dfy(373,30): Error: result of operation might violate newtype constraint for 'A' +Newtypes.dfy(223,21): Error: new number of occurrences could not be proved to be non-negative +Newtypes.dfy(226,39): Error: result of operation could not be proved to satisfy newtype constraint for 'Even' +Newtypes.dfy(238,18): Error: result of operation could not be proved to satisfy newtype constraint for 'N' +Newtypes.dfy(278,18): Error: result of operation could not be proved to satisfy newtype constraint for 'R' +Newtypes.dfy(367,10): Error: trying witness 0: result of operation could not be proved to satisfy newtype constraint for 'A' +Newtypes.dfy(372,24): Error: result of operation could not be proved to satisfy newtype constraint for 'A' +Newtypes.dfy(373,30): Error: result of operation could not be proved to satisfy newtype constraint for 'A' Dafny program verifier finished with 43 verified, 16 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/NoMoreAssume2Less2.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/NoMoreAssume2Less2.dfy.expect index 5f8198a482b..027b4eafa55 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/NoMoreAssume2Less2.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/NoMoreAssume2Less2.dfy.expect @@ -1,31 +1,31 @@ -NoMoreAssume2Less2.dfy(26,2): Error: assertion might not hold -NoMoreAssume2Less2.dfy(35,2): Error: assertion might not hold -NoMoreAssume2Less2.dfy(44,2): Error: assertion might not hold -NoMoreAssume2Less2.dfy(50,4): Error: assertion might not hold -NoMoreAssume2Less2.dfy(53,2): Error: assertion might not hold -NoMoreAssume2Less2.dfy(59,4): Error: assertion might not hold -NoMoreAssume2Less2.dfy(62,2): Error: assertion might not hold -NoMoreAssume2Less2.dfy(68,4): Error: assertion might not hold -NoMoreAssume2Less2.dfy(72,2): Error: assertion might not hold -NoMoreAssume2Less2.dfy(86,2): Error: assertion might not hold -NoMoreAssume2Less2.dfy(92,18): Error: assertion might not hold -NoMoreAssume2Less2.dfy(95,2): Error: assertion might not hold -NoMoreAssume2Less2.dfy(104,2): Error: assertion might not hold -NoMoreAssume2Less2.dfy(110,16): Error: assertion might not hold +NoMoreAssume2Less2.dfy(26,2): Error: assertion could not be proved +NoMoreAssume2Less2.dfy(35,2): Error: assertion could not be proved +NoMoreAssume2Less2.dfy(44,2): Error: assertion could not be proved +NoMoreAssume2Less2.dfy(50,4): Error: assertion could not be proved +NoMoreAssume2Less2.dfy(53,2): Error: assertion could not be proved +NoMoreAssume2Less2.dfy(59,4): Error: assertion could not be proved +NoMoreAssume2Less2.dfy(62,2): Error: assertion could not be proved +NoMoreAssume2Less2.dfy(68,4): Error: assertion could not be proved +NoMoreAssume2Less2.dfy(72,2): Error: assertion could not be proved +NoMoreAssume2Less2.dfy(86,2): Error: assertion could not be proved +NoMoreAssume2Less2.dfy(92,18): Error: assertion could not be proved +NoMoreAssume2Less2.dfy(95,2): Error: assertion could not be proved +NoMoreAssume2Less2.dfy(104,2): Error: assertion could not be proved +NoMoreAssume2Less2.dfy(110,16): Error: assertion could not be proved NoMoreAssume2Less2.dfy(78,26): Related location: this proposition could not be proved -NoMoreAssume2Less2.dfy(113,2): Error: assertion might not hold -NoMoreAssume2Less2.dfy(119,19): Error: assertion might not hold +NoMoreAssume2Less2.dfy(113,2): Error: assertion could not be proved +NoMoreAssume2Less2.dfy(119,19): Error: assertion could not be proved NoMoreAssume2Less2.dfy(135,16): Error: this loop invariant could not be proved on entry Related message: loop invariant violation -NoMoreAssume2Less2.dfy(140,2): Error: assertion might not hold +NoMoreAssume2Less2.dfy(140,2): Error: assertion could not be proved NoMoreAssume2Less2.dfy(146,12): Error: a precondition for this call could not be proved NoMoreAssume2Less2.dfy(162,11): Related location: this is the precondition that could not be proved -NoMoreAssume2Less2.dfy(149,2): Error: assertion might not hold -NoMoreAssume2Less2.dfy(158,2): Error: assertion might not hold -NoMoreAssume2Less2.dfy(175,2): Error: assertion might not hold -NoMoreAssume2Less2.dfy(180,2): Error: assertion might not hold -NoMoreAssume2Less2.dfy(186,2): Error: assertion might not hold -NoMoreAssume2Less2.dfy(191,2): Error: assertion might not hold -NoMoreAssume2Less2.dfy(198,2): Error: assertion might not hold +NoMoreAssume2Less2.dfy(149,2): Error: assertion could not be proved +NoMoreAssume2Less2.dfy(158,2): Error: assertion could not be proved +NoMoreAssume2Less2.dfy(175,2): Error: assertion could not be proved +NoMoreAssume2Less2.dfy(180,2): Error: assertion could not be proved +NoMoreAssume2Less2.dfy(186,2): Error: assertion could not be proved +NoMoreAssume2Less2.dfy(191,2): Error: assertion could not be proved +NoMoreAssume2Less2.dfy(198,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 26 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/NoReferencesVerification.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/NoReferencesVerification.dfy.expect index 698895dba5b..83fc4216db7 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/NoReferencesVerification.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/NoReferencesVerification.dfy.expect @@ -1,6 +1,6 @@ -NoReferencesVerification.dfy(16,2): Error: assertion might not hold -NoReferencesVerification.dfy(26,4): Error: assertion might not hold -NoReferencesVerification.dfy(33,4): Error: assertion might not hold -NoReferencesVerification.dfy(49,2): Error: assertion might not hold +NoReferencesVerification.dfy(16,2): Error: assertion could not be proved +NoReferencesVerification.dfy(26,4): Error: assertion could not be proved +NoReferencesVerification.dfy(33,4): Error: assertion could not be proved +NoReferencesVerification.dfy(49,2): Error: assertion could not be proved Dafny program verifier finished with 2 verified, 4 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/NonZeroInitialization.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/NonZeroInitialization.dfy.expect index 8a6b1dbd89c..8e5a6385a8c 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/NonZeroInitialization.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/NonZeroInitialization.dfy.expect @@ -1,15 +1,15 @@ -NonZeroInitialization.dfy(4,36): Error: the given witness expression might not satisfy constraint -NonZeroInitialization.dfy(11,5): Error: trying witness 0: result of operation might violate subset type constraint for 'Six' -NonZeroInitialization.dfy(12,45): Error: result of operation might violate subset type constraint for 'Six' -NonZeroInitialization.dfy(13,5): Error: trying witness 0: result of operation might violate subset type constraint for 'Six' -NonZeroInitialization.dfy(16,8): Error: trying witness 0: result of operation might violate newtype constraint for 'NewSix' -NonZeroInitialization.dfy(17,61): Error: result of operation might violate newtype constraint for 'NewSix' -NonZeroInitialization.dfy(18,46): Error: result of operation might violate newtype constraint for 'NewSix' -NonZeroInitialization.dfy(19,8): Error: trying witness 0: result of operation might violate newtype constraint for 'NewSix' +NonZeroInitialization.dfy(4,36): Error: the given witness expression could not be proved to satisfy constraint +NonZeroInitialization.dfy(11,5): Error: trying witness 0: result of operation could not be proved to satisfy subset type constraint for 'Six' +NonZeroInitialization.dfy(12,45): Error: result of operation could not be proved to satisfy subset type constraint for 'Six' +NonZeroInitialization.dfy(13,5): Error: trying witness 0: result of operation could not be proved to satisfy subset type constraint for 'Six' +NonZeroInitialization.dfy(16,8): Error: trying witness 0: result of operation could not be proved to satisfy newtype constraint for 'NewSix' +NonZeroInitialization.dfy(17,61): Error: result of operation could not be proved to satisfy newtype constraint for 'NewSix' +NonZeroInitialization.dfy(18,46): Error: result of operation could not be proved to satisfy newtype constraint for 'NewSix' +NonZeroInitialization.dfy(19,8): Error: trying witness 0: result of operation could not be proved to satisfy newtype constraint for 'NewSix' NonZeroInitialization.dfy(37,5): Error: cannot find witness that shows type is inhabited; try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type -NonZeroInitialization.dfy(38,66): Error: result of operation might violate subset type constraint for 'ListTwo' +NonZeroInitialization.dfy(38,66): Error: result of operation could not be proved to satisfy subset type constraint for 'ListTwo' NonZeroInitialization.dfy(39,5): Error: cannot find witness that shows type is inhabited; try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type -NonZeroInitialization.dfy(53,0): Error: out-parameter 'g', which is subject to definite-assignment rules, might be uninitialized at this return point +NonZeroInitialization.dfy(53,0): Error: out-parameter 'g', which is subject to definite-assignment rules, could not be proved to be initialized at this return point NonZeroInitialization.dfy(58,7): Error: unless an initializer is provided for the array elements, a new array of 'Yt' must have empty size Dafny program verifier finished with 12 verified, 13 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/OpaqueConstants.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/OpaqueConstants.dfy.expect index b28e4b0886c..2d357433013 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/OpaqueConstants.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/OpaqueConstants.dfy.expect @@ -1,12 +1,12 @@ -OpaqueConstants.dfy(11,6): Error: assertion might not hold -OpaqueConstants.dfy(26,6): Error: assertion might not hold -OpaqueConstants.dfy(56,6): Error: assertion might not hold -OpaqueConstants.dfy(58,6): Error: assertion might not hold -OpaqueConstants.dfy(60,6): Error: assertion might not hold -OpaqueConstants.dfy(73,8): Error: assertion might not hold -OpaqueConstants.dfy(82,6): Error: assertion might not hold -OpaqueConstants.dfy(84,6): Error: assertion might not hold -OpaqueConstants.dfy(86,6): Error: assertion might not hold -OpaqueConstants.dfy(99,8): Error: assertion might not hold +OpaqueConstants.dfy(11,6): Error: assertion could not be proved +OpaqueConstants.dfy(26,6): Error: assertion could not be proved +OpaqueConstants.dfy(56,6): Error: assertion could not be proved +OpaqueConstants.dfy(58,6): Error: assertion could not be proved +OpaqueConstants.dfy(60,6): Error: assertion could not be proved +OpaqueConstants.dfy(73,8): Error: assertion could not be proved +OpaqueConstants.dfy(82,6): Error: assertion could not be proved +OpaqueConstants.dfy(84,6): Error: assertion could not be proved +OpaqueConstants.dfy(86,6): Error: assertion could not be proved +OpaqueConstants.dfy(99,8): Error: assertion could not be proved Dafny program verifier finished with 3 verified, 10 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/OpaqueFunctions.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/OpaqueFunctions.dfy.expect index 8cb7a612b70..831028348dd 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/OpaqueFunctions.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/OpaqueFunctions.dfy.expect @@ -1,38 +1,38 @@ -OpaqueFunctions.dfy(214,2): Error: assertion might not hold -OpaqueFunctions.dfy(229,2): Error: assertion might not hold -OpaqueFunctions.dfy(38,6): Error: assertion might not hold +OpaqueFunctions.dfy(214,2): Error: assertion could not be proved +OpaqueFunctions.dfy(229,2): Error: assertion could not be proved +OpaqueFunctions.dfy(38,6): Error: assertion could not be proved OpaqueFunctions.dfy(69,7): Error: a precondition for this call could not be proved OpaqueFunctions.dfy(35,20): Related location: this is the precondition that could not be proved -OpaqueFunctions.dfy(75,4): Error: assertion might not hold -OpaqueFunctions.dfy(77,6): Error: assertion might not hold -OpaqueFunctions.dfy(80,6): Error: assertion might not hold -OpaqueFunctions.dfy(96,8): Error: assertion might not hold +OpaqueFunctions.dfy(75,4): Error: assertion could not be proved +OpaqueFunctions.dfy(77,6): Error: assertion could not be proved +OpaqueFunctions.dfy(80,6): Error: assertion could not be proved +OpaqueFunctions.dfy(96,8): Error: assertion could not be proved OpaqueFunctions.dfy(98,11): Error: a precondition for this call could not be proved OpaqueFunctions.dfy(35,20): Related location: this is the precondition that could not be proved OpaqueFunctions.dfy(43,7): Related location: refining module -OpaqueFunctions.dfy(102,6): Error: assertion might not hold -OpaqueFunctions.dfy(109,4): Error: assertion might not hold -OpaqueFunctions.dfy(111,6): Error: assertion might not hold -OpaqueFunctions.dfy(114,6): Error: assertion might not hold -OpaqueFunctions.dfy(123,31): Error: assertion might not hold -OpaqueFunctions.dfy(146,6): Error: assertion might not hold +OpaqueFunctions.dfy(102,6): Error: assertion could not be proved +OpaqueFunctions.dfy(109,4): Error: assertion could not be proved +OpaqueFunctions.dfy(111,6): Error: assertion could not be proved +OpaqueFunctions.dfy(114,6): Error: assertion could not be proved +OpaqueFunctions.dfy(123,31): Error: assertion could not be proved +OpaqueFunctions.dfy(146,6): Error: assertion could not be proved OpaqueFunctions.dfy(148,9): Error: a precondition for this call could not be proved OpaqueFunctions.dfy(35,20): Related location: this is the precondition that could not be proved OpaqueFunctions.dfy(43,7): Related location: refining module -OpaqueFunctions.dfy(155,4): Error: assertion might not hold -OpaqueFunctions.dfy(157,6): Error: assertion might not hold -OpaqueFunctions.dfy(160,6): Error: assertion might not hold -OpaqueFunctions.dfy(165,31): Error: assertion might not hold -OpaqueFunctions.dfy(181,4): Error: assertion might not hold -OpaqueFunctions.dfy(246,12): Error: assertion might not hold -OpaqueFunctions.dfy(261,12): Error: assertion might not hold -OpaqueFunctions.dfy(326,6): Error: assertion might not hold -OpaqueFunctions.dfy(328,6): Error: assertion might not hold -OpaqueFunctions.dfy(330,6): Error: assertion might not hold -OpaqueFunctions.dfy(343,8): Error: assertion might not hold -OpaqueFunctions.dfy(350,6): Error: assertion might not hold -OpaqueFunctions.dfy(352,6): Error: assertion might not hold -OpaqueFunctions.dfy(354,6): Error: assertion might not hold -OpaqueFunctions.dfy(367,8): Error: assertion might not hold +OpaqueFunctions.dfy(155,4): Error: assertion could not be proved +OpaqueFunctions.dfy(157,6): Error: assertion could not be proved +OpaqueFunctions.dfy(160,6): Error: assertion could not be proved +OpaqueFunctions.dfy(165,31): Error: assertion could not be proved +OpaqueFunctions.dfy(181,4): Error: assertion could not be proved +OpaqueFunctions.dfy(246,12): Error: assertion could not be proved +OpaqueFunctions.dfy(261,12): Error: assertion could not be proved +OpaqueFunctions.dfy(326,6): Error: assertion could not be proved +OpaqueFunctions.dfy(328,6): Error: assertion could not be proved +OpaqueFunctions.dfy(330,6): Error: assertion could not be proved +OpaqueFunctions.dfy(343,8): Error: assertion could not be proved +OpaqueFunctions.dfy(350,6): Error: assertion could not be proved +OpaqueFunctions.dfy(352,6): Error: assertion could not be proved +OpaqueFunctions.dfy(354,6): Error: assertion could not be proved +OpaqueFunctions.dfy(367,8): Error: assertion could not be proved Dafny program verifier finished with 18 verified, 31 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/PredExpr.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/PredExpr.dfy.expect index eac7f88f1a0..849e151b240 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/PredExpr.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/PredExpr.dfy.expect @@ -1,6 +1,6 @@ -PredExpr.dfy(7,2): Error: assertion might not hold +PredExpr.dfy(7,2): Error: assertion could not be proved PredExpr.dfy(39,14): Error: value does not satisfy the subset constraints of 'nat' -PredExpr.dfy(52,7): Error: assertion might not hold -PredExpr.dfy(77,4): Error: assertion might not hold +PredExpr.dfy(52,7): Error: assertion could not be proved +PredExpr.dfy(77,4): Error: assertion could not be proved Dafny program verifier finished with 6 verified, 4 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Predicates.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Predicates.dfy.expect index 7dd91a5486b..a13017aed82 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Predicates.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Predicates.dfy.expect @@ -1,5 +1,5 @@ -Predicates.dfy(62,4): Error: assertion might not hold -Predicates.dfy(66,4): Error: assertion might not hold +Predicates.dfy(62,4): Error: assertion could not be proved +Predicates.dfy(66,4): Error: assertion could not be proved Predicates.dfy(105,4): Error: a postcondition could not be proved on this return path Predicates.dfy(104,14): Related location: this is the postcondition that could not be proved diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Protected.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Protected.dfy.expect index 16b928f6e56..3558c160a19 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Protected.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Protected.dfy.expect @@ -1,7 +1,7 @@ -Protected.dfy(21,8): Error: assertion might not hold -Protected.dfy(35,6): Error: assertion might not hold -Protected.dfy(39,4): Error: assertion might not hold -Protected.dfy(52,4): Error: assertion might not hold -Protected.dfy(59,4): Error: assertion might not hold +Protected.dfy(21,8): Error: assertion could not be proved +Protected.dfy(35,6): Error: assertion could not be proved +Protected.dfy(39,4): Error: assertion could not be proved +Protected.dfy(52,4): Error: assertion could not be proved +Protected.dfy(59,4): Error: assertion could not be proved Dafny program verifier finished with 3 verified, 5 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/QuantificationNewSyntax.dfy b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/QuantificationNewSyntax.dfy index 30cb8e61eab..a99302a8b95 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/QuantificationNewSyntax.dfy +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/QuantificationNewSyntax.dfy @@ -10,7 +10,7 @@ module {:options "/quantifierSyntax:4"} NewSyntax { var numbers := [0, 1, 2, 3]; var _ := set x <- numbers, y | y == 6 / x :: y; // Error: possible division by zero var _ := set x <- numbers | 0 < x, y | y == 6 / x :: y; // Success - var _ := set x <- numbers, y <- F(x) :: y; // Error: function precondition might not hold + var _ := set x <- numbers, y <- F(x) :: y; // Error: function precondition could not be proved var _ := set x <- numbers | x < 3, y <- F(x) :: y; // Success var _ := set x <- numbers | x < 3, y <- F(x) :: y as nat; // Error: result of operation might violate subset type constraint for 'nat' var _ := set x <- numbers | x < 3, y <- F(x) | 0 <= y :: y as nat; // Success diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/QuantificationNewSyntax.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/QuantificationNewSyntax.dfy.expect index 6939944b5ce..4259de0b1ba 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/QuantificationNewSyntax.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/QuantificationNewSyntax.dfy.expect @@ -3,6 +3,6 @@ QuantificationNewSyntax.dfy(12,13): Warning: Could not find a trigger for this q QuantificationNewSyntax.dfy(11,42): Error: possible division by zero QuantificationNewSyntax.dfy(13,37): Error: function precondition could not be proved QuantificationNewSyntax.dfy(19,48): Related location: this proposition could not be proved -QuantificationNewSyntax.dfy(15,54): Error: result of operation might violate subset type constraint for 'nat' +QuantificationNewSyntax.dfy(15,54): Error: result of operation could not be proved to satisfy subset type constraint for 'nat' Dafny program verifier finished with 0 verified, 3 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ReadsOnMethods.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ReadsOnMethods.dfy.expect index 66c479d0e7b..5082cf091fe 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ReadsOnMethods.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ReadsOnMethods.dfy.expect @@ -26,12 +26,12 @@ ReadsOnMethods.dfy(411,13): Error: insufficient reads clause to read field; Cons ReadsOnMethods.dfy(413,4): Error: insufficient reads clause to read field; Consider adding 'reads b' or 'reads b`x' in the enclosing method specification for resolution ReadsOnMethods.dfy(427,10): Error: insufficient reads clause to read array element; Consider adding 'reads a' in the enclosing method specification for resolution ReadsOnMethods.dfy(436,10): Error: insufficient reads clause to read array element; Consider adding 'reads a' in the enclosing method specification for resolution -ReadsOnMethods.dfy(469,9): Error: method might read an object not in the parent trait context's reads clause +ReadsOnMethods.dfy(469,9): Error: accessed object in method could not be proved to be in the parent trait's reads clause ReadsOnMethods.dfy(479,26): Error: insufficient reads clause to call ReadsOnMethods.dfy(484,24): Error: insufficient reads clause to call ReadsOnMethods.dfy(494,35): Error: insufficient reads clause to call ReadsOnMethods.dfy(499,18): Error: insufficient reads clause to invoke function -ReadsOnMethods.dfy(505,14): Error: assertion might not hold +ReadsOnMethods.dfy(505,14): Error: assertion could not be proved ReadsOnMethods.dfy(516,11): Related location: this proposition could not be proved ReadsOnMethods.dfy(523,13): Error: insufficient reads clause to read field; Consider adding 'reads b' or 'reads b`x' in the enclosing method specification for resolution ReadsOnMethods.dfy(530,50): Error: insufficient reads clause to read field; Mutable fields cannot be accessed within certain scopes, such as default values, the right-hand side of constants, or co-recursive calls diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/RealCompare.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/RealCompare.dfy.expect index b3cbeda14a5..8c7dc9cb71d 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/RealCompare.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/RealCompare.dfy.expect @@ -1,7 +1,7 @@ -RealCompare.dfy(35,5): Error: decreases clause might not decrease +RealCompare.dfy(35,5): Error: decreases clause could not be proved to decrease RealCompare.dfy(50,3): Error: decreases expression must be bounded below by 0.0 RealCompare.dfy(48,12): Related location: this decreases clause was not satisfied -RealCompare.dfy(141,2): Error: assertion might not hold -RealCompare.dfy(156,2): Error: assertion might not hold +RealCompare.dfy(141,2): Error: assertion could not be proved +RealCompare.dfy(156,2): Error: assertion could not be proved Dafny program verifier finished with 10 verified, 4 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/RealTypes.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/RealTypes.dfy.expect index bcfb5bbe432..0408a872187 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/RealTypes.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/RealTypes.dfy.expect @@ -1,7 +1,7 @@ RealTypes.dfy(12,17): Error: the real-based number must be an integer (if you want truncation, apply .Floor to the real-based number) -RealTypes.dfy(14,6): Error: assertion might not hold -RealTypes.dfy(21,2): Error: assertion might not hold +RealTypes.dfy(14,6): Error: assertion could not be proved +RealTypes.dfy(21,2): Error: assertion could not be proved RealTypes.dfy(21,11): Error: possible division by zero -RealTypes.dfy(29,2): Error: assertion might not hold +RealTypes.dfy(29,2): Error: assertion could not be proved Dafny program verifier finished with 2 verified, 5 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Refinement.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Refinement.dfy.expect index 7a98d936003..e638ee6ef6d 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Refinement.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Refinement.dfy.expect @@ -20,17 +20,17 @@ Refinement.dfy(15,4): Error: a postcondition could not be proved on this return Refinement.dfy(14,16): Related location: this is the postcondition that could not be proved Refinement.dfy(15,4): Error: a postcondition could not be proved on this return path Refinement.dfy(33,19): Related location: this is the postcondition that could not be proved -Refinement.dfy(69,6): Error: assertion might not hold -Refinement.dfy(80,4): Error: assertion might not hold +Refinement.dfy(69,6): Error: assertion could not be proved +Refinement.dfy(80,4): Error: assertion could not be proved Refinement.dfy(100,4): Error: a postcondition could not be proved on this return path Refinement.dfy(78,14): Related location: this is the postcondition that could not be proved Refinement.dfy(102,2): Error: a postcondition could not be proved on this return path Refinement.dfy(83,14): Related location: this is the postcondition that could not be proved -Refinement.dfy(198,6): Error: assertion might not hold +Refinement.dfy(198,6): Error: assertion could not be proved Refinement.dfy(122,18): Related location: refined proposition -Refinement.dfy(204,6): Error: assertion might not hold +Refinement.dfy(204,6): Error: assertion could not be proved Refinement.dfy(131,18): Related location: refined proposition -Refinement.dfy(209,6): Error: assertion might not hold +Refinement.dfy(209,6): Error: assertion could not be proved Refinement.dfy(137,23): Related location: refined proposition Refinement.dfy(253,6): Error: a postcondition could not be proved on this return path Refinement.dfy(223,19): Related location: this is the postcondition that could not be proved diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ResultInTypeNewtype.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ResultInTypeNewtype.dfy.expect index fea948311bc..9e73543895a 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ResultInTypeNewtype.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ResultInTypeNewtype.dfy.expect @@ -1,93 +1,93 @@ ResultInTypeNewtype.dfy(9,10): Error: cannot find witness that shows type is inhabited (only tried false); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type -ResultInTypeNewtype.dfy(12,9): Error: result of operation might violate newtype constraint for 'False' -ResultInTypeNewtype.dfy(18,11): Error: result of operation might violate newtype constraint for 'False' -ResultInTypeNewtype.dfy(20,13): Error: result of operation might violate newtype constraint for 'False' -ResultInTypeNewtype.dfy(22,13): Error: result of operation might violate newtype constraint for 'False' -ResultInTypeNewtype.dfy(24,13): Error: result of operation might violate newtype constraint for 'False' -ResultInTypeNewtype.dfy(26,13): Error: result of operation might violate newtype constraint for 'False' -ResultInTypeNewtype.dfy(31,11): Error: result of operation might violate newtype constraint for 'False' -ResultInTypeNewtype.dfy(35,11): Error: result of operation might violate newtype constraint for 'False' -ResultInTypeNewtype.dfy(40,9): Error: result of operation might violate newtype constraint for 'False' -ResultInTypeNewtype.dfy(44,9): Error: result of operation might violate newtype constraint for 'False' -ResultInTypeNewtype.dfy(50,9): Error: result of operation might violate newtype constraint for 'False' +ResultInTypeNewtype.dfy(12,9): Error: result of operation could not be proved to satisfy newtype constraint for 'False' +ResultInTypeNewtype.dfy(18,11): Error: result of operation could not be proved to satisfy newtype constraint for 'False' +ResultInTypeNewtype.dfy(20,13): Error: result of operation could not be proved to satisfy newtype constraint for 'False' +ResultInTypeNewtype.dfy(22,13): Error: result of operation could not be proved to satisfy newtype constraint for 'False' +ResultInTypeNewtype.dfy(24,13): Error: result of operation could not be proved to satisfy newtype constraint for 'False' +ResultInTypeNewtype.dfy(26,13): Error: result of operation could not be proved to satisfy newtype constraint for 'False' +ResultInTypeNewtype.dfy(31,11): Error: result of operation could not be proved to satisfy newtype constraint for 'False' +ResultInTypeNewtype.dfy(35,11): Error: result of operation could not be proved to satisfy newtype constraint for 'False' +ResultInTypeNewtype.dfy(40,9): Error: result of operation could not be proved to satisfy newtype constraint for 'False' +ResultInTypeNewtype.dfy(44,9): Error: result of operation could not be proved to satisfy newtype constraint for 'False' +ResultInTypeNewtype.dfy(50,9): Error: result of operation could not be proved to satisfy newtype constraint for 'False' ResultInTypeNewtype.dfy(55,10): Error: cannot find witness that shows type is inhabited (only tried 0); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type ResultInTypeNewtype.dfy(55,27): Related location: this proposition could not be proved -ResultInTypeNewtype.dfy(58,9): Error: result of operation might violate newtype constraint for 'Int' -ResultInTypeNewtype.dfy(64,11): Error: result of operation might violate newtype constraint for 'Int' -ResultInTypeNewtype.dfy(66,13): Error: result of operation might violate newtype constraint for 'Int' -ResultInTypeNewtype.dfy(68,13): Error: result of operation might violate newtype constraint for 'Int' -ResultInTypeNewtype.dfy(70,13): Error: result of operation might violate newtype constraint for 'Int' -ResultInTypeNewtype.dfy(72,13): Error: result of operation might violate newtype constraint for 'Int' -ResultInTypeNewtype.dfy(76,11): Error: result of operation might violate newtype constraint for 'Int' +ResultInTypeNewtype.dfy(58,9): Error: result of operation could not be proved to satisfy newtype constraint for 'Int' +ResultInTypeNewtype.dfy(64,11): Error: result of operation could not be proved to satisfy newtype constraint for 'Int' +ResultInTypeNewtype.dfy(66,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Int' +ResultInTypeNewtype.dfy(68,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Int' +ResultInTypeNewtype.dfy(70,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Int' +ResultInTypeNewtype.dfy(72,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Int' +ResultInTypeNewtype.dfy(76,11): Error: result of operation could not be proved to satisfy newtype constraint for 'Int' ResultInTypeNewtype.dfy(81,10): Error: cannot find witness that shows type is inhabited (only tried 0.0); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type ResultInTypeNewtype.dfy(81,31): Related location: this proposition could not be proved -ResultInTypeNewtype.dfy(84,9): Error: result of operation might violate newtype constraint for 'Real' -ResultInTypeNewtype.dfy(90,11): Error: result of operation might violate newtype constraint for 'Real' -ResultInTypeNewtype.dfy(92,13): Error: result of operation might violate newtype constraint for 'Real' -ResultInTypeNewtype.dfy(94,13): Error: result of operation might violate newtype constraint for 'Real' -ResultInTypeNewtype.dfy(96,13): Error: result of operation might violate newtype constraint for 'Real' -ResultInTypeNewtype.dfy(98,13): Error: result of operation might violate newtype constraint for 'Real' -ResultInTypeNewtype.dfy(102,11): Error: result of operation might violate newtype constraint for 'Real' +ResultInTypeNewtype.dfy(84,9): Error: result of operation could not be proved to satisfy newtype constraint for 'Real' +ResultInTypeNewtype.dfy(90,11): Error: result of operation could not be proved to satisfy newtype constraint for 'Real' +ResultInTypeNewtype.dfy(92,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Real' +ResultInTypeNewtype.dfy(94,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Real' +ResultInTypeNewtype.dfy(96,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Real' +ResultInTypeNewtype.dfy(98,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Real' +ResultInTypeNewtype.dfy(102,11): Error: result of operation could not be proved to satisfy newtype constraint for 'Real' ResultInTypeNewtype.dfy(107,10): Error: cannot find witness that shows type is inhabited (only tried 0); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type ResultInTypeNewtype.dfy(107,26): Related location: this proposition could not be proved -ResultInTypeNewtype.dfy(110,9): Error: result of operation might violate newtype constraint for 'Bv' -ResultInTypeNewtype.dfy(116,11): Error: result of operation might violate newtype constraint for 'Bv' -ResultInTypeNewtype.dfy(118,13): Error: result of operation might violate newtype constraint for 'Bv' -ResultInTypeNewtype.dfy(120,13): Error: result of operation might violate newtype constraint for 'Bv' -ResultInTypeNewtype.dfy(122,13): Error: result of operation might violate newtype constraint for 'Bv' -ResultInTypeNewtype.dfy(124,13): Error: result of operation might violate newtype constraint for 'Bv' -ResultInTypeNewtype.dfy(130,11): Error: result of operation might violate newtype constraint for 'Bv' -ResultInTypeNewtype.dfy(132,13): Error: result of operation might violate newtype constraint for 'Bv' -ResultInTypeNewtype.dfy(134,13): Error: result of operation might violate newtype constraint for 'Bv' -ResultInTypeNewtype.dfy(136,13): Error: result of operation might violate newtype constraint for 'Bv' -ResultInTypeNewtype.dfy(142,13): Error: result of operation might violate newtype constraint for 'Bv' -ResultInTypeNewtype.dfy(144,13): Error: result of operation might violate newtype constraint for 'Bv' -ResultInTypeNewtype.dfy(148,11): Error: result of operation might violate newtype constraint for 'Bv' +ResultInTypeNewtype.dfy(110,9): Error: result of operation could not be proved to satisfy newtype constraint for 'Bv' +ResultInTypeNewtype.dfy(116,11): Error: result of operation could not be proved to satisfy newtype constraint for 'Bv' +ResultInTypeNewtype.dfy(118,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Bv' +ResultInTypeNewtype.dfy(120,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Bv' +ResultInTypeNewtype.dfy(122,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Bv' +ResultInTypeNewtype.dfy(124,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Bv' +ResultInTypeNewtype.dfy(130,11): Error: result of operation could not be proved to satisfy newtype constraint for 'Bv' +ResultInTypeNewtype.dfy(132,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Bv' +ResultInTypeNewtype.dfy(134,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Bv' +ResultInTypeNewtype.dfy(136,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Bv' +ResultInTypeNewtype.dfy(142,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Bv' +ResultInTypeNewtype.dfy(144,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Bv' +ResultInTypeNewtype.dfy(148,11): Error: result of operation could not be proved to satisfy newtype constraint for 'Bv' ResultInTypeNewtype.dfy(153,10): Error: cannot find witness that shows type is inhabited (only tried 'D'); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type ResultInTypeNewtype.dfy(153,31): Related location: this proposition could not be proved -ResultInTypeNewtype.dfy(156,9): Error: result of operation might violate newtype constraint for 'Char' -ResultInTypeNewtype.dfy(162,13): Error: result of operation might violate newtype constraint for 'Char' -ResultInTypeNewtype.dfy(164,13): Error: char subtraction might underflow -ResultInTypeNewtype.dfy(164,13): Error: result of operation might violate newtype constraint for 'Char' -ResultInTypeNewtype.dfy(168,11): Error: result of operation might violate newtype constraint for 'Char' +ResultInTypeNewtype.dfy(156,9): Error: result of operation could not be proved to satisfy newtype constraint for 'Char' +ResultInTypeNewtype.dfy(162,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Char' +ResultInTypeNewtype.dfy(164,13): Error: char subtraction could not be proved to remain above minimum +ResultInTypeNewtype.dfy(164,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Char' +ResultInTypeNewtype.dfy(168,11): Error: result of operation could not be proved to satisfy newtype constraint for 'Char' ResultInTypeNewtype.dfy(173,10): Error: cannot find witness that shows type is inhabited (only tried {}); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type -ResultInTypeNewtype.dfy(178,11): Error: result of operation might violate newtype constraint for 'IntSet' -ResultInTypeNewtype.dfy(180,11): Error: result of operation might violate newtype constraint for 'IntSet' -ResultInTypeNewtype.dfy(184,11): Error: result of operation might violate newtype constraint for 'IntSet' -ResultInTypeNewtype.dfy(186,11): Error: result of operation might violate newtype constraint for 'IntSet' -ResultInTypeNewtype.dfy(192,13): Error: result of operation might violate newtype constraint for 'IntSet' -ResultInTypeNewtype.dfy(194,13): Error: result of operation might violate newtype constraint for 'IntSet' -ResultInTypeNewtype.dfy(196,13): Error: result of operation might violate newtype constraint for 'IntSet' -ResultInTypeNewtype.dfy(198,13): Error: result of operation might violate newtype constraint for 'IntSet' +ResultInTypeNewtype.dfy(178,11): Error: result of operation could not be proved to satisfy newtype constraint for 'IntSet' +ResultInTypeNewtype.dfy(180,11): Error: result of operation could not be proved to satisfy newtype constraint for 'IntSet' +ResultInTypeNewtype.dfy(184,11): Error: result of operation could not be proved to satisfy newtype constraint for 'IntSet' +ResultInTypeNewtype.dfy(186,11): Error: result of operation could not be proved to satisfy newtype constraint for 'IntSet' +ResultInTypeNewtype.dfy(192,13): Error: result of operation could not be proved to satisfy newtype constraint for 'IntSet' +ResultInTypeNewtype.dfy(194,13): Error: result of operation could not be proved to satisfy newtype constraint for 'IntSet' +ResultInTypeNewtype.dfy(196,13): Error: result of operation could not be proved to satisfy newtype constraint for 'IntSet' +ResultInTypeNewtype.dfy(198,13): Error: result of operation could not be proved to satisfy newtype constraint for 'IntSet' ResultInTypeNewtype.dfy(203,10): Error: cannot find witness that shows type is inhabited (only tried iset{}); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type -ResultInTypeNewtype.dfy(208,11): Error: result of operation might violate newtype constraint for 'IntIset' -ResultInTypeNewtype.dfy(210,11): Error: result of operation might violate newtype constraint for 'IntIset' -ResultInTypeNewtype.dfy(214,11): Error: result of operation might violate newtype constraint for 'IntIset' -ResultInTypeNewtype.dfy(216,11): Error: result of operation might violate newtype constraint for 'IntIset' -ResultInTypeNewtype.dfy(222,13): Error: result of operation might violate newtype constraint for 'IntIset' -ResultInTypeNewtype.dfy(224,13): Error: result of operation might violate newtype constraint for 'IntIset' -ResultInTypeNewtype.dfy(226,13): Error: result of operation might violate newtype constraint for 'IntIset' -ResultInTypeNewtype.dfy(228,13): Error: result of operation might violate newtype constraint for 'IntIset' +ResultInTypeNewtype.dfy(208,11): Error: result of operation could not be proved to satisfy newtype constraint for 'IntIset' +ResultInTypeNewtype.dfy(210,11): Error: result of operation could not be proved to satisfy newtype constraint for 'IntIset' +ResultInTypeNewtype.dfy(214,11): Error: result of operation could not be proved to satisfy newtype constraint for 'IntIset' +ResultInTypeNewtype.dfy(216,11): Error: result of operation could not be proved to satisfy newtype constraint for 'IntIset' +ResultInTypeNewtype.dfy(222,13): Error: result of operation could not be proved to satisfy newtype constraint for 'IntIset' +ResultInTypeNewtype.dfy(224,13): Error: result of operation could not be proved to satisfy newtype constraint for 'IntIset' +ResultInTypeNewtype.dfy(226,13): Error: result of operation could not be proved to satisfy newtype constraint for 'IntIset' +ResultInTypeNewtype.dfy(228,13): Error: result of operation could not be proved to satisfy newtype constraint for 'IntIset' ResultInTypeNewtype.dfy(233,10): Error: cannot find witness that shows type is inhabited (only tried multiset{}); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type -ResultInTypeNewtype.dfy(238,11): Error: result of operation might violate newtype constraint for 'Multiset' -ResultInTypeNewtype.dfy(240,11): Error: result of operation might violate newtype constraint for 'Multiset' -ResultInTypeNewtype.dfy(248,13): Error: result of operation might violate newtype constraint for 'Multiset' -ResultInTypeNewtype.dfy(250,13): Error: result of operation might violate newtype constraint for 'Multiset' -ResultInTypeNewtype.dfy(252,13): Error: result of operation might violate newtype constraint for 'Multiset' -ResultInTypeNewtype.dfy(254,13): Error: result of operation might violate newtype constraint for 'Multiset' -ResultInTypeNewtype.dfy(260,19): Error: result of operation might violate newtype constraint for 'Multiset' -ResultInTypeNewtype.dfy(262,19): Error: result of operation might violate newtype constraint for 'Multiset' +ResultInTypeNewtype.dfy(238,11): Error: result of operation could not be proved to satisfy newtype constraint for 'Multiset' +ResultInTypeNewtype.dfy(240,11): Error: result of operation could not be proved to satisfy newtype constraint for 'Multiset' +ResultInTypeNewtype.dfy(248,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Multiset' +ResultInTypeNewtype.dfy(250,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Multiset' +ResultInTypeNewtype.dfy(252,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Multiset' +ResultInTypeNewtype.dfy(254,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Multiset' +ResultInTypeNewtype.dfy(260,19): Error: result of operation could not be proved to satisfy newtype constraint for 'Multiset' +ResultInTypeNewtype.dfy(262,19): Error: result of operation could not be proved to satisfy newtype constraint for 'Multiset' ResultInTypeNewtype.dfy(269,10): Error: cannot find witness that shows type is inhabited (only tried []); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type -ResultInTypeNewtype.dfy(276,11): Error: result of operation might violate newtype constraint for 'Seq' -ResultInTypeNewtype.dfy(282,11): Error: result of operation might violate newtype constraint for 'String' -ResultInTypeNewtype.dfy(288,13): Error: result of operation might violate newtype constraint for 'Seq' -ResultInTypeNewtype.dfy(290,13): Error: result of operation might violate newtype constraint for 'Seq' -ResultInTypeNewtype.dfy(296,12): Error: result of operation might violate newtype constraint for 'Seq' -ResultInTypeNewtype.dfy(298,12): Error: result of operation might violate newtype constraint for 'Seq' -ResultInTypeNewtype.dfy(300,12): Error: result of operation might violate newtype constraint for 'Seq' -ResultInTypeNewtype.dfy(310,12): Error: result of operation might violate newtype constraint for 'Seq' -ResultInTypeNewtype.dfy(312,12): Error: result of operation might violate newtype constraint for 'Seq' -ResultInTypeNewtype.dfy(314,12): Error: result of operation might violate newtype constraint for 'Seq' -ResultInTypeNewtype.dfy(316,12): Error: result of operation might violate newtype constraint for 'Seq' +ResultInTypeNewtype.dfy(276,11): Error: result of operation could not be proved to satisfy newtype constraint for 'Seq' +ResultInTypeNewtype.dfy(282,11): Error: result of operation could not be proved to satisfy newtype constraint for 'String' +ResultInTypeNewtype.dfy(288,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Seq' +ResultInTypeNewtype.dfy(290,13): Error: result of operation could not be proved to satisfy newtype constraint for 'Seq' +ResultInTypeNewtype.dfy(296,12): Error: result of operation could not be proved to satisfy newtype constraint for 'Seq' +ResultInTypeNewtype.dfy(298,12): Error: result of operation could not be proved to satisfy newtype constraint for 'Seq' +ResultInTypeNewtype.dfy(300,12): Error: result of operation could not be proved to satisfy newtype constraint for 'Seq' +ResultInTypeNewtype.dfy(310,12): Error: result of operation could not be proved to satisfy newtype constraint for 'Seq' +ResultInTypeNewtype.dfy(312,12): Error: result of operation could not be proved to satisfy newtype constraint for 'Seq' +ResultInTypeNewtype.dfy(314,12): Error: result of operation could not be proved to satisfy newtype constraint for 'Seq' +ResultInTypeNewtype.dfy(316,12): Error: result of operation could not be proved to satisfy newtype constraint for 'Seq' Dafny program verifier finished with 3 verified, 87 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ResultInTypeSubsetType.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ResultInTypeSubsetType.dfy.expect index d3a2bec85b5..c62488a40a5 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ResultInTypeSubsetType.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ResultInTypeSubsetType.dfy.expect @@ -1,12 +1,12 @@ ResultInTypeSubsetType.dfy(9,7): Error: cannot find witness that shows type is inhabited (only tried false); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type ResultInTypeSubsetType.dfy(12,9): Error: value does not satisfy the subset constraints of 'False' -ResultInTypeSubsetType.dfy(18,11): Error: result of operation might violate subset type constraint for 'False' +ResultInTypeSubsetType.dfy(18,11): Error: result of operation could not be proved to satisfy subset type constraint for 'False' ResultInTypeSubsetType.dfy(20,13): Error: value does not satisfy the subset constraints of 'False' ResultInTypeSubsetType.dfy(22,13): Error: value does not satisfy the subset constraints of 'False' ResultInTypeSubsetType.dfy(24,13): Error: value does not satisfy the subset constraints of 'False' ResultInTypeSubsetType.dfy(26,13): Error: value does not satisfy the subset constraints of 'False' ResultInTypeSubsetType.dfy(31,11): Error: value does not satisfy the subset constraints of 'False' -ResultInTypeSubsetType.dfy(35,11): Error: result of operation might violate subset type constraint for 'False' +ResultInTypeSubsetType.dfy(35,11): Error: result of operation could not be proved to satisfy subset type constraint for 'False' ResultInTypeSubsetType.dfy(40,9): Error: value does not satisfy the subset constraints of 'False' ResultInTypeSubsetType.dfy(44,9): Error: value does not satisfy the subset constraints of 'False' ResultInTypeSubsetType.dfy(50,9): Error: value does not satisfy the subset constraints of 'False' @@ -18,7 +18,7 @@ ResultInTypeSubsetType.dfy(66,13): Error: value does not satisfy the subset cons ResultInTypeSubsetType.dfy(68,13): Error: value does not satisfy the subset constraints of 'Int' ResultInTypeSubsetType.dfy(70,13): Error: value does not satisfy the subset constraints of 'Int' ResultInTypeSubsetType.dfy(72,13): Error: value does not satisfy the subset constraints of 'Int' -ResultInTypeSubsetType.dfy(76,11): Error: result of operation might violate subset type constraint for 'Int' +ResultInTypeSubsetType.dfy(76,11): Error: result of operation could not be proved to satisfy subset type constraint for 'Int' ResultInTypeSubsetType.dfy(81,7): Error: cannot find witness that shows type is inhabited (only tried 0.0); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type ResultInTypeSubsetType.dfy(81,28): Related location: this proposition could not be proved ResultInTypeSubsetType.dfy(84,9): Error: value does not satisfy the subset constraints of 'Real' @@ -27,7 +27,7 @@ ResultInTypeSubsetType.dfy(92,13): Error: value does not satisfy the subset cons ResultInTypeSubsetType.dfy(94,13): Error: value does not satisfy the subset constraints of 'Real' ResultInTypeSubsetType.dfy(96,13): Error: value does not satisfy the subset constraints of 'Real' ResultInTypeSubsetType.dfy(98,13): Error: value does not satisfy the subset constraints of 'Real' -ResultInTypeSubsetType.dfy(102,11): Error: result of operation might violate subset type constraint for 'Real' +ResultInTypeSubsetType.dfy(102,11): Error: result of operation could not be proved to satisfy subset type constraint for 'Real' ResultInTypeSubsetType.dfy(107,7): Error: cannot find witness that shows type is inhabited (only tried 0); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type ResultInTypeSubsetType.dfy(107,23): Related location: this proposition could not be proved ResultInTypeSubsetType.dfy(110,9): Error: value does not satisfy the subset constraints of 'Bv' @@ -36,20 +36,20 @@ ResultInTypeSubsetType.dfy(118,13): Error: value does not satisfy the subset con ResultInTypeSubsetType.dfy(120,13): Error: value does not satisfy the subset constraints of 'Bv' ResultInTypeSubsetType.dfy(122,13): Error: value does not satisfy the subset constraints of 'Bv' ResultInTypeSubsetType.dfy(124,13): Error: value does not satisfy the subset constraints of 'Bv' -ResultInTypeSubsetType.dfy(130,11): Error: result of operation might violate subset type constraint for 'Bv' +ResultInTypeSubsetType.dfy(130,11): Error: result of operation could not be proved to satisfy subset type constraint for 'Bv' ResultInTypeSubsetType.dfy(132,13): Error: value does not satisfy the subset constraints of 'Bv' ResultInTypeSubsetType.dfy(134,13): Error: value does not satisfy the subset constraints of 'Bv' ResultInTypeSubsetType.dfy(136,13): Error: value does not satisfy the subset constraints of 'Bv' ResultInTypeSubsetType.dfy(142,13): Error: value does not satisfy the subset constraints of 'Bv' ResultInTypeSubsetType.dfy(144,13): Error: value does not satisfy the subset constraints of 'Bv' -ResultInTypeSubsetType.dfy(148,11): Error: result of operation might violate subset type constraint for 'Bv' +ResultInTypeSubsetType.dfy(148,11): Error: result of operation could not be proved to satisfy subset type constraint for 'Bv' ResultInTypeSubsetType.dfy(153,7): Error: cannot find witness that shows type is inhabited (only tried 'D'); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type ResultInTypeSubsetType.dfy(153,28): Related location: this proposition could not be proved ResultInTypeSubsetType.dfy(156,9): Error: value does not satisfy the subset constraints of 'Char' ResultInTypeSubsetType.dfy(162,13): Error: value does not satisfy the subset constraints of 'Char' -ResultInTypeSubsetType.dfy(164,13): Error: char subtraction might underflow +ResultInTypeSubsetType.dfy(164,13): Error: char subtraction could not be proved to remain above minimum ResultInTypeSubsetType.dfy(164,13): Error: value does not satisfy the subset constraints of 'Char' -ResultInTypeSubsetType.dfy(168,11): Error: result of operation might violate subset type constraint for 'Char' +ResultInTypeSubsetType.dfy(168,11): Error: result of operation could not be proved to satisfy subset type constraint for 'Char' ResultInTypeSubsetType.dfy(173,7): Error: cannot find witness that shows type is inhabited (only tried {}); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type ResultInTypeSubsetType.dfy(178,11): Error: value does not satisfy the subset constraints of 'IntSet' ResultInTypeSubsetType.dfy(180,11): Error: value does not satisfy the subset constraints of 'IntSet' @@ -58,7 +58,7 @@ ResultInTypeSubsetType.dfy(186,11): Error: value does not satisfy the subset con ResultInTypeSubsetType.dfy(192,13): Error: value does not satisfy the subset constraints of 'IntSet' ResultInTypeSubsetType.dfy(194,13): Error: value does not satisfy the subset constraints of 'IntSet' ResultInTypeSubsetType.dfy(196,13): Error: value does not satisfy the subset constraints of 'IntSet' -ResultInTypeSubsetType.dfy(198,13): Error: result of operation might violate subset type constraint for 'IntSet' +ResultInTypeSubsetType.dfy(198,13): Error: result of operation could not be proved to satisfy subset type constraint for 'IntSet' ResultInTypeSubsetType.dfy(203,7): Error: cannot find witness that shows type is inhabited (only tried iset{}); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type ResultInTypeSubsetType.dfy(208,11): Error: value does not satisfy the subset constraints of 'IntIset' ResultInTypeSubsetType.dfy(210,11): Error: value does not satisfy the subset constraints of 'IntIset' @@ -67,21 +67,21 @@ ResultInTypeSubsetType.dfy(216,11): Error: value does not satisfy the subset con ResultInTypeSubsetType.dfy(222,13): Error: value does not satisfy the subset constraints of 'IntIset' ResultInTypeSubsetType.dfy(224,13): Error: value does not satisfy the subset constraints of 'IntIset' ResultInTypeSubsetType.dfy(226,13): Error: value does not satisfy the subset constraints of 'IntIset' -ResultInTypeSubsetType.dfy(228,13): Error: result of operation might violate subset type constraint for 'IntIset' +ResultInTypeSubsetType.dfy(228,13): Error: result of operation could not be proved to satisfy subset type constraint for 'IntIset' ResultInTypeSubsetType.dfy(233,7): Error: cannot find witness that shows type is inhabited (only tried multiset{}); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type ResultInTypeSubsetType.dfy(238,11): Error: value does not satisfy the subset constraints of 'Multiset' ResultInTypeSubsetType.dfy(240,11): Error: value does not satisfy the subset constraints of 'Multiset' ResultInTypeSubsetType.dfy(248,13): Error: value does not satisfy the subset constraints of 'Multiset' ResultInTypeSubsetType.dfy(250,13): Error: value does not satisfy the subset constraints of 'Multiset' ResultInTypeSubsetType.dfy(252,13): Error: value does not satisfy the subset constraints of 'Multiset' -ResultInTypeSubsetType.dfy(254,13): Error: result of operation might violate subset type constraint for 'Multiset' +ResultInTypeSubsetType.dfy(254,13): Error: result of operation could not be proved to satisfy subset type constraint for 'Multiset' ResultInTypeSubsetType.dfy(260,19): Error: value does not satisfy the subset constraints of 'Multiset' ResultInTypeSubsetType.dfy(262,19): Error: value does not satisfy the subset constraints of 'Multiset' ResultInTypeSubsetType.dfy(269,7): Error: cannot find witness that shows type is inhabited (only tried []); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type ResultInTypeSubsetType.dfy(276,11): Error: value does not satisfy the subset constraints of 'Seq' ResultInTypeSubsetType.dfy(282,11): Error: value does not satisfy the subset constraints of 'String' ResultInTypeSubsetType.dfy(288,13): Error: value does not satisfy the subset constraints of 'Seq' -ResultInTypeSubsetType.dfy(290,13): Error: result of operation might violate subset type constraint for 'Seq' +ResultInTypeSubsetType.dfy(290,13): Error: result of operation could not be proved to satisfy subset type constraint for 'Seq' ResultInTypeSubsetType.dfy(296,12): Error: value does not satisfy the subset constraints of 'Seq' ResultInTypeSubsetType.dfy(298,12): Error: value does not satisfy the subset constraints of 'Seq' ResultInTypeSubsetType.dfy(300,12): Error: value does not satisfy the subset constraints of 'Seq' diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ScientificNotation.dfy b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ScientificNotation.dfy deleted file mode 100644 index f4f5667906c..00000000000 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ScientificNotation.dfy +++ /dev/null @@ -1,181 +0,0 @@ -// RUN: %testDafnyForEachResolver --expect-exit-code=0 "%s" - -// Comprehensive test for scientific notation, trailing-dot shorthand, and leading-dot shorthand - -method BasicScientificNotation() { - // Basic positive exponents - var a := 1.23e2; // 123.0 - var b := 2.5e1; // 25.0 - var c := 1.0e3; // 1000.0 - - // Basic negative exponents - var d := 1.23e-2; // 0.0123 - var e := 5.0e-1; // 0.5 - - // Zero exponent - var f := 1.23e0; // 1.23 - var g := 42.0e0; // 42.0 - var h := 1.23e-0; // 1.23 (same as e0) - - // Verify values - assert a == 123.0; - assert b == 25.0; - assert c == 1000.0; - assert d == 0.0123; - assert e == 0.5; - assert f == 1.23; - assert g == 42.0; - assert h == 1.23; -} - -method IntegerScientificNotation() { - // Integer base with scientific notation - var a := 5e2; // 500.0 - var b := 3e1; // 30.0 - var c := 7e0; // 7.0 - var d := 5e-1; // 0.5 - var e := 2e-2; // 0.02 - - assert a == 500.0; - assert b == 30.0; - assert c == 7.0; - assert d == 0.5; - assert e == 0.02; -} - -method TrailingDotShorthand() { - // Basic trailing-dot shorthand literals - var a := 1.; // 1.0 - var b := 123.; // 123.0 - var c := 0.; // 0.0 - - // Trailing dots with underscores - var d := 1_000.; // 1000.0 - - // Verify values - assert a == 1.0; - assert b == 123.0; - assert c == 0.0; - assert d == 1000.0; -} - -method LeadingDotShorthand() { - // Basic leading-dot shorthand literals (new feature) - var a := .5; // 0.5 - var b := .25; // 0.25 - var c := .123; // 0.123 - var d := .0; // 0.0 - - // Leading-dot with underscores - var e := .5_00; // 0.500 - var f := .1_23; // 0.123 - - // Verify values - assert a == 0.5; - assert b == 0.25; - assert c == 0.123; - assert d == 0.0; - assert e == 0.500; - assert f == 0.123; -} - -method LeadingDotScientificNotation() { - // Leading-dot shorthand with scientific notation (new feature) - var a := .5e2; // 50.0 - var b := .25e1; // 2.5 - var c := .123e3; // 123.0 - var d := .5e-1; // 0.05 - var e := .123e-4; // 0.0000123 - var f := .1e0; // 0.1 - - // Leading-dot shorthand scientific with underscores - var g := .5_00e2; // 50.0 - var h := .1_23e-2; // 0.00123 - - // Verify values - assert a == 50.0; - assert b == 2.5; - assert c == 123.0; - assert d == 0.05; - assert e == 0.0000123; - assert f == 0.1; - assert g == 50.0; - assert h == 0.00123; -} - -method TupleAccessCompatibility() { - // Verify that tuple member access still works (no conflict) - var tuple := (1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15); - var first := tuple.0; - var fifth := tuple.5; - var tenth := tuple.10; - var fifteenth := tuple.14; - - assert first == 1; - assert fifth == 6; - assert tenth == 11; - assert fifteenth == 15; -} - -method ScientificNotationArithmetic() { - // Arithmetic with scientific notation - var a := 1.5e2; // 150.0 - var b := 3.0e1; // 30.0 - var c := 2.0e-1; // 0.2 - - // Basic operations - assert a + b == 180.0; - assert a - b == 120.0; - assert a * c == 30.0; - assert a / b == 5.0; - - // Mixed with regular literals - assert a + 50.0 == 200.0; - assert b * 2.0 == 60.0; - - // Mixed with leading-dot shorthand literals - var d := .5e2; // 50.0 - assert a + d == 200.0; - assert d * 2.0 == 100.0; -} - -method UnderscoreSupport() { - // Scientific notation with underscores - var a := 1_234.567_8e2; // 123456.78 - var b := 5_000e-3; // 5.0 - var c := 1_000.0e1; // 10000.0 (proper syntax instead of 1_000.e1) - - // Leading-dot shorthand with underscores - var d := .5_00e2; // 50.0 - var e := .1_23e-4; // 0.0000123 - - // Verify values - assert a == 123456.78; - assert b == 5.0; - assert c == 10000.0; - assert d == 50.0; - assert e == 0.0000123; -} - -method EdgeCases() { - // Very small and very large numbers - var small := 1.0e-10; // 0.0000000001 - var large := 1.0e10; // 10000000000.0 - - // Zero with scientific notation - var zero1 := 0.0e5; // 0.0 - var zero2 := 0.0e-3; // 0.0 (proper syntax instead of 0.e-3) - var zero3 := .0e5; // 0.0 (leading-dot shorthand zero) - - // Leading-dot shorthand edge cases - var tiny := .1e-10; // 0.00000000001 - var huge := .1e10; // 1000000000.0 - - assert small == 0.0000000001; - assert large == 10000000000.0; - assert zero1 == 0.0; - assert zero2 == 0.0; - assert zero3 == 0.0; - assert tiny == 0.00000000001; - assert huge == 1000000000.0; -} diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ScientificNotation.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ScientificNotation.dfy.expect deleted file mode 100644 index 0825601cd97..00000000000 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ScientificNotation.dfy.expect +++ /dev/null @@ -1,2 +0,0 @@ - -Dafny program verifier finished with 9 verified, 0 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ScientificNotationErrors.dfy b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ScientificNotationErrors.dfy deleted file mode 100644 index 0325d07b533..00000000000 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ScientificNotationErrors.dfy +++ /dev/null @@ -1,56 +0,0 @@ -// RUN: %exits-with 2 %resolve "%s" > "%t" -// RUN: %diff "%s.expect" "%t" - -// Test error cases for scientific notation, trailing-dot shorthand, and leading-dot shorthand - -method MalformedScientificNotation() { - // Incomplete scientific notation - missing exponent - var a := 1.23e; // Error: incomplete - var b := 5e; // Error: incomplete (no trailing-dot shorthand syntax) - - // Invalid exponent syntax - var c := 1.23e+; // Error: missing digits after + - var d := 1.23e-; // Error: missing digits after - -} - -method InvalidUnderscorePlacement() { - // Invalid underscore before dot - var a := 1_.; // Error: underscore before dot - var b := 1_2_.; // Error: underscore before dot - - // Invalid underscore in exponent - var c := 1.23e_2; // Error: underscore at start of exponent - var d := 1.23e2_; // Error: underscore at end of exponent -} - -method InvalidCombinations() { - // Multiple e's - var a := 1.23e2e3; // Error: multiple exponents - - // Invalid characters in scientific notation - var b := 1.23f5; // Error: 'f' instead of 'e' - var c := 1.23E2; // Error: uppercase 'E' not supported -} - -method InvalidLeadingDotShorthand() { - // Leading-dot shorthand with space (should be error due to tokenization) - var a := . 5; // Error: space between dot and digits - var b := . 5e2; // Error: space between dot and digits - - // Invalid leading-dot shorthand combinations - var c := ..5; // Error: double dot - var d := .e2; // Error: no digits after dot before e -} - -method InvalidWhitespaceAroundDots() { - // Whitespace before trailing dot (should be error) - var a := 1 .; // Error: space before trailing dot - var b := 123 .; // Error: space before trailing dot - - // Whitespace after leading dot (should be error) - var c := . 5; // Error: space after leading dot - var d := . 25; // Error: space after leading dot - - // Whitespace around normal decimal dot (should be error) - var e := 1 . 5; // Error: spaces around decimal dot -} diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ScientificNotationErrors.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ScientificNotationErrors.dfy.expect deleted file mode 100644 index 6fdb54c1e00..00000000000 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ScientificNotationErrors.dfy.expect +++ /dev/null @@ -1,24 +0,0 @@ -ScientificNotationErrors.dfy(8,15): Error: this symbol not expected in VarDeclStatement -ScientificNotationErrors.dfy(9,12): Error: this symbol not expected in VarDeclStatement -ScientificNotationErrors.dfy(12,15): Error: this symbol not expected in VarDeclStatement -ScientificNotationErrors.dfy(13,15): Error: this symbol not expected in VarDeclStatement -ScientificNotationErrors.dfy(18,12): Error: this symbol not expected in VarDeclStatement -ScientificNotationErrors.dfy(19,14): Error: this symbol not expected in VarDeclStatement -ScientificNotationErrors.dfy(22,15): Error: this symbol not expected in VarDeclStatement -ScientificNotationErrors.dfy(23,17): Error: this symbol not expected in VarDeclStatement -ScientificNotationErrors.dfy(28,17): Error: this symbol not expected in VarDeclStatement -ScientificNotationErrors.dfy(31,15): Error: this symbol not expected in VarDeclStatement -ScientificNotationErrors.dfy(32,15): Error: this symbol not expected in VarDeclStatement -ScientificNotationErrors.dfy(37,11): Error: invalid real literal (no whitespace allowed after leading dot) -ScientificNotationErrors.dfy(38,11): Error: invalid real literal (no whitespace allowed after leading dot) -ScientificNotationErrors.dfy(41,11): Error: invalid Rhs -ScientificNotationErrors.dfy(42,12): Error: invalid Dec -ScientificNotationErrors.dfy(42,11): Error: invalid real literal (no whitespace allowed after leading dot) -ScientificNotationErrors.dfy(42,11): Error: incorrectly formatted number -ScientificNotationErrors.dfy(47,11): Error: invalid real literal (no whitespace allowed before trailing dot) -ScientificNotationErrors.dfy(48,11): Error: invalid real literal (no whitespace allowed before trailing dot) -ScientificNotationErrors.dfy(51,11): Error: invalid real literal (no whitespace allowed after leading dot) -ScientificNotationErrors.dfy(52,11): Error: invalid real literal (no whitespace allowed after leading dot) -ScientificNotationErrors.dfy(55,11): Error: invalid real literal (no whitespace allowed before trailing dot) -ScientificNotationErrors.dfy(55,15): Error: this symbol not expected in VarDeclStatement -23 parse errors detected in ScientificNotationErrors.dfy diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/SharedDestructors.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/SharedDestructors.dfy.expect index 5d7694f8475..24746317feb 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/SharedDestructors.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/SharedDestructors.dfy.expect @@ -10,6 +10,6 @@ SharedDestructors.dfy(101,12): Error: source of datatype update must be construc SharedDestructors.dfy(107,12): Error: source of datatype update must be constructed by 'RR' SharedDestructors.dfy(124,12): Error: source of datatype update must be constructed by 'C3' SharedDestructors.dfy(139,11): Error: source of datatype update must be constructed by 'Ma5' or 'Ma2' -SharedDestructors.dfy(145,4): Error: assertion might not hold +SharedDestructors.dfy(145,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 13 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ShowSnippets.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ShowSnippets.dfy.expect index 1430e896a54..2a0896f369d 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ShowSnippets.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/ShowSnippets.dfy.expect @@ -1,4 +1,4 @@ -ShowSnippets.dfy(13,2): Error: assertion might not hold +ShowSnippets.dfy(13,2): Error: assertion could not be proved | 13 | assert false; | ^^^^^^ diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/SmallTests.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/SmallTests.dfy.expect index e032f93c3cc..cdbb41ecada 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/SmallTests.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/SmallTests.dfy.expect @@ -10,56 +10,56 @@ SmallTests.dfy(548,4): Warning: Could not find a trigger for this quantifier. Wi SmallTests.dfy(34,11): Error: index out of range SmallTests.dfy(65,35): Error: possible division by zero SmallTests.dfy(66,50): Error: possible division by zero -SmallTests.dfy(67,21): Error: target object might be null -SmallTests.dfy(86,23): Error: target object might be null -SmallTests.dfy(120,5): Error: call might violate context's modifies clause -SmallTests.dfy(132,9): Error: call might violate context's modifies clause -SmallTests.dfy(134,9): Error: call might violate context's modifies clause -SmallTests.dfy(174,8): Error: assignment might update an object field not in the enclosing context's modifies clause -SmallTests.dfy(196,18): Error: assertion might not hold -SmallTests.dfy(197,18): Error: assertion might not hold -SmallTests.dfy(199,18): Error: assertion might not hold -SmallTests.dfy(209,18): Error: assertion might not hold -SmallTests.dfy(211,18): Error: assertion might not hold -SmallTests.dfy(212,23): Error: assertion might not hold -SmallTests.dfy(214,23): Error: assertion might not hold -SmallTests.dfy(223,18): Error: assertion might not hold -SmallTests.dfy(225,23): Error: assertion might not hold -SmallTests.dfy(236,18): Error: assertion might not hold -SmallTests.dfy(239,18): Error: assertion might not hold -SmallTests.dfy(240,23): Error: assertion might not hold -SmallTests.dfy(243,23): Error: assertion might not hold -SmallTests.dfy(253,18): Error: assertion might not hold -SmallTests.dfy(255,23): Error: assertion might not hold +SmallTests.dfy(67,21): Error: target object could not be proved to be non-null +SmallTests.dfy(86,23): Error: target object could not be proved to be non-null +SmallTests.dfy(120,5): Error: modified object in call could not be proved to be in the current modifies clause +SmallTests.dfy(132,9): Error: modified object in call could not be proved to be in the current modifies clause +SmallTests.dfy(134,9): Error: modified object in call could not be proved to be in the current modifies clause +SmallTests.dfy(174,8): Error: modified field could not be proved to be in the current modifies clause +SmallTests.dfy(196,18): Error: assertion could not be proved +SmallTests.dfy(197,18): Error: assertion could not be proved +SmallTests.dfy(199,18): Error: assertion could not be proved +SmallTests.dfy(209,18): Error: assertion could not be proved +SmallTests.dfy(211,18): Error: assertion could not be proved +SmallTests.dfy(212,23): Error: assertion could not be proved +SmallTests.dfy(214,23): Error: assertion could not be proved +SmallTests.dfy(223,18): Error: assertion could not be proved +SmallTests.dfy(225,23): Error: assertion could not be proved +SmallTests.dfy(236,18): Error: assertion could not be proved +SmallTests.dfy(239,18): Error: assertion could not be proved +SmallTests.dfy(240,23): Error: assertion could not be proved +SmallTests.dfy(243,23): Error: assertion could not be proved +SmallTests.dfy(253,18): Error: assertion could not be proved +SmallTests.dfy(255,23): Error: assertion could not be proved SmallTests.dfy(303,23): Error: a precondition for this call could not be proved SmallTests.dfy(281,16): Related location: this is the precondition that could not be proved SmallTests.dfy(338,2): Error: a postcondition could not be proved on this return path SmallTests.dfy(332,10): Related location: this is the postcondition that could not be proved -SmallTests.dfy(379,2): Error: assertion might not hold -SmallTests.dfy(386,2): Error: assertion might not hold +SmallTests.dfy(379,2): Error: assertion could not be proved +SmallTests.dfy(386,2): Error: assertion could not be proved SmallTests.dfy(396,8): Error: cannot prove termination; try supplying a decreases clause -SmallTests.dfy(408,4): Error: assertion might not hold -SmallTests.dfy(418,4): Error: assertion might not hold +SmallTests.dfy(408,4): Error: assertion could not be proved +SmallTests.dfy(418,4): Error: assertion could not be proved SmallTests.dfy(428,10): Error: cannot prove termination; try supplying a decreases clause SmallTests.dfy(445,2): Error: a postcondition could not be proved on this return path SmallTests.dfy(443,40): Related location: this is the postcondition that could not be proved -SmallTests.dfy(604,2): Error: assertion might not hold -SmallTests.dfy(618,19): Error: left-hand sides n.next and n.next.next might refer to the same location -SmallTests.dfy(620,14): Error: left-hand sides a[j] and a[i] might refer to the same location -SmallTests.dfy(627,24): Error: target object might be null -SmallTests.dfy(640,2): Error: assertion might not hold +SmallTests.dfy(604,2): Error: assertion could not be proved +SmallTests.dfy(618,19): Error: left-hand sides n.next and n.next.next could not be proved to refer to different locations +SmallTests.dfy(620,14): Error: left-hand sides a[j] and a[i] could not be proved to refer to different locations +SmallTests.dfy(627,24): Error: target object could not be proved to be non-null +SmallTests.dfy(640,2): Error: assertion could not be proved SmallTests.dfy(664,4): Error: cannot establish the existence of LHS values that satisfy the such-that predicate -SmallTests.dfy(687,2): Error: assertion might not hold +SmallTests.dfy(687,2): Error: assertion could not be proved SmallTests.dfy(701,9): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. SmallTests.dfy(703,9): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. SmallTests.dfy(716,8): Error: cannot establish the existence of LHS values that satisfy the such-that predicate -SmallTests.dfy(733,4): Error: assertion might not hold -SmallTests.dfy(754,6): Error: assertion might not hold -SmallTests.dfy(757,6): Error: assertion might not hold -SmallTests.dfy(901,14): Error: target object might be null -SmallTests.dfy(909,14): Error: target object might be null -SmallTests.dfy(920,4): Error: assertion might not hold -SmallTests.dfy(926,4): Error: assertion might not hold +SmallTests.dfy(733,4): Error: assertion could not be proved +SmallTests.dfy(754,6): Error: assertion could not be proved +SmallTests.dfy(757,6): Error: assertion could not be proved +SmallTests.dfy(901,14): Error: target object could not be proved to be non-null +SmallTests.dfy(909,14): Error: target object could not be proved to be non-null +SmallTests.dfy(920,4): Error: assertion could not be proved +SmallTests.dfy(926,4): Error: assertion could not be proved Dafny program verifier finished with 56 verified, 50 errors SmallTests.dfy.tmp.dprint.dfy(65,23): Warning: The {:verify false} attribute should only be used during development. Consider using a bodyless method together with the {:axiom} attribute instead diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/StatementExpressions.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/StatementExpressions.dfy.expect index fc5d3a4fa78..de6953bc9b9 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/StatementExpressions.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/StatementExpressions.dfy.expect @@ -1,5 +1,5 @@ StatementExpressions.dfy(55,11): Error: cannot prove termination; try supplying a decreases clause -StatementExpressions.dfy(59,4): Error: assertion might not hold +StatementExpressions.dfy(59,4): Error: assertion could not be proved StatementExpressions.dfy(77,5): Error: possible division by zero StatementExpressions.dfy(88,4): Error: value does not satisfy the subset constraints of 'nat' StatementExpressions.dfy(98,17): Error: cannot prove termination; try supplying a decreases clause diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Stdin.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Stdin.dfy.expect index 757fdba9707..94000c17395 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Stdin.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Stdin.dfy.expect @@ -1,6 +1,6 @@ Dafny program verifier finished with 0 verified, 0 errors -(1,13): Error: assertion might not hold +(1,13): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/SubsetTypes.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/SubsetTypes.dfy.expect index 7a06429baee..71534027cb9 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/SubsetTypes.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/SubsetTypes.dfy.expect @@ -42,8 +42,8 @@ SubsetTypes.dfy(157,25): Error: value of expression (of type 'int ~> int') is no SubsetTypes.dfy(159,25): Error: value of expression (of type 'nat ~> int') is not known to be an instance of type 'nat ~> nat' SubsetTypes.dfy(169,20): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. SubsetTypes.dfy(182,11): Error: value of expression (of type 'int -> int') is not known to be an instance of type 'int ~> nat' -SubsetTypes.dfy(199,25): Error: value of expression (of type 'Person?') is not known to be an instance of type 'Person', because it might be null -SubsetTypes.dfy(204,23): Error: value of expression (of type 'Person?') is not known to be an instance of type 'Person', because it might be null +SubsetTypes.dfy(199,25): Error: value of expression (of type 'Person?') is not known to be an instance of type 'Person', because it could not be proved to be non-null +SubsetTypes.dfy(204,23): Error: value of expression (of type 'Person?') is not known to be an instance of type 'Person', because it could not be proved to be non-null SubsetTypes.dfy(213,11): Error: value of expression (of type 'array') is not known to be an instance of type 'array' SubsetTypes.dfy(216,11): Error: value of expression (of type 'array') is not known to be an instance of type 'array' SubsetTypes.dfy(232,11): Error: value of expression (of type 'seq') is not known to be an instance of type 'seq' @@ -61,12 +61,12 @@ SubsetTypes.dfy(287,29): Error: value of expression (of type 'multiset') is SubsetTypes.dfy(288,29): Error: value of expression (of type 'map') is not known to be an instance of type 'map' SubsetTypes.dfy(318,18): Error: value does not satisfy the subset constraints of 'nat' SubsetTypes.dfy(323,20): Error: value does not satisfy the subset constraints of 'nat' -SubsetTypes.dfy(330,20): Error: result of operation might violate newtype constraint for 'Nat' -SubsetTypes.dfy(337,20): Error: result of operation might violate newtype constraint for 'Nat' +SubsetTypes.dfy(330,20): Error: result of operation could not be proved to satisfy newtype constraint for 'Nat' +SubsetTypes.dfy(337,20): Error: result of operation could not be proved to satisfy newtype constraint for 'Nat' SubsetTypes.dfy(342,7): Error: cannot find witness that shows type is inhabited (only tried 0); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type SubsetTypes.dfy(343,18): Error: value does not satisfy the subset constraints of 'Nat' SubsetTypes.dfy(347,10): Error: cannot find witness that shows type is inhabited (only tried 0); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type -SubsetTypes.dfy(348,18): Error: result of operation might violate newtype constraint for 'Nat' +SubsetTypes.dfy(348,18): Error: result of operation could not be proved to satisfy newtype constraint for 'Nat' SubsetTypes.dfy(352,7): Error: cannot find witness that shows type is inhabited (only tried 0); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type SubsetTypes.dfy(360,21): Error: possible division by zero SubsetTypes.dfy(365,23): Error: possible division by zero @@ -74,7 +74,7 @@ SubsetTypes.dfy(377,19): Error: value does not satisfy the subset constraints of SubsetTypes.dfy(379,19): Error: value does not satisfy the subset constraints of 'Y' SubsetTypes.dfy(381,19): Error: value does not satisfy the subset constraints of 'Y' SubsetTypes.dfy(383,19): Error: value does not satisfy the subset constraints of 'Y' -SubsetTypes.dfy(385,19): Error: value of expression (of type 'C?') is not known to be an instance of type 'C', because it might be null +SubsetTypes.dfy(385,19): Error: value of expression (of type 'C?') is not known to be an instance of type 'C', because it could not be proved to be non-null SubsetTypes.dfy(390,29): Error: value does not satisfy the subset constraints of 'int --> int' (possible cause: it may have read effects) SubsetTypes.dfy(392,28): Error: value does not satisfy the subset constraints of 'int -> int' (possible cause: it may be partial or have read effects) SubsetTypes.dfy(394,28): Error: value does not satisfy the subset constraints of 'int -> int' (possible cause: it may be partial or have read effects) @@ -83,12 +83,12 @@ SubsetTypes.dfy(398,26): Error: value of expression (of type 'int ~> int') is no SubsetTypes.dfy(401,9): Error: value does not satisfy the subset constraints of 'nat' SubsetTypes.dfy(411,7): Error: cannot find witness that shows type is inhabited (only tried 'D'); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type SubsetTypes.dfy(413,7): Error: cannot find witness that shows type is inhabited (only tried 'D'); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type -SubsetTypes.dfy(429,4): Error: assertion might not hold -SubsetTypes.dfy(436,6): Error: assertion might not hold -SubsetTypes.dfy(445,6): Error: assertion might not hold -SubsetTypes.dfy(452,6): Error: assertion might not hold -SubsetTypes.dfy(459,6): Error: assertion might not hold -SubsetTypes.dfy(464,4): Error: assertion might not hold +SubsetTypes.dfy(429,4): Error: assertion could not be proved +SubsetTypes.dfy(436,6): Error: assertion could not be proved +SubsetTypes.dfy(445,6): Error: assertion could not be proved +SubsetTypes.dfy(452,6): Error: assertion could not be proved +SubsetTypes.dfy(459,6): Error: assertion could not be proved +SubsetTypes.dfy(464,4): Error: assertion could not be proved Dafny program verifier finished with 13 verified, 91 errors Total resources used is 738400 diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Termination.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Termination.dfy.expect index 174e6860ee8..7a03fe17fd8 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Termination.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Termination.dfy.expect @@ -1,26 +1,26 @@ Termination.dfy(108,2): Error: cannot prove termination; try supplying a decreases clause for the loop -Termination.dfy(125,2): Error: decreases expression might not decrease +Termination.dfy(125,2): Error: decreases expression could not be proved to decrease Termination.dfy(126,16): Error: decreases expression must be bounded below by 0 at end of loop iteration Termination.dfy(255,41): Error: cannot prove termination; try supplying a decreases clause -Termination.dfy(296,2): Error: decreases expression might not decrease -Termination.dfy(361,47): Error: decreases clause might not decrease -Termination.dfy(534,2): Error: decreases expression might not decrease -Termination.dfy(542,2): Error: decreases expression might not decrease -Termination.dfy(549,2): Error: decreases expression might not decrease -Termination.dfy(556,2): Error: decreases expression might not decrease -Termination.dfy(563,2): Error: decreases expression might not decrease -Termination.dfy(571,2): Error: decreases expression might not decrease +Termination.dfy(296,2): Error: decreases expression could not be proved to decrease +Termination.dfy(361,47): Error: decreases clause could not be proved to decrease +Termination.dfy(534,2): Error: decreases expression could not be proved to decrease +Termination.dfy(542,2): Error: decreases expression could not be proved to decrease +Termination.dfy(549,2): Error: decreases expression could not be proved to decrease +Termination.dfy(556,2): Error: decreases expression could not be proved to decrease +Termination.dfy(563,2): Error: decreases expression could not be proved to decrease +Termination.dfy(571,2): Error: decreases expression could not be proved to decrease Termination.dfy(577,5): Error: cannot find witness that shows type is inhabited; try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type -Termination.dfy(579,2): Error: decreases expression might not decrease -Termination.dfy(589,2): Error: decreases expression might not decrease +Termination.dfy(579,2): Error: decreases expression could not be proved to decrease +Termination.dfy(589,2): Error: decreases expression could not be proved to decrease Termination.dfy(674,2): Error: cannot prove termination; try supplying a decreases clause for the loop Termination.dfy(714,2): Error: cannot prove termination; try supplying a decreases clause for the loop Termination.dfy(722,2): Error: cannot prove termination; try supplying a decreases clause for the loop -Termination.dfy(730,2): Error: decreases expression might not decrease +Termination.dfy(730,2): Error: decreases expression could not be proved to decrease Termination.dfy(806,2): Error: cannot prove termination; try supplying a decreases clause for the loop Termination.dfy(1182,2): Error: cannot prove termination; try supplying a decreases clause for the loop Termination.dfy(1198,2): Error: cannot prove termination; try supplying a decreases clause for the loop -Termination.dfy(441,5): Error: decreases clause might not decrease +Termination.dfy(441,5): Error: decreases clause could not be proved to decrease Termination.dfy(446,7): Related location: refining module Dafny program verifier finished with 108 verified, 23 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Termination.dfy.refresh.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Termination.dfy.refresh.expect index fb426aacd1c..c4863e7608b 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Termination.dfy.refresh.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Termination.dfy.refresh.expect @@ -1,27 +1,27 @@ Termination.dfy(108,2): Error: cannot prove termination; try supplying a decreases clause for the loop -Termination.dfy(125,2): Error: decreases expression might not decrease +Termination.dfy(125,2): Error: decreases expression could not be proved to decrease Termination.dfy(126,16): Error: decreases expression must be bounded below by 0 at end of loop iteration Termination.dfy(255,41): Error: cannot prove termination; try supplying a decreases clause -Termination.dfy(296,2): Error: decreases expression might not decrease -Termination.dfy(361,47): Error: decreases clause might not decrease -Termination.dfy(534,2): Error: decreases expression might not decrease -Termination.dfy(542,2): Error: decreases expression might not decrease -Termination.dfy(549,2): Error: decreases expression might not decrease -Termination.dfy(556,2): Error: decreases expression might not decrease -Termination.dfy(563,2): Error: decreases expression might not decrease -Termination.dfy(571,2): Error: decreases expression might not decrease +Termination.dfy(296,2): Error: decreases expression could not be proved to decrease +Termination.dfy(361,47): Error: decreases clause could not be proved to decrease +Termination.dfy(534,2): Error: decreases expression could not be proved to decrease +Termination.dfy(542,2): Error: decreases expression could not be proved to decrease +Termination.dfy(549,2): Error: decreases expression could not be proved to decrease +Termination.dfy(556,2): Error: decreases expression could not be proved to decrease +Termination.dfy(563,2): Error: decreases expression could not be proved to decrease +Termination.dfy(571,2): Error: decreases expression could not be proved to decrease Termination.dfy(577,5): Error: cannot find witness that shows type is inhabited; try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type -Termination.dfy(579,2): Error: decreases expression might not decrease -Termination.dfy(589,2): Error: decreases expression might not decrease +Termination.dfy(579,2): Error: decreases expression could not be proved to decrease +Termination.dfy(589,2): Error: decreases expression could not be proved to decrease Termination.dfy(674,2): Error: cannot prove termination; try supplying a decreases clause for the loop Termination.dfy(714,2): Error: cannot prove termination; try supplying a decreases clause for the loop Termination.dfy(722,2): Error: cannot prove termination; try supplying a decreases clause for the loop -Termination.dfy(730,2): Error: decreases expression might not decrease +Termination.dfy(730,2): Error: decreases expression could not be proved to decrease Termination.dfy(806,2): Error: cannot prove termination; try supplying a decreases clause for the loop Termination.dfy(927,2): Error: cannot prove termination; try supplying a decreases clause for the loop Termination.dfy(1182,2): Error: cannot prove termination; try supplying a decreases clause for the loop Termination.dfy(1198,2): Error: cannot prove termination; try supplying a decreases clause for the loop -Termination.dfy(441,5): Error: decreases clause might not decrease +Termination.dfy(441,5): Error: decreases clause could not be proved to decrease Termination.dfy(446,7): Related location: refining module Dafny program verifier finished with 107 verified, 24 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Tuples.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Tuples.dfy.expect index b25d23824cd..8c31f1fde47 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Tuples.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Tuples.dfy.expect @@ -1,4 +1,4 @@ -Tuples.dfy(22,2): Error: assertion might not hold +Tuples.dfy(22,2): Error: assertion could not be proved Tuples.dfy(24,20): Error: possible division by zero Dafny program verifier finished with 0 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Twostate-Functions.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Twostate-Functions.dfy.expect index a613f45eff0..9857de748d3 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Twostate-Functions.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Twostate-Functions.dfy.expect @@ -1,9 +1,9 @@ Twostate-Functions.dfy(11,27): Error: receiver could not be proved to be allocated in the state in which its fields are accessed Twostate-Functions.dfy(18,12): Error: receiver could not be proved to be allocated in the state in which its fields are accessed Twostate-Functions.dfy(23,8): Error: insufficient reads clause to read field; Consider adding 'reads u' or 'reads u`aa' in the enclosing twostate function specification for resolution -Twostate-Functions.dfy(66,29): Error: assertion might not hold +Twostate-Functions.dfy(66,29): Error: assertion could not be proved Twostate-Functions.dfy(54,14): Related location: this proposition could not be proved -Twostate-Functions.dfy(68,27): Error: assertion might not hold +Twostate-Functions.dfy(68,27): Error: assertion could not be proved Twostate-Functions.dfy(54,14): Related location: this proposition could not be proved Twostate-Functions.dfy(92,24): Error: argument for parameter 'u' could not be proved to be allocated in the two-state function's previous state -- if you add 'new' before the parameter declaration, like 'new u: U', arguments can refer to expressions possibly unallocated in the previous state Twostate-Functions.dfy(97,40): Error: argument at index 1 for parameter 'x' could not be proved to be allocated in the two-state function's previous state -- if you add 'new' before the parameter declaration, like 'new x: U', arguments can refer to expressions possibly unallocated in the previous state diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Twostate-Verification.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Twostate-Verification.dfy.expect index c4ba830fd5b..8e7b5df2a29 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Twostate-Verification.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Twostate-Verification.dfy.expect @@ -21,11 +21,11 @@ Twostate-Verification.dfy(680,22): Warning: Argument to 'old' does not dereferen Twostate-Verification.dfy(681,22): Warning: Argument to 'old' does not dereference the mutable heap, so this use of 'old' has no effect Twostate-Verification.dfy(682,22): Warning: Argument to 'old' does not dereference the mutable heap, so this use of 'old' has no effect Twostate-Verification.dfy(33,13): Warning: Argument to 'old' does not dereference the mutable heap, so this use of 'old' has no effect -Twostate-Verification.dfy(313,38): Error: assertion might not hold +Twostate-Verification.dfy(313,38): Error: assertion could not be proved Twostate-Verification.dfy(337,23): Error: a precondition for this call could not be proved Twostate-Verification.dfy(317,29): Related location: this is the precondition that could not be proved -Twostate-Verification.dfy(359,6): Error: assertion might not hold -Twostate-Verification.dfy(361,6): Error: assertion might not hold +Twostate-Verification.dfy(359,6): Error: assertion could not be proved +Twostate-Verification.dfy(361,6): Error: assertion could not be proved Twostate-Verification.dfy(384,17): Error: receiver argument could not be proved to be allocated in the two-state function's previous state Twostate-Verification.dfy(386,17): Error: receiver argument could not be proved to be allocated in the two-state function's previous state Twostate-Verification.dfy(391,26): Error: argument at index 0 for parameter 'c' could not be proved to be allocated in the two-state function's previous state -- if you add 'new' before the parameter declaration, like 'new c: Cell', arguments can refer to expressions possibly unallocated in the previous state @@ -65,6 +65,6 @@ Twostate-Verification.dfy(37,26): Error: receiver could not be proved to be allo Twostate-Verification.dfy(41,32): Error: receiver argument could not be proved to be allocated in the state in which the function is invoked Twostate-Verification.dfy(56,26): Error: receiver could not be proved to be allocated in the state in which its fields are accessed Twostate-Verification.dfy(58,32): Error: receiver argument could not be proved to be allocated in the state in which the function is invoked -Twostate-Verification.dfy(74,4): Error: assertion might not hold +Twostate-Verification.dfy(74,4): Error: assertion could not be proved Dafny program verifier finished with 66 verified, 42 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeAdjustments.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeAdjustments.dfy.expect index bce454f5074..35a9e017cdd 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeAdjustments.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeAdjustments.dfy.expect @@ -1,24 +1,24 @@ TypeAdjustments.dfy(588,14): Warning: This ensures clause is part of a bodyless function. Add the {:axiom} attribute to it or the enclosing function to suppress this warning TypeAdjustments.dfy(616,14): Warning: This ensures clause is part of a bodyless function. Add the {:axiom} attribute to it or the enclosing function to suppress this warning -TypeAdjustments.dfy(23,4): Error: assertion might not hold -TypeAdjustments.dfy(25,4): Error: assertion might not hold -TypeAdjustments.dfy(27,4): Error: assertion might not hold -TypeAdjustments.dfy(40,2): Error: assertion might not hold -TypeAdjustments.dfy(105,6): Error: assertion might not hold -TypeAdjustments.dfy(107,6): Error: assertion might not hold -TypeAdjustments.dfy(133,6): Error: assertion might not hold -TypeAdjustments.dfy(135,6): Error: assertion might not hold -TypeAdjustments.dfy(137,6): Error: assertion might not hold -TypeAdjustments.dfy(154,6): Error: assertion might not hold -TypeAdjustments.dfy(156,6): Error: assertion might not hold -TypeAdjustments.dfy(158,6): Error: assertion might not hold -TypeAdjustments.dfy(203,2): Error: assertion might not hold -TypeAdjustments.dfy(228,2): Error: assertion might not hold -TypeAdjustments.dfy(243,4): Error: assertion might not hold +TypeAdjustments.dfy(23,4): Error: assertion could not be proved +TypeAdjustments.dfy(25,4): Error: assertion could not be proved +TypeAdjustments.dfy(27,4): Error: assertion could not be proved +TypeAdjustments.dfy(40,2): Error: assertion could not be proved +TypeAdjustments.dfy(105,6): Error: assertion could not be proved +TypeAdjustments.dfy(107,6): Error: assertion could not be proved +TypeAdjustments.dfy(133,6): Error: assertion could not be proved +TypeAdjustments.dfy(135,6): Error: assertion could not be proved +TypeAdjustments.dfy(137,6): Error: assertion could not be proved +TypeAdjustments.dfy(154,6): Error: assertion could not be proved +TypeAdjustments.dfy(156,6): Error: assertion could not be proved +TypeAdjustments.dfy(158,6): Error: assertion could not be proved +TypeAdjustments.dfy(203,2): Error: assertion could not be proved +TypeAdjustments.dfy(228,2): Error: assertion could not be proved +TypeAdjustments.dfy(243,4): Error: assertion could not be proved TypeAdjustments.dfy(247,10): Error: value of expression (of type 'CellX') is not known to be an instance of type 'CellX' TypeAdjustments.dfy(251,10): Error: value of expression (of type 'CellX') is not known to be an instance of type 'CellX' -TypeAdjustments.dfy(294,4): Error: assertion might not hold -TypeAdjustments.dfy(316,4): Error: assertion might not hold +TypeAdjustments.dfy(294,4): Error: assertion could not be proved +TypeAdjustments.dfy(316,4): Error: assertion could not be proved TypeAdjustments.dfy(376,13): Error: value of expression (of type 'set') is not known to be an instance of type 'set' TypeAdjustments.dfy(376,17): Error: value of expression (of type 'iset') is not known to be an instance of type 'iset' TypeAdjustments.dfy(376,21): Error: value of expression (of type 'multiset') is not known to be an instance of type 'multiset' diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeAntecedents.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeAntecedents.dfy.expect index cc0d2898960..d2b718ec4f8 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeAntecedents.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeAntecedents.dfy.expect @@ -1,6 +1,6 @@ -TypeAntecedents.dfy(35,2): Error: assertion might not hold +TypeAntecedents.dfy(35,2): Error: assertion could not be proved TypeAntecedents.dfy(58,0): Error: a postcondition could not be proved on this return path TypeAntecedents.dfy(57,14): Related location: this is the postcondition that could not be proved -TypeAntecedents.dfy(66,8): Error: assertion might not hold +TypeAntecedents.dfy(66,8): Error: assertion could not be proved Dafny program verifier finished with 5 verified, 3 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeConversions.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeConversions.dfy.expect index 3a5c63ff6cb..423cf7f8905 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeConversions.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeConversions.dfy.expect @@ -359,19 +359,19 @@ TypeConversions.dfy(14,40): Error: value does not satisfy the subset constraints TypeConversions.dfy(16,40): Error: the real-based number must be an integer (if you want truncation, apply .Floor to the real-based number) TypeConversions.dfy(17,40): Error: value does not satisfy the subset constraints of 'nat' TypeConversions.dfy(20,44): Error: the real-based number must be an integer (if you want truncation, apply .Floor to the real-based number) -TypeConversions.dfy(44,28): Error: result of operation might violate newtype constraint for 'SmallReal' -TypeConversions.dfy(57,26): Error: value to be converted might not fit in bv32 -TypeConversions.dfy(61,30): Error: value to be converted might not fit in bv7 -TypeConversions.dfy(62,28): Error: value to be converted might not fit in bv7 -TypeConversions.dfy(72,29): Error: value to be converted might not fit in bv0 -TypeConversions.dfy(73,27): Error: value to be converted might not fit in bv0 -TypeConversions.dfy(74,31): Error: value to be converted might not fit in bv0 -TypeConversions.dfy(96,31): Error: result of operation might violate newtype constraint for 'EvenInt' -TypeConversions.dfy(100,20): Error: result of operation might violate newtype constraint for 'EvenInt' +TypeConversions.dfy(44,28): Error: result of operation could not be proved to satisfy newtype constraint for 'SmallReal' +TypeConversions.dfy(57,26): Error: value to be converted could not be proved to fit in bv32 +TypeConversions.dfy(61,30): Error: value to be converted could not be proved to fit in bv7 +TypeConversions.dfy(62,28): Error: value to be converted could not be proved to fit in bv7 +TypeConversions.dfy(72,29): Error: value to be converted could not be proved to fit in bv0 +TypeConversions.dfy(73,27): Error: value to be converted could not be proved to fit in bv0 +TypeConversions.dfy(74,31): Error: value to be converted could not be proved to fit in bv0 +TypeConversions.dfy(96,31): Error: result of operation could not be proved to satisfy newtype constraint for 'EvenInt' +TypeConversions.dfy(100,20): Error: result of operation could not be proved to satisfy newtype constraint for 'EvenInt' TypeConversions.dfy(100,20): Error: the real-based number must be an integer (if you want truncation, apply .Floor to the real-based number) -TypeConversions.dfy(102,20): Error: result of operation might violate newtype constraint for 'EvenInt' -TypeConversions.dfy(115,28): Error: value to be converted might not fit in bv7 -TypeConversions.dfy(116,27): Error: value to be converted might not fit in bv0 -TypeConversions.dfy(126,5): Error: trying witness null: value of expression (of type 'Class?') is not known to be an instance of type 'Class', because it might be null +TypeConversions.dfy(102,20): Error: result of operation could not be proved to satisfy newtype constraint for 'EvenInt' +TypeConversions.dfy(115,28): Error: value to be converted could not be proved to fit in bv7 +TypeConversions.dfy(116,27): Error: value to be converted could not be proved to fit in bv0 +TypeConversions.dfy(126,5): Error: trying witness null: value of expression (of type 'Class?') is not known to be an instance of type 'Class', because it could not be proved to be non-null Dafny program verifier finished with 3 verified, 18 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeConversions.dfy.refresh.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeConversions.dfy.refresh.expect index 1a7bbaa5f35..11eb9d966eb 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeConversions.dfy.refresh.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeConversions.dfy.refresh.expect @@ -383,19 +383,19 @@ TypeConversions.dfy(14,40): Error: value does not satisfy the subset constraints TypeConversions.dfy(16,40): Error: the real-based number must be an integer (if you want truncation, apply .Floor to the real-based number) TypeConversions.dfy(17,40): Error: value does not satisfy the subset constraints of 'nat' TypeConversions.dfy(20,44): Error: the real-based number must be an integer (if you want truncation, apply .Floor to the real-based number) -TypeConversions.dfy(44,28): Error: result of operation might violate newtype constraint for 'SmallReal' -TypeConversions.dfy(57,26): Error: value to be converted might not fit in bv32 -TypeConversions.dfy(61,30): Error: value to be converted might not fit in bv7 -TypeConversions.dfy(62,28): Error: value to be converted might not fit in bv7 -TypeConversions.dfy(72,29): Error: value to be converted might not fit in bv0 -TypeConversions.dfy(73,27): Error: value to be converted might not fit in bv0 -TypeConversions.dfy(74,31): Error: value to be converted might not fit in bv0 -TypeConversions.dfy(96,31): Error: result of operation might violate newtype constraint for 'EvenInt' -TypeConversions.dfy(100,20): Error: result of operation might violate newtype constraint for 'EvenInt' +TypeConversions.dfy(44,28): Error: result of operation could not be proved to satisfy newtype constraint for 'SmallReal' +TypeConversions.dfy(57,26): Error: value to be converted could not be proved to fit in bv32 +TypeConversions.dfy(61,30): Error: value to be converted could not be proved to fit in bv7 +TypeConversions.dfy(62,28): Error: value to be converted could not be proved to fit in bv7 +TypeConversions.dfy(72,29): Error: value to be converted could not be proved to fit in bv0 +TypeConversions.dfy(73,27): Error: value to be converted could not be proved to fit in bv0 +TypeConversions.dfy(74,31): Error: value to be converted could not be proved to fit in bv0 +TypeConversions.dfy(96,31): Error: result of operation could not be proved to satisfy newtype constraint for 'EvenInt' +TypeConversions.dfy(100,20): Error: result of operation could not be proved to satisfy newtype constraint for 'EvenInt' TypeConversions.dfy(100,20): Error: the real-based number must be an integer (if you want truncation, apply .Floor to the real-based number) -TypeConversions.dfy(102,20): Error: result of operation might violate newtype constraint for 'EvenInt' -TypeConversions.dfy(115,28): Error: value to be converted might not fit in bv7 -TypeConversions.dfy(116,27): Error: value to be converted might not fit in bv0 -TypeConversions.dfy(126,5): Error: trying witness null: value of expression (of type 'Class?') is not known to be an instance of type 'Class', because it might be null +TypeConversions.dfy(102,20): Error: result of operation could not be proved to satisfy newtype constraint for 'EvenInt' +TypeConversions.dfy(115,28): Error: value to be converted could not be proved to fit in bv7 +TypeConversions.dfy(116,27): Error: value to be converted could not be proved to fit in bv0 +TypeConversions.dfy(126,5): Error: trying witness null: value of expression (of type 'Class?') is not known to be an instance of type 'Class', because it could not be proved to be non-null Dafny program verifier finished with 3 verified, 18 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeInferenceRefresh.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeInferenceRefresh.dfy.expect index 28aca40bbd7..c4203b55a7d 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeInferenceRefresh.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeInferenceRefresh.dfy.expect @@ -1,7 +1,7 @@ TypeInferenceRefresh.dfy(445,11): Warning: the modify statement with a block statement is deprecated TypeInferenceRefresh.dfy(807,4): Warning: this branch is redundant -TypeInferenceRefresh.dfy(145,30): Error: element might not be in domain -TypeInferenceRefresh.dfy(216,26): Error: result of operation might violate newtype constraint for 'int8' +TypeInferenceRefresh.dfy(145,30): Error: element could not be proved to be in domain +TypeInferenceRefresh.dfy(216,26): Error: result of operation could not be proved to satisfy newtype constraint for 'int8' TypeInferenceRefresh.dfy(102,31): Error: value does not satisfy the subset constraints of 'SubsetType' TypeInferenceRefresh.dfy(107,31): Error: value does not satisfy the subset constraints of 'SubsetType' TypeInferenceRefresh.dfy(630,40): Error: value does not satisfy the subset constraints of 'nat' diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeInferenceSubsetTypes.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeInferenceSubsetTypes.dfy.expect index 61636a30d91..0db176768c8 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeInferenceSubsetTypes.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeInferenceSubsetTypes.dfy.expect @@ -1,3 +1,3 @@ -TypeInferenceSubsetTypes.dfy(60,15): Error: target object might be null +TypeInferenceSubsetTypes.dfy(60,15): Error: target object could not be proved to be non-null Dafny program verifier finished with 6 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeParameters.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeParameters.dfy.expect index 2c19e375193..442bfcb366b 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeParameters.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeParameters.dfy.expect @@ -1,19 +1,19 @@ -TypeParameters.dfy(44,4): Error: assertion might not hold -TypeParameters.dfy(66,4): Error: assertion might not hold -TypeParameters.dfy(153,15): Error: assertion might not hold +TypeParameters.dfy(44,4): Error: assertion could not be proved +TypeParameters.dfy(66,4): Error: assertion could not be proved +TypeParameters.dfy(153,15): Error: assertion could not be proved TypeParameters.dfy(153,27): Related location: this proposition could not be proved -TypeParameters.dfy(155,20): Error: assertion might not hold +TypeParameters.dfy(155,20): Error: assertion could not be proved TypeParameters.dfy(155,32): Related location: this proposition could not be proved -TypeParameters.dfy(157,18): Error: assertion might not hold +TypeParameters.dfy(157,18): Error: assertion could not be proved TypeParameters.dfy(137,2): Related location: this proposition could not be proved -TypeParameters.dfy(159,17): Error: assertion might not hold +TypeParameters.dfy(159,17): Error: assertion could not be proved TypeParameters.dfy(144,13): Related location: this proposition could not be proved TypeParameters.dfy(144,14): Related location: this proposition could not be proved -TypeParameters.dfy(161,17): Error: assertion might not hold +TypeParameters.dfy(161,17): Error: assertion could not be proved TypeParameters.dfy(146,7): Related location: this proposition could not be proved TypeParameters.dfy(175,23): Error: this invariant could not be proved to be maintained by the loop Related message: loop invariant violation TypeParameters.dfy(175,37): Related location: this proposition could not be proved -TypeParameters.dfy(376,20): Error: assertion might not hold +TypeParameters.dfy(376,20): Error: assertion could not be proved Dafny program verifier finished with 30 verified, 9 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeSynonyms.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeSynonyms.dfy.expect index 5d031774596..2ced10e1480 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeSynonyms.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/TypeSynonyms.dfy.expect @@ -1,22 +1,22 @@ -TypeSynonyms.dfy(78,4): Error: assertion might not hold -TypeSynonyms.dfy(119,2): Error: out-parameter 'x', which is subject to definite-assignment rules, might be uninitialized at this return point -TypeSynonyms.dfy(119,2): Error: out-parameter 'y', which is subject to definite-assignment rules, might be uninitialized at this return point -TypeSynonyms.dfy(121,2): Error: out-parameter 'x', which is subject to definite-assignment rules, might be uninitialized at this return point -TypeSynonyms.dfy(121,2): Error: out-parameter 'y', which is subject to definite-assignment rules, might be uninitialized at this return point -TypeSynonyms.dfy(123,2): Error: out-parameter 'x', which is subject to definite-assignment rules, might be uninitialized at this return point -TypeSynonyms.dfy(123,2): Error: out-parameter 'y', which is subject to definite-assignment rules, might be uninitialized at this return point -TypeSynonyms.dfy(125,2): Error: out-parameter 'x', which is subject to definite-assignment rules, might be uninitialized at this return point -TypeSynonyms.dfy(125,2): Error: out-parameter 'y', which is subject to definite-assignment rules, might be uninitialized at this return point -TypeSynonyms.dfy(133,2): Error: out-parameter 'x', which is subject to definite-assignment rules, might be uninitialized at this return point -TypeSynonyms.dfy(133,2): Error: out-parameter 'y', which is subject to definite-assignment rules, might be uninitialized at this return point -TypeSynonyms.dfy(135,2): Error: out-parameter 'x', which is subject to definite-assignment rules, might be uninitialized at this return point -TypeSynonyms.dfy(143,2): Error: out-parameter 'x', which is subject to definite-assignment rules, might be uninitialized at this return point -TypeSynonyms.dfy(143,2): Error: out-parameter 'y', which is subject to definite-assignment rules, might be uninitialized at this return point -TypeSynonyms.dfy(145,2): Error: out-parameter 'x', which is subject to definite-assignment rules, might be uninitialized at this return point -TypeSynonyms.dfy(145,2): Error: out-parameter 'y', which is subject to definite-assignment rules, might be uninitialized at this return point -TypeSynonyms.dfy(147,2): Error: out-parameter 'x', which is subject to definite-assignment rules, might be uninitialized at this return point -TypeSynonyms.dfy(155,2): Error: out-parameter 'x', which is subject to definite-assignment rules, might be uninitialized at this return point -TypeSynonyms.dfy(155,2): Error: out-parameter 'y', which is subject to definite-assignment rules, might be uninitialized at this return point -TypeSynonyms.dfy(157,2): Error: out-parameter 'x', which is subject to definite-assignment rules, might be uninitialized at this return point +TypeSynonyms.dfy(78,4): Error: assertion could not be proved +TypeSynonyms.dfy(119,2): Error: out-parameter 'x', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +TypeSynonyms.dfy(119,2): Error: out-parameter 'y', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +TypeSynonyms.dfy(121,2): Error: out-parameter 'x', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +TypeSynonyms.dfy(121,2): Error: out-parameter 'y', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +TypeSynonyms.dfy(123,2): Error: out-parameter 'x', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +TypeSynonyms.dfy(123,2): Error: out-parameter 'y', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +TypeSynonyms.dfy(125,2): Error: out-parameter 'x', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +TypeSynonyms.dfy(125,2): Error: out-parameter 'y', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +TypeSynonyms.dfy(133,2): Error: out-parameter 'x', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +TypeSynonyms.dfy(133,2): Error: out-parameter 'y', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +TypeSynonyms.dfy(135,2): Error: out-parameter 'x', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +TypeSynonyms.dfy(143,2): Error: out-parameter 'x', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +TypeSynonyms.dfy(143,2): Error: out-parameter 'y', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +TypeSynonyms.dfy(145,2): Error: out-parameter 'x', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +TypeSynonyms.dfy(145,2): Error: out-parameter 'y', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +TypeSynonyms.dfy(147,2): Error: out-parameter 'x', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +TypeSynonyms.dfy(155,2): Error: out-parameter 'x', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +TypeSynonyms.dfy(155,2): Error: out-parameter 'y', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +TypeSynonyms.dfy(157,2): Error: out-parameter 'x', which is subject to definite-assignment rules, could not be proved to be initialized at this return point Dafny program verifier finished with 2 verified, 20 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Unchanged.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Unchanged.dfy.expect index 0aca206afe6..1f73349b23e 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Unchanged.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/Unchanged.dfy.expect @@ -1,7 +1,7 @@ -Unchanged.dfy(33,18): Error: assertion might not hold -Unchanged.dfy(34,18): Error: assertion might not hold -Unchanged.dfy(35,18): Error: assertion might not hold -Unchanged.dfy(38,6): Error: assertion might not hold +Unchanged.dfy(33,18): Error: assertion could not be proved +Unchanged.dfy(34,18): Error: assertion could not be proved +Unchanged.dfy(35,18): Error: assertion could not be proved +Unchanged.dfy(38,6): Error: assertion could not be proved Unchanged.dfy(46,35): Error: object could not be proved to be allocated in the old-state of the 'unchanged' predicate Unchanged.dfy(47,35): Error: object could not be proved to be allocated in the old-state of the 'unchanged' predicate Unchanged.dfy(48,41): Error: object could not be proved to be allocated in the old-state of the 'unchanged' predicate diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/UnfoldingPerformance.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/UnfoldingPerformance.dfy.expect index f143707de05..5caa3068b8e 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/UnfoldingPerformance.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/UnfoldingPerformance.dfy.expect @@ -1,6 +1,6 @@ -UnfoldingPerformance.dfy(23,2): Error: assertion might not hold -UnfoldingPerformance.dfy(30,2): Error: assertion might not hold -UnfoldingPerformance.dfy(51,2): Error: assertion might not hold -UnfoldingPerformance.dfy(61,2): Error: assertion might not hold +UnfoldingPerformance.dfy(23,2): Error: assertion could not be proved +UnfoldingPerformance.dfy(30,2): Error: assertion could not be proved +UnfoldingPerformance.dfy(51,2): Error: assertion could not be proved +UnfoldingPerformance.dfy(61,2): Error: assertion could not be proved Dafny program verifier finished with 4 verified, 4 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/columns.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/columns.dfy.expect index d6991683685..d47d9674d80 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/columns.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/columns.dfy.expect @@ -1,6 +1,6 @@ columns.dfy(8,0): Warning: module-level methods are always non-instance, so the 'static' keyword is not allowed here -columns.dfy(9,2): Error: assertion might not hold -columns.dfy(10,2): Error: assertion might not hold -columns.dfy(11,2): Error: assertion might not hold +columns.dfy(9,2): Error: assertion could not be proved +columns.dfy(10,2): Error: assertion could not be proved +columns.dfy(11,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 3 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots0.run.legacy.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots0.run.legacy.dfy.expect index b8ef92072d9..e573078da3b 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots0.run.legacy.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots0.run.legacy.dfy.expect @@ -9,6 +9,6 @@ Processing command (at ) a##cached##0 := a##cached##0 && ##ext >>> AssumeNegationOfAssumptionVariable Processing command (at Snapshots0.v1.dfy(4,3)) assert {:id "id5"} Lit(false); >>> MarkAsPartiallyVerified -Snapshots0.v1.dfy(4,2): Error: assertion might not hold +Snapshots0.v1.dfy(4,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots1.run.legacy.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots1.run.legacy.dfy.expect index 0c6bfd5c5d4..d4a571f8e7a 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots1.run.legacy.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots1.run.legacy.dfy.expect @@ -6,6 +6,6 @@ Processing call to procedure N (call) in implementation M (correctness) (at Snap >>> added after: a##cached##0 := a##cached##0 && false; Processing command (at Snapshots1.v1.dfy(4,3)) assert {:id "id8"} Lit(false); >>> DoNothingToAssert -Snapshots1.v1.dfy(4,2): Error: assertion might not hold +Snapshots1.v1.dfy(4,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots2.run.legacy.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots2.run.legacy.dfy.expect index 73227d69808..8e2000d096f 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots2.run.legacy.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots2.run.legacy.dfy.expect @@ -18,7 +18,7 @@ Processing implementation Q (well-formedness) (at Snapshots2.v1.dfy(13,11)): >>> added after assuming the current precondition: a##cached##0 := a##cached##0 && false; Processing command (at Snapshots2.v1.dfy(4,3)) assert {:id "id14"} Lit(false); >>> DoNothingToAssert -Snapshots2.v1.dfy(4,2): Error: assertion might not hold +Snapshots2.v1.dfy(4,2): Error: assertion could not be proved Processing command (at Snapshots2.v1.dfy(11,12)) assert {:id "id18"} Lit(true); >>> DoNothingToAssert Processing command (at Snapshots2.v1.dfy(11,15)) assert {:id "id17"} _module.__default.P() <==> _module.__default.Q(); diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots3.run.legacy.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots3.run.legacy.dfy.expect index 8555ef7ebb5..bb0df363d8f 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots3.run.legacy.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots3.run.legacy.dfy.expect @@ -1,13 +1,13 @@ Warning: this way of using the CLI is deprecated. Use 'dafny --help' to see help for the new Dafny CLI format Processing command (at Snapshots3.v0.dfy(9,5)) assert {:id "id0"} Lit(0 != 0); >>> DoNothingToAssert -Snapshots3.v0.dfy(9,4): Error: assertion might not hold +Snapshots3.v0.dfy(9,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error Processing command (at Snapshots3.v1.dfy(5,5)) assert {:id "id1"} Lit(true); >>> DoNothingToAssert Processing command (at Snapshots3.v1.dfy(9,5)) assert {:id "id2"} Lit(0 != 0); >>> RecycleError -Snapshots3.v0.dfy(9,4): Error: assertion might not hold +Snapshots3.v0.dfy(9,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots4.run.legacy.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots4.run.legacy.dfy.expect index 4963b138b46..937f855ff04 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots4.run.legacy.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots4.run.legacy.dfy.expect @@ -9,7 +9,7 @@ Processing command (at Snapshots4.v1.dfy(9,5)) assert {:id "id2"} LitInt(0) == L >>> MarkAsFullyVerified Processing command (at Snapshots4.v1.dfy(10,5)) assert {:id "id3"} Lit(2 != 2); >>> DoNothingToAssert -Snapshots4.v1.dfy(5,4): Error: assertion might not hold -Snapshots4.v1.dfy(10,4): Error: assertion might not hold +Snapshots4.v1.dfy(5,4): Error: assertion could not be proved +Snapshots4.v1.dfy(10,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots6.run.legacy.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots6.run.legacy.dfy.expect index 7c956f3aa81..6884e7e6abb 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots6.run.legacy.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots6.run.legacy.dfy.expect @@ -4,6 +4,6 @@ Processing command (at Snapshots6.v0.dfy(20,14)) assert false; Dafny program verifier finished with 1 verified, 0 errors Processing command (at Snapshots6.v1.dfy(20,14)) assert false; >>> DoNothingToAssert -Snapshots6.v1.dfy(20,13): Error: assertion might not hold +Snapshots6.v1.dfy(20,13): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots7.run.legacy.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots7.run.legacy.dfy.expect index 38a104e8998..4d982849768 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots7.run.legacy.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots7.run.legacy.dfy.expect @@ -9,6 +9,6 @@ Processing command (at ) a##cached##0 := a##cached##0 && ##ext >>> AssumeNegationOfAssumptionVariable Processing command (at Snapshots7.v1.dfy(19,14)) assert false; >>> MarkAsPartiallyVerified -Snapshots7.v1.dfy(19,13): Error: assertion might not hold +Snapshots7.v1.dfy(19,13): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots8.run.legacy.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots8.run.legacy.dfy.expect index bd8eba27c11..f945de6f8b6 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots8.run.legacy.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny0/snapshots/Snapshots8.run.legacy.dfy.expect @@ -5,7 +5,7 @@ Processing command (at Snapshots8.v0.dfy(3,3)) assert {:id "id1"} x#0 < 10; >>> DoNothingToAssert Processing command (at Snapshots8.v0.dfy(4,8)) assert {:id "id4$id2$requires"} {:id "id2"} LitInt(0) <= call0formal#AT#y#0; >>> DoNothingToAssert -Snapshots8.v0.dfy(3,2): Error: assertion might not hold +Snapshots8.v0.dfy(3,2): Error: assertion could not be proved Snapshots8.v0.dfy(4,7): Error: a precondition for this call could not be proved Snapshots8.v0.dfy(8,13): Related location: this is the precondition that could not be proved Processing command (at Snapshots8.v0.dfy(13,13)) assert {:id "id8"} LitInt(2) <= z#0; @@ -14,14 +14,14 @@ Snapshots8.v0.dfy(17,9): Error: a postcondition could not be proved on this retu Snapshots8.v0.dfy(13,12): Related location: this is the postcondition that could not be proved Processing command (at Snapshots8.v0.dfy(23,3)) assert {:id "id10"} u#0 != 53; >>> DoNothingToAssert -Snapshots8.v0.dfy(23,2): Error: assertion might not hold +Snapshots8.v0.dfy(23,2): Error: assertion could not be proved Processing command (at Snapshots8.v0.dfy(28,3)) assert {:id "id11"} Lit(true); >>> DoNothingToAssert Dafny program verifier finished with 1 verified, 4 errors Processing command (at Snapshots8.v1.dfy(30,8)) assert {:id "id24"} u#0 != 53; >>> RecycleError -Snapshots8.v1.dfy(30,7): Error: assertion might not hold +Snapshots8.v1.dfy(30,7): Error: assertion could not be proved Processing command (at Snapshots8.v1.dfy(3,1)) assert {:id "id12"} x#0 < 20 || LitInt(10) <= x#0; >>> MarkAsFullyVerified Processing command (at Snapshots8.v1.dfy(5,8)) assert {:id "id13"} x#0 < 10; @@ -30,10 +30,10 @@ Processing command (at Snapshots8.v1.dfy(6,8)) assert {:id "id17$id14$requires"} >>> RecycleError Processing command (at Snapshots8.v1.dfy(7,3)) assert {:id "id15"} x#0 == LitInt(7); >>> DoNothingToAssert -Snapshots8.v1.dfy(5,7): Error: assertion might not hold +Snapshots8.v1.dfy(5,7): Error: assertion could not be proved Snapshots8.v1.dfy(6,7): Error: a precondition for this call could not be proved Snapshots8.v1.dfy(12,20): Related location: this is the precondition that could not be proved -Snapshots8.v1.dfy(7,2): Error: assertion might not hold +Snapshots8.v1.dfy(7,2): Error: assertion could not be proved Processing command (at Snapshots8.v1.dfy(23,5)) assert {:id "id23"} Lit(true); >>> DoNothingToAssert Processing command (at Snapshots8.v1.dfy(19,13)) assert {:id "id21"} LitInt(2) <= z#0; diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny1/InductionOptions.legacy.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny1/InductionOptions.legacy.dfy.expect index a3bc7bb4c8c..23de66f0a11 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny1/InductionOptions.legacy.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny1/InductionOptions.legacy.dfy.expect @@ -1,21 +1,21 @@ Warning: this way of using the CLI is deprecated. Use 'dafny --help' to see help for the new Dafny CLI format InductionOptions.legacy.dfy(21,0): Error: a postcondition could not be proved on this return path InductionOptions.legacy.dfy(20,26): Related location: this is the postcondition that could not be proved -InductionOptions.legacy.dfy(25,9): Error: assertion might not hold +InductionOptions.legacy.dfy(25,9): Error: assertion could not be proved InductionOptions.legacy.dfy(30,0): Error: a postcondition could not be proved on this return path InductionOptions.legacy.dfy(29,10): Related location: this is the postcondition that could not be proved -InductionOptions.legacy.dfy(35,9): Error: assertion might not hold +InductionOptions.legacy.dfy(35,9): Error: assertion could not be proved InductionOptions.legacy.dfy(40,0): Error: a postcondition could not be proved on this return path InductionOptions.legacy.dfy(39,26): Related location: this is the postcondition that could not be proved -InductionOptions.legacy.dfy(44,9): Error: assertion might not hold +InductionOptions.legacy.dfy(44,9): Error: assertion could not be proved Dafny program verifier finished with 1 verified, 6 errors InductionOptions.legacy.dfy(21,0): Error: a postcondition could not be proved on this return path InductionOptions.legacy.dfy(20,26): Related location: this is the postcondition that could not be proved -InductionOptions.legacy.dfy(25,9): Error: assertion might not hold +InductionOptions.legacy.dfy(25,9): Error: assertion could not be proved InductionOptions.legacy.dfy(30,0): Error: a postcondition could not be proved on this return path InductionOptions.legacy.dfy(29,10): Related location: this is the postcondition that could not be proved -InductionOptions.legacy.dfy(35,9): Error: assertion might not hold +InductionOptions.legacy.dfy(35,9): Error: assertion could not be proved Dafny program verifier finished with 3 verified, 4 errors Warning: this way of using the CLI is deprecated. Use 'dafny --help' to see help for the new Dafny CLI format @@ -27,9 +27,9 @@ Warning: this way of using the CLI is deprecated. Use 'dafny --help' to see help Dafny program verifier finished with 7 verified, 0 errors Warning: this way of using the CLI is deprecated. Use 'dafny --help' to see help for the new Dafny CLI format -InductionOptions.legacy.dfy(25,9): Error: assertion might not hold +InductionOptions.legacy.dfy(25,9): Error: assertion could not be proved InductionOptions.legacy.dfy(30,0): Error: a postcondition could not be proved on this return path InductionOptions.legacy.dfy(29,10): Related location: this is the postcondition that could not be proved -InductionOptions.legacy.dfy(35,9): Error: assertion might not hold +InductionOptions.legacy.dfy(35,9): Error: assertion could not be proved Dafny program verifier finished with 4 verified, 3 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny1/SchorrWaite-stages.dfy b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny1/SchorrWaite-stages.dfy index e5ed5eaa8d7..45343648d92 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny1/SchorrWaite-stages.dfy +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny1/SchorrWaite-stages.dfy @@ -1,4 +1,4 @@ -// RUN: %testDafnyForEachResolver "%s" -- --allow-deprecation +// RUN: %testDafnyForEachResolver "%s" -- --allow-deprecation --verification-time-limit=90 // Schorr-Waite algorithms, written and verified in Dafny. diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/BinarySearch.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/BinarySearch.dfy.expect index dbab3edf143..8db2fe9086e 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/BinarySearch.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/BinarySearch.dfy.expect @@ -1,3 +1,3 @@ -BinarySearch.dfy(43,19): Error: result of operation might violate newtype constraint for 'int32' +BinarySearch.dfy(43,19): Error: result of operation could not be proved to satisfy newtype constraint for 'int32' Dafny program verifier finished with 6 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug101.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug101.dfy.expect index dc72e5203fa..77f0274a5ac 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug101.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug101.dfy.expect @@ -1,3 +1,3 @@ -Bug101.dfy(10,4): Error: assertion might not hold +Bug101.dfy(10,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug114.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug114.dfy.expect index c5a380678a7..ab5756307ab 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug114.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug114.dfy.expect @@ -1,3 +1,3 @@ -Bug114.dfy(9,2): Error: assertion might not hold +Bug114.dfy(9,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug125more.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug125more.dfy.expect index 39ddb6d0dfd..750e29bcc86 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug125more.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug125more.dfy.expect @@ -1,3 +1,3 @@ -Bug125more.dfy(59,4): Error: assertion might not hold +Bug125more.dfy(59,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug144.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug144.dfy.expect index 215e139e050..449fe88f1f9 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug144.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug144.dfy.expect @@ -1,3 +1,3 @@ -Bug144.dfy(40,2): Error: assertion might not hold +Bug144.dfy(40,2): Error: assertion could not be proved Dafny program verifier finished with 3 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug145.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug145.dfy.expect index f89365a4794..8ec8313e402 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug145.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug145.dfy.expect @@ -1,4 +1,4 @@ -Bug145.dfy(11,24): Error: array size (dimension 0) might be negative -Bug145.dfy(24,4): Error: assertion might not hold +Bug145.dfy(11,24): Error: array size (dimension 0) could not be proved to be non-negative +Bug145.dfy(24,4): Error: assertion could not be proved Dafny program verifier finished with 1 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug146.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug146.dfy.expect index 90953eb4fc2..3f7d055dc7a 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug146.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug146.dfy.expect @@ -1,5 +1,5 @@ Bug146.dfy(6,75): Error: insufficient reads clause to read array element; Consider adding 'reads world' in the enclosing function specification for resolution -Bug146.dfy(37,25): Error: assertion might not hold +Bug146.dfy(37,25): Error: assertion could not be proved Bug146.dfy(26,4): Related location: this proposition could not be proved Dafny program verifier finished with 2 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug73.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug73.dfy.expect index cbc84941423..5f0e82988ba 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug73.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug73.dfy.expect @@ -1,4 +1,4 @@ -Bug73.dfy(7,13): Error: assertion might not hold -Bug73.dfy(13,13): Error: assertion might not hold +Bug73.dfy(7,13): Error: assertion could not be proved +Bug73.dfy(13,13): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug93.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug93.dfy.expect index b2453f4bf3b..cd040be3cda 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug93.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Bug93.dfy.expect @@ -1,4 +1,4 @@ -Bug93.dfy(17,8): Error: assertion might not hold -Bug93.dfy(34,8): Error: assertion might not hold +Bug93.dfy(17,8): Error: assertion could not be proved +Bug93.dfy(34,8): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/OpaqueBug.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/OpaqueBug.dfy.expect index 7ac7aa1b6e6..d9dc919fb7b 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/OpaqueBug.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/OpaqueBug.dfy.expect @@ -1,4 +1,4 @@ -OpaqueBug.dfy(13,4): Error: assertion might not hold -OpaqueBug.dfy(23,2): Error: assertion might not hold +OpaqueBug.dfy(13,4): Error: assertion could not be proved +OpaqueBug.dfy(23,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Regression5.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Regression5.dfy.expect index e1b9233f354..78cf7bc98a8 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Regression5.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/Regression5.dfy.expect @@ -1,4 +1,4 @@ -Regression5.dfy(9,9): Error: value to be converted might not fit in Syn -Regression5.dfy(15,9): Error: value to be converted might not fit in bv8 +Regression5.dfy(9,9): Error: value to be converted could not be proved to fit in Syn +Regression5.dfy(15,9): Error: value to be converted could not be proved to fit in bv8 Dafny program verifier finished with 0 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/SoftwareFoundations-Basics.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/SoftwareFoundations-Basics.dfy.expect index f01c7815583..4cc747d6e70 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/SoftwareFoundations-Basics.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/SoftwareFoundations-Basics.dfy.expect @@ -1,3 +1,3 @@ -SoftwareFoundations-Basics.dfy(41,2): Error: assertion might not hold +SoftwareFoundations-Basics.dfy(41,2): Error: assertion could not be proved Dafny program verifier finished with 53 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/git-issue134.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/git-issue134.dfy.expect index e611fba4d4d..c0ce93cb82c 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/git-issue134.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/git-issue134.dfy.expect @@ -1,3 +1,3 @@ -git-issue134.dfy(13,4): Error: assertion might not hold +git-issue134.dfy(13,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/git-issue135.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/git-issue135.dfy.expect index d71ec2700a6..6174813fd84 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/git-issue135.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/git-issue135.dfy.expect @@ -1,3 +1,3 @@ -git-issue135.dfy(11,15): Error: assertion might not hold +git-issue135.dfy(11,15): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/git-issue143.transcript.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/git-issue143.transcript.expect index 46b2c67d9fe..194eab4afe4 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/git-issue143.transcript.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/git-issue143.transcript.expect @@ -2,7 +2,7 @@ Verifying B.Bar (correctness) ... [1 proof obligation] error -Cache.dfy(9,12): Error: assertion might not hold +Cache.dfy(9,12): Error: assertion could not be proved Verification completed successfully! [SUCCESS] [[DAFNY-SERVER: EOM]] diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/git-issue20.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/git-issue20.dfy.expect index 8b432faabbd..05427b049db 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/git-issue20.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/git-issue20.dfy.expect @@ -1,3 +1,3 @@ -git-issue20.dfy(21,2): Error: assertion might not hold +git-issue20.dfy(21,2): Error: assertion could not be proved Dafny program verifier finished with 1 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/git-issue228.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/git-issue228.dfy.expect index 86a192a3725..a7ba77b8a49 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/git-issue228.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/dafny4/git-issue228.dfy.expect @@ -53,8 +53,8 @@ type Subset_NegIsOdd = x type Subset_Byte = x | 0 <= x < 256 -git-issue228.dfy(42,15): Error: result of operation might violate newtype constraint for 'NegIsOdd' -git-issue228.dfy(48,15): Error: result of operation might violate newtype constraint for 'Byte' +git-issue228.dfy(42,15): Error: result of operation could not be proved to satisfy newtype constraint for 'NegIsOdd' +git-issue228.dfy(48,15): Error: result of operation could not be proved to satisfy newtype constraint for 'Byte' Dafny program verifier finished with 8 verified, 2 errors // git-issue228.dfy @@ -261,7 +261,7 @@ type Subset_NegIsOdd = x: int type Subset_Byte = x: int | 0 <= x < 256 -git-issue228.dfy(42,15): Error: result of operation might violate newtype constraint for 'NegIsOdd' -git-issue228.dfy(48,15): Error: result of operation might violate newtype constraint for 'Byte' +git-issue228.dfy(42,15): Error: result of operation could not be proved to satisfy newtype constraint for 'NegIsOdd' +git-issue228.dfy(48,15): Error: result of operation could not be proved to satisfy newtype constraint for 'Byte' Dafny program verifier finished with 8 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/exceptions/VerificationErrors.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/exceptions/VerificationErrors.dfy.expect index 2a255d7ac24..118631847cd 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/exceptions/VerificationErrors.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/exceptions/VerificationErrors.dfy.expect @@ -1,4 +1,4 @@ -VerificationErrors.dfy(8,28): Error: assertion might not hold -VerificationErrors.dfy(15,8): Error: assertion might not hold +VerificationErrors.dfy(8,28): Error: assertion could not be proved +VerificationErrors.dfy(15,8): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/exports/ExportVerify.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/exports/ExportVerify.dfy.expect index 9465a35b911..6e025e39ea3 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/exports/ExportVerify.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/exports/ExportVerify.dfy.expect @@ -1,9 +1,9 @@ -ExportVerify.dfy(40,13): Error: variable 'd', which is subject to definite-assignment rules, might be uninitialized here -ExportVerify.dfy(44,4): Error: variable 'd', which is subject to definite-assignment rules, might be uninitialized here -ExportVerify.dfy(52,4): Error: assertion might not hold -ExportVerify.dfy(54,4): Error: assertion might not hold -ExportVerify.dfy(55,4): Error: assertion might not hold -ExportVerify.dfy(56,4): Error: assertion might not hold -ExportVerify.dfy(75,4): Error: assertion might not hold +ExportVerify.dfy(40,13): Error: variable 'd', which is subject to definite-assignment rules, could not be proved to be initialized here +ExportVerify.dfy(44,4): Error: variable 'd', which is subject to definite-assignment rules, could not be proved to be initialized here +ExportVerify.dfy(52,4): Error: assertion could not be proved +ExportVerify.dfy(54,4): Error: assertion could not be proved +ExportVerify.dfy(55,4): Error: assertion could not be proved +ExportVerify.dfy(56,4): Error: assertion could not be proved +ExportVerify.dfy(75,4): Error: assertion could not be proved Dafny program verifier finished with 1 verified, 7 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/exports/RevealProvideAll.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/exports/RevealProvideAll.dfy.expect index d1761ef6308..5fb6a4e8be1 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/exports/RevealProvideAll.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/exports/RevealProvideAll.dfy.expect @@ -1,5 +1,5 @@ RevealProvideAll.dfy(25,45): Error: a postcondition could not be proved on this return path RevealProvideAll.dfy(25,26): Related location: this is the postcondition that could not be proved -RevealProvideAll.dfy(30,4): Error: assertion might not hold +RevealProvideAll.dfy(30,4): Error: assertion could not be proved Dafny program verifier finished with 3 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1109.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1109.dfy.expect index b3b021a58f6..23cada3de2f 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1109.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1109.dfy.expect @@ -1,3 +1,3 @@ -(6,2): Error: assertion might not hold +(6,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1112.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1112.dfy.expect index 61e95c65f03..db8839a69be 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1112.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1112.dfy.expect @@ -1,24 +1,24 @@ -git-issue-1112.dfy(22,29): Error: target object might be null -git-issue-1112.dfy(24,21): Error: target object might be null -git-issue-1112.dfy(24,38): Error: target object might be null -git-issue-1112.dfy(36,32): Error: target object might be null -git-issue-1112.dfy(38,24): Error: target object might be null -git-issue-1112.dfy(38,44): Error: target object might be null -git-issue-1112.dfy(51,33): Error: target object might be null -git-issue-1112.dfy(53,25): Error: target object might be null -git-issue-1112.dfy(53,46): Error: target object might be null +git-issue-1112.dfy(22,29): Error: target object could not be proved to be non-null +git-issue-1112.dfy(24,21): Error: target object could not be proved to be non-null +git-issue-1112.dfy(24,38): Error: target object could not be proved to be non-null +git-issue-1112.dfy(36,32): Error: target object could not be proved to be non-null +git-issue-1112.dfy(38,24): Error: target object could not be proved to be non-null +git-issue-1112.dfy(38,44): Error: target object could not be proved to be non-null +git-issue-1112.dfy(51,33): Error: target object could not be proved to be non-null +git-issue-1112.dfy(53,25): Error: target object could not be proved to be non-null +git-issue-1112.dfy(53,46): Error: target object could not be proved to be non-null git-issue-1112.dfy(64,26): Error: receiver could not be proved to be allocated in the state in which its fields are accessed git-issue-1112.dfy(66,28): Error: receiver could not be proved to be allocated in the state in which its fields are accessed git-issue-1112.dfy(77,23): Error: array could not be proved to be allocated git-issue-1112.dfy(79,25): Error: array could not be proved to be allocated git-issue-1112.dfy(90,23): Error: array could not be proved to be allocated git-issue-1112.dfy(92,25): Error: array could not be proved to be allocated -git-issue-1112.dfy(98,11): Error: array might be null +git-issue-1112.dfy(98,11): Error: array could not be proved to be non-null git-issue-1112.dfy(98,14): Error: index out of range -git-issue-1112.dfy(99,11): Error: array might be null +git-issue-1112.dfy(99,11): Error: array could not be proved to be non-null git-issue-1112.dfy(99,13): Error: index 0 out of range git-issue-1112.dfy(99,16): Error: index 1 out of range -git-issue-1112.dfy(107,11): Error: array might be null -git-issue-1112.dfy(108,11): Error: array might be null +git-issue-1112.dfy(107,11): Error: array could not be proved to be non-null +git-issue-1112.dfy(108,11): Error: array could not be proved to be non-null Dafny program verifier finished with 5 verified, 22 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1207.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1207.dfy.expect index 428bfc12202..b251b204ac2 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1207.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1207.dfy.expect @@ -3,34 +3,34 @@ git-issue-1207.dfy(29,9): Warning: Could not find a trigger for this quantifier. git-issue-1207.dfy(41,9): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. git-issue-1207.dfy(47,9): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. git-issue-1207.dfy(48,9): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. -git-issue-1207.dfy(10,2): Error: assertion might not hold -git-issue-1207.dfy(11,2): Error: assertion might not hold -git-issue-1207.dfy(14,2): Error: assertion might not hold -git-issue-1207.dfy(15,2): Error: assertion might not hold -git-issue-1207.dfy(16,2): Error: assertion might not hold -git-issue-1207.dfy(17,2): Error: assertion might not hold -git-issue-1207.dfy(18,2): Error: assertion might not hold -git-issue-1207.dfy(22,2): Error: assertion might not hold -git-issue-1207.dfy(23,2): Error: assertion might not hold -git-issue-1207.dfy(26,2): Error: assertion might not hold -git-issue-1207.dfy(27,2): Error: assertion might not hold -git-issue-1207.dfy(28,2): Error: assertion might not hold -git-issue-1207.dfy(29,2): Error: assertion might not hold -git-issue-1207.dfy(30,2): Error: assertion might not hold -git-issue-1207.dfy(34,2): Error: assertion might not hold -git-issue-1207.dfy(35,2): Error: assertion might not hold -git-issue-1207.dfy(38,2): Error: assertion might not hold -git-issue-1207.dfy(39,2): Error: assertion might not hold -git-issue-1207.dfy(40,2): Error: assertion might not hold -git-issue-1207.dfy(41,2): Error: assertion might not hold -git-issue-1207.dfy(42,2): Error: assertion might not hold -git-issue-1207.dfy(43,2): Error: assertion might not hold -git-issue-1207.dfy(47,2): Error: assertion might not hold -git-issue-1207.dfy(48,2): Error: assertion might not hold -git-issue-1207.dfy(49,2): Error: assertion might not hold -git-issue-1207.dfy(50,2): Error: assertion might not hold +git-issue-1207.dfy(10,2): Error: assertion could not be proved +git-issue-1207.dfy(11,2): Error: assertion could not be proved +git-issue-1207.dfy(14,2): Error: assertion could not be proved +git-issue-1207.dfy(15,2): Error: assertion could not be proved +git-issue-1207.dfy(16,2): Error: assertion could not be proved +git-issue-1207.dfy(17,2): Error: assertion could not be proved +git-issue-1207.dfy(18,2): Error: assertion could not be proved +git-issue-1207.dfy(22,2): Error: assertion could not be proved +git-issue-1207.dfy(23,2): Error: assertion could not be proved +git-issue-1207.dfy(26,2): Error: assertion could not be proved +git-issue-1207.dfy(27,2): Error: assertion could not be proved +git-issue-1207.dfy(28,2): Error: assertion could not be proved +git-issue-1207.dfy(29,2): Error: assertion could not be proved +git-issue-1207.dfy(30,2): Error: assertion could not be proved +git-issue-1207.dfy(34,2): Error: assertion could not be proved +git-issue-1207.dfy(35,2): Error: assertion could not be proved +git-issue-1207.dfy(38,2): Error: assertion could not be proved +git-issue-1207.dfy(39,2): Error: assertion could not be proved +git-issue-1207.dfy(40,2): Error: assertion could not be proved +git-issue-1207.dfy(41,2): Error: assertion could not be proved +git-issue-1207.dfy(42,2): Error: assertion could not be proved +git-issue-1207.dfy(43,2): Error: assertion could not be proved +git-issue-1207.dfy(47,2): Error: assertion could not be proved +git-issue-1207.dfy(48,2): Error: assertion could not be proved +git-issue-1207.dfy(49,2): Error: assertion could not be proved +git-issue-1207.dfy(50,2): Error: assertion could not be proved git-issue-1207.dfy(50,49): Error: index out of range git-issue-1207.dfy(50,57): Error: index out of range -git-issue-1207.dfy(51,2): Error: assertion might not hold +git-issue-1207.dfy(51,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 29 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1252.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1252.dfy.expect index e3b1f4d26dd..43b50dbc9ce 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1252.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1252.dfy.expect @@ -1,19 +1,19 @@ git-issue-1252.dfy(37,16): Warning: the modify statement with a block statement is deprecated -git-issue-1252.dfy(30,11): Error: target object might be null -git-issue-1252.dfy(37,11): Error: target object might be null -git-issue-1252.dfy(45,13): Error: target object might be null +git-issue-1252.dfy(30,11): Error: target object could not be proved to be non-null +git-issue-1252.dfy(37,11): Error: target object could not be proved to be non-null +git-issue-1252.dfy(45,13): Error: target object could not be proved to be non-null git-issue-1252.dfy(51,14): Error: possible division by zero -git-issue-1252.dfy(59,15): Error: target object might be null -git-issue-1252.dfy(70,15): Error: target object might be null -git-issue-1252.dfy(81,15): Error: target object might be null -git-issue-1252.dfy(87,13): Error: target object might be null -git-issue-1252.dfy(93,13): Error: target object might be null -git-issue-1252.dfy(93,13): Error: target object might be null -git-issue-1252.dfy(94,10): Error: target object might be null -git-issue-1252.dfy(94,10): Error: target object might be null -git-issue-1252.dfy(100,25): Error: target object might be null +git-issue-1252.dfy(59,15): Error: target object could not be proved to be non-null +git-issue-1252.dfy(70,15): Error: target object could not be proved to be non-null +git-issue-1252.dfy(81,15): Error: target object could not be proved to be non-null +git-issue-1252.dfy(87,13): Error: target object could not be proved to be non-null +git-issue-1252.dfy(93,13): Error: target object could not be proved to be non-null +git-issue-1252.dfy(93,13): Error: target object could not be proved to be non-null +git-issue-1252.dfy(94,10): Error: target object could not be proved to be non-null +git-issue-1252.dfy(94,10): Error: target object could not be proved to be non-null +git-issue-1252.dfy(100,25): Error: target object could not be proved to be non-null git-issue-1252.dfy(106,21): Error: object could not be proved to be allocated in the old-state of the 'unchanged' predicate -git-issue-1252.dfy(106,21): Error: object might be null -git-issue-1252.dfy(106,21): Error: target object might be null +git-issue-1252.dfy(106,21): Error: object could not be proved to be non-null +git-issue-1252.dfy(106,21): Error: target object could not be proved to be non-null Dafny program verifier finished with 4 verified, 16 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1256.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1256.dfy.expect index f188ed343c7..8d0a5869c8f 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1256.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1256.dfy.expect @@ -1,4 +1,4 @@ -git-issue-1256.dfy(21,2): Error: assertion might not hold -git-issue-1256.dfy(22,2): Error: assertion might not hold +git-issue-1256.dfy(21,2): Error: assertion could not be proved +git-issue-1256.dfy(22,2): Error: assertion could not be proved Dafny program verifier finished with 15 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1277.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1277.dfy.expect index 2c1cdab3ba1..75a10f914e8 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1277.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1277.dfy.expect @@ -1,4 +1,4 @@ git-issue-1277.dfy(11,7): Error: the calculation step between the previous line and this line could not be proved -git-issue-1277.dfy(11,10): Error: when converting shift amount to a bit vector, the value to be converted might not fit in bv3 +git-issue-1277.dfy(11,10): Error: when converting shift amount to a bit vector, the value to be converted could not be proved to fit in bv3 Dafny program verifier finished with 0 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1545.dfy.refresh.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1545.dfy.refresh.expect index b1145fb6c5f..58b26b53d30 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1545.dfy.refresh.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1545.dfy.refresh.expect @@ -17,8 +17,8 @@ git-issue-1545.dfy(56,11): Warning: Could not find a trigger for this quantifier git-issue-1545.dfy(58,11): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. git-issue-1545.dfy(60,11): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. git-issue-1545.dfy(62,11): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. -git-issue-1545.dfy(17,4): Error: assertion might not hold -git-issue-1545.dfy(19,4): Error: assertion might not hold -git-issue-1545.dfy(60,4): Error: assertion might not hold +git-issue-1545.dfy(17,4): Error: assertion could not be proved +git-issue-1545.dfy(19,4): Error: assertion could not be proved +git-issue-1545.dfy(60,4): Error: assertion could not be proved Dafny program verifier finished with 5 verified, 3 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1619.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1619.dfy.expect index c29c5a3c891..c713029c3c9 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1619.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1619.dfy.expect @@ -2,17 +2,17 @@ git-issue-1619.dfy(17,17): Error: cannot establish the existence of LHS values t git-issue-1619.dfy(28,17): Error: cannot establish the existence of LHS values that satisfy the such-that predicate git-issue-1619.dfy(38,17): Error: cannot establish the existence of LHS values that satisfy the such-that predicate git-issue-1619.dfy(49,17): Error: cannot establish the existence of LHS values that satisfy the such-that predicate -git-issue-1619.dfy(174,11): Error: variable 'm', which is subject to definite-assignment rules, might be uninitialized here -git-issue-1619.dfy(176,2): Error: assertion might not hold -git-issue-1619.dfy(181,11): Error: variable 'm', which is subject to definite-assignment rules, might be uninitialized here -git-issue-1619.dfy(183,2): Error: assertion might not hold -git-issue-1619.dfy(188,12): Error: variable 'u', which is subject to definite-assignment rules, might be uninitialized here -git-issue-1619.dfy(206,11): Error: variable 'p', which is subject to definite-assignment rules, might be uninitialized here -git-issue-1619.dfy(225,11): Error: variable 'x', which is subject to definite-assignment rules, might be uninitialized here -git-issue-1619.dfy(226,11): Error: variable 'p', which is subject to definite-assignment rules, might be uninitialized here -git-issue-1619.dfy(269,27): Error: variable 'p', which is subject to definite-assignment rules, might be uninitialized here +git-issue-1619.dfy(174,11): Error: variable 'm', which is subject to definite-assignment rules, could not be proved to be initialized here +git-issue-1619.dfy(176,2): Error: assertion could not be proved +git-issue-1619.dfy(181,11): Error: variable 'm', which is subject to definite-assignment rules, could not be proved to be initialized here +git-issue-1619.dfy(183,2): Error: assertion could not be proved +git-issue-1619.dfy(188,12): Error: variable 'u', which is subject to definite-assignment rules, could not be proved to be initialized here +git-issue-1619.dfy(206,11): Error: variable 'p', which is subject to definite-assignment rules, could not be proved to be initialized here +git-issue-1619.dfy(225,11): Error: variable 'x', which is subject to definite-assignment rules, could not be proved to be initialized here +git-issue-1619.dfy(226,11): Error: variable 'p', which is subject to definite-assignment rules, could not be proved to be initialized here +git-issue-1619.dfy(269,27): Error: variable 'p', which is subject to definite-assignment rules, could not be proved to be initialized here git-issue-1619.dfy(274,6): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. -git-issue-1619.dfy(287,27): Error: variable 'p', which is subject to definite-assignment rules, might be uninitialized here +git-issue-1619.dfy(287,27): Error: variable 'p', which is subject to definite-assignment rules, could not be proved to be initialized here git-issue-1619.dfy(292,9): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. Dafny program verifier finished with 18 verified, 16 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1989.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1989.dfy.expect index c3693ffb374..05d10c01eac 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1989.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-1989.dfy.expect @@ -20,13 +20,13 @@ git-issue-1989.dfy(124,23): Warning: Argument to 'old' does not dereference the git-issue-1989.dfy(125,28): Warning: Argument to 'old' does not dereference the mutable heap, so this use of 'old' has no effect git-issue-1989.dfy(126,2): Error: a postcondition could not be proved on this return path git-issue-1989.dfy(122,22): Related location: this is the postcondition that could not be proved -git-issue-1989.dfy(150,9): Error: assertion might not hold +git-issue-1989.dfy(150,9): Error: assertion could not be proved git-issue-1989.dfy(156,20): Error: a precondition for this call could not be proved git-issue-1989.dfy(130,18): Related location: this is the precondition that could not be proved -git-issue-1989.dfy(181,10): Error: assertion might not hold +git-issue-1989.dfy(181,10): Error: assertion could not be proved git-issue-1989.dfy(199,17): Error: a precondition for this call could not be proved git-issue-1989.dfy(130,18): Related location: this is the precondition that could not be proved -git-issue-1989.dfy(221,10): Error: assertion might not hold +git-issue-1989.dfy(221,10): Error: assertion could not be proved git-issue-1989.dfy(233,17): Error: a precondition for this call could not be proved git-issue-1989.dfy(130,18): Related location: this is the precondition that could not be proved diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-19b.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-19b.dfy.expect index 7fa4a9d7ae6..dd7379218a9 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-19b.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-19b.dfy.expect @@ -1,10 +1,10 @@ -git-issue-19b.dfy(36,4): Error: assertion might not hold -git-issue-19b.dfy(43,4): Error: assertion might not hold -git-issue-19b.dfy(50,4): Error: assertion might not hold -git-issue-19b.dfy(57,4): Error: assertion might not hold -git-issue-19b.dfy(64,4): Error: assertion might not hold -git-issue-19b.dfy(71,4): Error: assertion might not hold -git-issue-19b.dfy(102,4): Error: assertion might not hold +git-issue-19b.dfy(36,4): Error: assertion could not be proved +git-issue-19b.dfy(43,4): Error: assertion could not be proved +git-issue-19b.dfy(50,4): Error: assertion could not be proved +git-issue-19b.dfy(57,4): Error: assertion could not be proved +git-issue-19b.dfy(64,4): Error: assertion could not be proved +git-issue-19b.dfy(71,4): Error: assertion could not be proved +git-issue-19b.dfy(102,4): Error: assertion could not be proved git-issue-19b.dfy(115,4): Error: a postcondition could not be proved on this return path git-issue-19b.dfy(113,14): Related location: this is the postcondition that could not be proved git-issue-19b.dfy(131,36): Error: a precondition for this call could not be proved diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2299.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2299.dfy.expect index 45b46e76c15..0241f435d43 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2299.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2299.dfy.expect @@ -1,18 +1,18 @@ -git-issue-2299.dfy(37,21): Error: assertion might not hold +git-issue-2299.dfy(37,21): Error: assertion could not be proved git-issue-2299.dfy(10,11): Related location: this proposition could not be proved -git-issue-2299.dfy(48,21): Error: assertion might not hold +git-issue-2299.dfy(48,21): Error: assertion could not be proved git-issue-2299.dfy(16,4): Related location: this proposition could not be proved -git-issue-2299.dfy(58,20): Error: assertion might not hold +git-issue-2299.dfy(58,20): Error: assertion could not be proved git-issue-2299.dfy(21,4): Related location: this proposition could not be proved -git-issue-2299.dfy(67,22): Error: assertion might not hold +git-issue-2299.dfy(67,22): Error: assertion could not be proved git-issue-2299.dfy(21,4): Related location: this proposition could not be proved -git-issue-2299.dfy(81,16): Error: assertion might not hold +git-issue-2299.dfy(81,16): Error: assertion could not be proved git-issue-2299.dfy(27,12): Related location: this proposition could not be proved git-issue-2299.dfy(10,11): Related location: this proposition could not be proved -git-issue-2299.dfy(81,16): Error: assertion might not hold +git-issue-2299.dfy(81,16): Error: assertion could not be proved git-issue-2299.dfy(27,26): Related location: this proposition could not be proved git-issue-2299.dfy(16,4): Related location: this proposition could not be proved -git-issue-2299.dfy(81,16): Error: assertion might not hold +git-issue-2299.dfy(81,16): Error: assertion could not be proved git-issue-2299.dfy(27,39): Related location: this proposition could not be proved git-issue-2299.dfy(21,4): Related location: this proposition could not be proved diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2301.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2301.dfy.expect index ea026313873..26dd49b5c35 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2301.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2301.dfy.expect @@ -1,5 +1,5 @@ git-issue-2301.dfy(15,14): Error: insufficient reads clause to read state of 'unchanged' object -git-issue-2301.dfy(23,29): Error: assertion might not hold +git-issue-2301.dfy(23,29): Error: assertion could not be proved git-issue-2301.dfy(10,4): Related location: this proposition could not be proved git-issue-2301.dfy(39,6): Error: insufficient reads clause to read state of 'unchanged' object git-issue-2301.dfy(40,6): Error: insufficient reads clause to read state of 'unchanged' object diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2384.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2384.dfy.expect index 9556d63ff12..728bc1c0a81 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2384.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2384.dfy.expect @@ -1,5 +1,5 @@ -git-issue-2384.dfy(11,9): Error: method might modify an object not in the parent trait context's modifies clause -git-issue-2384.dfy(14,18): Error: predicate might read an object not in the parent trait context's reads clause -git-issue-2384.dfy(17,17): Error: function might read an object not in the parent trait context's reads clause +git-issue-2384.dfy(11,9): Error: modified object in method could not be proved to be in the parent trait's modifies clause +git-issue-2384.dfy(14,18): Error: accessed object in predicate could not be proved to be in the parent trait's reads clause +git-issue-2384.dfy(17,17): Error: accessed object in function could not be proved to be in the parent trait's reads clause Dafny program verifier finished with 0 verified, 3 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2511.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2511.dfy.expect index ff9d166d1d7..b56d2736598 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2511.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2511.dfy.expect @@ -1,5 +1,5 @@ -git-issue-2511.dfy(14,4): Error: assertion might not hold -git-issue-2511.dfy(24,12): Error: decreases clause might not decrease +git-issue-2511.dfy(14,4): Error: assertion could not be proved +git-issue-2511.dfy(24,12): Error: decreases clause could not be proved to decrease git-issue-2511.dfy(51,11): Error: method's (possibly automatically generated) decreases clause must be below or equal to that in the trait Dafny program verifier finished with 3 verified, 3 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2597-verification.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2597-verification.dfy.expect index f9d73be7133..12be7e69f4f 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2597-verification.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2597-verification.dfy.expect @@ -6,9 +6,9 @@ git-issue-2597-verification.dfy(46,16): Error: a precondition for this call coul git-issue-2597-verification.dfy(8,18): Related location: this is the precondition that could not be proved git-issue-2597-verification.dfy(54,16): Error: a precondition for this call could not be proved git-issue-2597-verification.dfy(8,18): Related location: this is the precondition that could not be proved -git-issue-2597-verification.dfy(61,4): Error: assertion might not hold -git-issue-2597-verification.dfy(77,6): Error: assertion might not hold -git-issue-2597-verification.dfy(84,6): Error: assertion might not hold +git-issue-2597-verification.dfy(61,4): Error: assertion could not be proved +git-issue-2597-verification.dfy(77,6): Error: assertion could not be proved +git-issue-2597-verification.dfy(84,6): Error: assertion could not be proved git-issue-2597-verification.dfy(97,18): Error: a precondition for this call could not be proved git-issue-2597-verification.dfy(8,18): Related location: this is the precondition that could not be proved git-issue-2597-verification.dfy(111,20): Error: a precondition for this call could not be proved diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2605.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2605.dfy.expect index 0cc8b0fab25..b8a77dc240b 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2605.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2605.dfy.expect @@ -2,7 +2,7 @@ git-issue-2605.dfy(6,14): Error: possible division by zero git-issue-2605.dfy(6,23): Error: possible division by zero git-issue-2605.dfy(7,13): Error: index out of range git-issue-2605.dfy(7,21): Error: index out of range -git-issue-2605.dfy(9,4): Error: assertion might not hold -git-issue-2605.dfy(11,2): Error: assertion might not hold +git-issue-2605.dfy(9,4): Error: assertion could not be proved +git-issue-2605.dfy(11,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 6 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2612b.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2612b.dfy.expect index 2623aaadd92..4d267beb07c 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2612b.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2612b.dfy.expect @@ -1,3 +1,3 @@ -git-issue-2612b.dfy(11,2): Error: assertion might not hold +git-issue-2612b.dfy(11,2): Error: assertion could not be proved Dafny program verifier finished with 1 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2651.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2651.dfy.expect index 676c9aa2169..a6f961c68c2 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2651.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2651.dfy.expect @@ -1,3 +1,3 @@ -git-issue-2651.dfy(7,22): Error: assertion might not hold +git-issue-2651.dfy(7,22): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2693.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2693.dfy.expect index 068da5541d5..3ca79dda181 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2693.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2693.dfy.expect @@ -3,6 +3,6 @@ git-issue-2693.dfy(10,10): Warning: Support for member 'Extract' in type 'EvenGo git-issue-2693.dfy(10,10): Error: a postcondition could not be proved on this return path git-issue-2693.dfy(6,46): Related location: this is the postcondition that could not be proved git-issue-2693.dfy(21,12): Related location: this proposition could not be proved -git-issue-2693.dfy(11,4): Error: assertion might not hold +git-issue-2693.dfy(11,4): Error: assertion could not be proved Dafny program verifier finished with 6 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2752.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2752.dfy.expect index b90846c9c6f..42f955d7fb5 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2752.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2752.dfy.expect @@ -1,6 +1,6 @@ git-issue-2752.dfy(7,16): Error: value of expression (of type 'object?') is not known to be an instance of type 'Empty' git-issue-2752.dfy(8,17): Error: value of expression (of type 'object?') is not known to be an instance of type 'EmptyQ' -git-issue-2752.dfy(9,13): Error: result of operation might violate subset type constraint for 'EmptyInt' +git-issue-2752.dfy(9,13): Error: result of operation could not be proved to satisfy subset type constraint for 'EmptyInt' git-issue-2752.dfy(14,2): Error: value of expression (of type 'object?') is not known to be an instance of type 'foo' Dafny program verifier finished with 0 verified, 4 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-276.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-276.dfy.expect index 966652fd779..d02c32ad72a 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-276.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-276.dfy.expect @@ -15,8 +15,8 @@ git-issue-276.dfy(20,10): Info: newtype ba resolves as {:nativeType "byte"} (det git-issue-276.dfy(21,10): Info: newtype b3b resolves as {:nativeType "byte"} (detected range: 0 .. 6) git-issue-276.dfy(22,10): Info: newtype b4b resolves as {:nativeType "byte"} (detected range: 0 .. 10) git-issue-276.dfy(38,10): Info: newtype cx resolves as {:nativeType "byte"} (detected range: 0 .. 4) -git-issue-276.dfy(25,17): Error: result of operation might violate newtype constraint for 'byte' -git-issue-276.dfy(29,18): Error: result of operation might violate newtype constraint for 'b2' -git-issue-276.dfy(32,18): Error: result of operation might violate newtype constraint for 'b3' +git-issue-276.dfy(25,17): Error: result of operation could not be proved to satisfy newtype constraint for 'byte' +git-issue-276.dfy(29,18): Error: result of operation could not be proved to satisfy newtype constraint for 'b2' +git-issue-276.dfy(32,18): Error: result of operation could not be proved to satisfy newtype constraint for 'b3' Dafny program verifier finished with 18 verified, 3 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-276a.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-276a.dfy.expect index 46dd2f1a834..c2e43d8d17d 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-276a.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-276a.dfy.expect @@ -23,21 +23,21 @@ git-issue-276a.dfy(7,10): Error: cannot find witness that shows type is inhabite git-issue-276a.dfy(7,26): Related location: this proposition could not be proved git-issue-276a.dfy(7,32): Error: possible division by zero git-issue-276a.dfy(8,32): Error: the real-based number must be an integer (if you want truncation, apply .Floor to the real-based number) -git-issue-276a.dfy(9,42): Error: value to be converted might not fit in bv8 +git-issue-276a.dfy(9,42): Error: value to be converted could not be proved to fit in bv8 git-issue-276a.dfy(10,34): Error: the real-based number must be an integer (if you want truncation, apply .Floor to the real-based number) -git-issue-276a.dfy(11,33): Error: value to be converted might not fit in bv8 -git-issue-276a.dfy(12,41): Error: value to be converted might not fit in bv8 +git-issue-276a.dfy(11,33): Error: value to be converted could not be proved to fit in bv8 +git-issue-276a.dfy(12,41): Error: value to be converted could not be proved to fit in bv8 git-issue-276a.dfy(13,10): Error: cannot find witness that shows type is inhabited (only tried 0); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type git-issue-276a.dfy(13,27): Related location: this proposition could not be proved -git-issue-276a.dfy(13,39): Error: value to be converted might not fit in char +git-issue-276a.dfy(13,39): Error: value to be converted could not be proved to fit in char git-issue-276a.dfy(14,10): Error: cannot find witness that shows type is inhabited (only tried 0); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type git-issue-276a.dfy(14,27): Related location: this proposition could not be proved -git-issue-276a.dfy(14,47): Error: value to be converted might not fit in char +git-issue-276a.dfy(14,47): Error: value to be converted could not be proved to fit in char git-issue-276a.dfy(15,41): Error: the real-based number must be an integer (if you want truncation, apply .Floor to the real-based number) -git-issue-276a.dfy(16,40): Error: value to be converted might not fit in bv2 +git-issue-276a.dfy(16,40): Error: value to be converted could not be proved to fit in bv2 git-issue-276a.dfy(17,10): Error: cannot find witness that shows type is inhabited (only tried 0); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type git-issue-276a.dfy(17,27): Related location: this proposition could not be proved -git-issue-276a.dfy(17,53): Error: value to be converted might not fit in char +git-issue-276a.dfy(17,53): Error: value to be converted could not be proved to fit in char git-issue-276a.dfy(18,41): Error: possible division by zero git-issue-276a.dfy(19,41): Error: possible division by zero git-issue-276a.dfy(20,10): Error: cannot find witness that shows type is inhabited (only tried 0); try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2959a.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2959a.dfy.expect index 0948f622bb9..8ed24e5256d 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2959a.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2959a.dfy.expect @@ -1,5 +1,5 @@ -git-issue-2959a.dfy(6,5): Error: variable 'b', which is subject to definite-assignment rules, might be uninitialized here -git-issue-2959a.dfy(15,7): Error: variable 'y', which is subject to definite-assignment rules, might be uninitialized here +git-issue-2959a.dfy(6,5): Error: variable 'b', which is subject to definite-assignment rules, could not be proved to be initialized here +git-issue-2959a.dfy(15,7): Error: variable 'y', which is subject to definite-assignment rules, could not be proved to be initialized here git-issue-2959a.dfy(19,11): Error: unless an initializer is provided for the array elements, a new array of 'int' must have empty size Dafny program verifier finished with 0 verified, 3 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2959b.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2959b.dfy.expect index 52cf279a4d6..2d43298811d 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2959b.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-2959b.dfy.expect @@ -1,4 +1,4 @@ -git-issue-2959b.dfy(14,5): Error: variable 'b', which is subject to definite-assignment rules, might be uninitialized here -git-issue-2959b.dfy(27,7): Error: variable 'y', which is subject to definite-assignment rules, might be uninitialized here +git-issue-2959b.dfy(14,5): Error: variable 'b', which is subject to definite-assignment rules, could not be proved to be initialized here +git-issue-2959b.dfy(27,7): Error: variable 'y', which is subject to definite-assignment rules, could not be proved to be initialized here Dafny program verifier finished with 3 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3095.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3095.dfy.expect index ad56ae4e9c7..bb144bd7bcc 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3095.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3095.dfy.expect @@ -18,32 +18,32 @@ git-issue-3095.dfy(103,11): Warning: Assertion with {:only} temporarily transfor git-issue-3095.dfy(105,11): Warning: Assertion with {:only} temporarily transforms other assertions into assumptions git-issue-3095.dfy(114,11): Warning: Assertion with {:only} temporarily transforms other assertions into assumptions git-issue-3095.dfy(116,11): Warning: Assertion with {:only} temporarily transforms other assertions into assumptions -git-issue-3095.dfy(19,2): Error: assertion might not hold -git-issue-3095.dfy(26,4): Error: assertion might not hold -git-issue-3095.dfy(27,6): Error: assertion might not hold -git-issue-3095.dfy(32,2): Error: assertion might not hold -git-issue-3095.dfy(40,2): Error: assertion might not hold -git-issue-3095.dfy(41,2): Error: assertion might not hold -git-issue-3095.dfy(42,2): Error: assertion might not hold -git-issue-3095.dfy(43,0): Error: out-parameter 'j', which is subject to definite-assignment rules, might be uninitialized at this return point -git-issue-3095.dfy(51,4): Error: assertion might not hold -git-issue-3095.dfy(52,4): Error: assertion might not hold -git-issue-3095.dfy(60,2): Error: assertion might not hold -git-issue-3095.dfy(61,2): Error: assertion might not hold -git-issue-3095.dfy(62,2): Error: assertion might not hold -git-issue-3095.dfy(71,2): Error: assertion might not hold -git-issue-3095.dfy(72,4): Error: assertion might not hold -git-issue-3095.dfy(73,4): Error: assertion might not hold -git-issue-3095.dfy(83,2): Error: assertion might not hold -git-issue-3095.dfy(84,2): Error: assertion might not hold -git-issue-3095.dfy(85,2): Error: assertion might not hold -git-issue-3095.dfy(92,2): Error: assertion might not hold -git-issue-3095.dfy(93,2): Error: assertion might not hold -git-issue-3095.dfy(95,2): Error: assertion might not hold -git-issue-3095.dfy(96,2): Error: assertion might not hold -git-issue-3095.dfy(97,0): Error: out-parameter 'j', which is subject to definite-assignment rules, might be uninitialized at this return point -git-issue-3095.dfy(103,2): Error: assertion might not hold -git-issue-3095.dfy(113,2): Error: assertion might not hold -git-issue-3095.dfy(114,2): Error: assertion might not hold +git-issue-3095.dfy(19,2): Error: assertion could not be proved +git-issue-3095.dfy(26,4): Error: assertion could not be proved +git-issue-3095.dfy(27,6): Error: assertion could not be proved +git-issue-3095.dfy(32,2): Error: assertion could not be proved +git-issue-3095.dfy(40,2): Error: assertion could not be proved +git-issue-3095.dfy(41,2): Error: assertion could not be proved +git-issue-3095.dfy(42,2): Error: assertion could not be proved +git-issue-3095.dfy(43,0): Error: out-parameter 'j', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +git-issue-3095.dfy(51,4): Error: assertion could not be proved +git-issue-3095.dfy(52,4): Error: assertion could not be proved +git-issue-3095.dfy(60,2): Error: assertion could not be proved +git-issue-3095.dfy(61,2): Error: assertion could not be proved +git-issue-3095.dfy(62,2): Error: assertion could not be proved +git-issue-3095.dfy(71,2): Error: assertion could not be proved +git-issue-3095.dfy(72,4): Error: assertion could not be proved +git-issue-3095.dfy(73,4): Error: assertion could not be proved +git-issue-3095.dfy(83,2): Error: assertion could not be proved +git-issue-3095.dfy(84,2): Error: assertion could not be proved +git-issue-3095.dfy(85,2): Error: assertion could not be proved +git-issue-3095.dfy(92,2): Error: assertion could not be proved +git-issue-3095.dfy(93,2): Error: assertion could not be proved +git-issue-3095.dfy(95,2): Error: assertion could not be proved +git-issue-3095.dfy(96,2): Error: assertion could not be proved +git-issue-3095.dfy(97,0): Error: out-parameter 'j', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +git-issue-3095.dfy(103,2): Error: assertion could not be proved +git-issue-3095.dfy(113,2): Error: assertion could not be proved +git-issue-3095.dfy(114,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 27 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3304b.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3304b.dfy.expect index d4ef64bf42e..7fa07ef1a6a 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3304b.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3304b.dfy.expect @@ -1,4 +1,4 @@ -git-issue-3304b.dfy(5,2): Error: assertion might not hold +git-issue-3304b.dfy(5,2): Error: assertion could not be proved | 5 | assert false; | ^^^^^^ diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3449.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3449.dfy.expect index 42d97eb0009..8c928d0bc1f 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3449.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3449.dfy.expect @@ -1,4 +1,4 @@ -git-issue-3449.dfy(11,4): Error: assertion might not hold -git-issue-3449.dfy(13,4): Error: assertion might not hold +git-issue-3449.dfy(11,4): Error: assertion could not be proved +git-issue-3449.dfy(13,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3461b.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3461b.dfy.expect index a0ba6c4710f..6d8de03d8fe 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3461b.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3461b.dfy.expect @@ -1,3 +1,3 @@ -git-issue-3461b.dfy(7,2): Error: assertion might not hold +git-issue-3461b.dfy(7,2): Error: assertion could not be proved Dafny program verifier finished with 2 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-356-errors.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-356-errors.dfy.expect index cd7b76ce1d6..88fc1e0cfe7 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-356-errors.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-356-errors.dfy.expect @@ -1,25 +1,25 @@ -git-issue-356-errors.dfy(10,14): Error: value to be converted might not fit in char -git-issue-356-errors.dfy(16,14): Error: value to be converted might not fit in char -git-issue-356-errors.dfy(22,14): Error: value to be converted might not fit in char +git-issue-356-errors.dfy(10,14): Error: value to be converted could not be proved to fit in char +git-issue-356-errors.dfy(16,14): Error: value to be converted could not be proved to fit in char +git-issue-356-errors.dfy(22,14): Error: value to be converted could not be proved to fit in char git-issue-356-errors.dfy(34,22): Error: a negative integer cannot be converted to an ORDINAL git-issue-356-errors.dfy(47,22): Error: a negative real cannot be converted to an ORDINAL git-issue-356-errors.dfy(53,22): Error: the real-based number must be an integer (if you want truncation, apply .Floor to the real-based number) git-issue-356-errors.dfy(66,18): Error: the real-based number must be an integer (if you want truncation, apply .Floor to the real-based number) -git-issue-356-errors.dfy(80,14): Error: real value to be converted might not fit in char -git-issue-356-errors.dfy(87,14): Error: real value to be converted might not fit in char +git-issue-356-errors.dfy(80,14): Error: real value to be converted could not be proved to fit in char +git-issue-356-errors.dfy(87,14): Error: real value to be converted could not be proved to fit in char git-issue-356-errors.dfy(93,14): Error: the real-based number must be an integer (if you want truncation, apply .Floor to the real-based number) -git-issue-356-errors.dfy(108,14): Error: value to be converted might not fit in bv8 -git-issue-356-errors.dfy(115,14): Error: value to be converted might not fit in bv8 +git-issue-356-errors.dfy(108,14): Error: value to be converted could not be proved to fit in bv8 +git-issue-356-errors.dfy(115,14): Error: value to be converted could not be proved to fit in bv8 git-issue-356-errors.dfy(121,14): Error: the real-based number must be an integer (if you want truncation, apply .Floor to the real-based number) -git-issue-356-errors.dfy(135,14): Error: value to be converted might not fit in bv8 -git-issue-356-errors.dfy(141,14): Error: value to be converted might not fit in bv8 -git-issue-356-errors.dfy(153,14): Error: value to be converted might not fit in bv8 -git-issue-356-errors.dfy(170,14): Error: ORDINAL value to be converted might not fit in char -git-issue-356-errors.dfy(170,14): Error: value to be converted might be bigger than every natural number -git-issue-356-errors.dfy(176,14): Error: ORDINAL value to be converted might not fit in char -git-issue-356-errors.dfy(189,13): Error: value to be converted might be bigger than every natural number -git-issue-356-errors.dfy(189,13): Error: value to be converted might not fit in bv8 -git-issue-356-errors.dfy(195,13): Error: value to be converted might not fit in bv8 -git-issue-356-errors.dfy(207,14): Error: bit-vector value to be converted might not fit in char +git-issue-356-errors.dfy(135,14): Error: value to be converted could not be proved to fit in bv8 +git-issue-356-errors.dfy(141,14): Error: value to be converted could not be proved to fit in bv8 +git-issue-356-errors.dfy(153,14): Error: value to be converted could not be proved to fit in bv8 +git-issue-356-errors.dfy(170,14): Error: ORDINAL value to be converted could not be proved to fit in char +git-issue-356-errors.dfy(170,14): Error: value to be converted could not be proved to be a natural number +git-issue-356-errors.dfy(176,14): Error: ORDINAL value to be converted could not be proved to fit in char +git-issue-356-errors.dfy(189,13): Error: value to be converted could not be proved to be a natural number +git-issue-356-errors.dfy(189,13): Error: value to be converted could not be proved to fit in bv8 +git-issue-356-errors.dfy(195,13): Error: value to be converted could not be proved to fit in bv8 +git-issue-356-errors.dfy(207,14): Error: bit-vector value to be converted could not be proved to fit in char Dafny program verifier finished with 14 verified, 23 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-356-errors2.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-356-errors2.dfy.expect index a231415af3f..843bbcc8214 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-356-errors2.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-356-errors2.dfy.expect @@ -1,9 +1,9 @@ -git-issue-356-errors2.dfy(17,11): Error: result of operation might violate subset type constraint for 'Tx' -git-issue-356-errors2.dfy(17,11): Error: value to be converted might be bigger than every natural number -git-issue-356-errors2.dfy(18,11): Error: result of operation might violate subset type constraint for 'Tx' -git-issue-356-errors2.dfy(19,11): Error: result of operation might violate subset type constraint for 'Tx' -git-issue-356-errors2.dfy(23,11): Error: result of operation might violate subset type constraint for 'Tx' +git-issue-356-errors2.dfy(17,11): Error: result of operation could not be proved to satisfy subset type constraint for 'Tx' +git-issue-356-errors2.dfy(17,11): Error: value to be converted could not be proved to be a natural number +git-issue-356-errors2.dfy(18,11): Error: result of operation could not be proved to satisfy subset type constraint for 'Tx' +git-issue-356-errors2.dfy(19,11): Error: result of operation could not be proved to satisfy subset type constraint for 'Tx' +git-issue-356-errors2.dfy(23,11): Error: result of operation could not be proved to satisfy subset type constraint for 'Tx' git-issue-356-errors2.dfy(23,11): Error: the real-based number must be an integer (if you want truncation, apply .Floor to the real-based number) -git-issue-356-errors2.dfy(24,11): Error: result of operation might violate subset type constraint for 'Tx' +git-issue-356-errors2.dfy(24,11): Error: result of operation could not be proved to satisfy subset type constraint for 'Tx' Dafny program verifier finished with 2 verified, 7 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3605.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3605.dfy.expect index d7cf98abfd0..78a0bcab6af 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3605.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3605.dfy.expect @@ -1,3 +1,3 @@ -git-issue-3605.dfy(15,2): Error: assertion might not hold +git-issue-3605.dfy(15,2): Error: assertion could not be proved Dafny program verifier finished with 1 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3719.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3719.dfy.expect index bbceecbdce7..4139c113711 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3719.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3719.dfy.expect @@ -1,4 +1,4 @@ -git-issue-3719.dfy(12,18): Error: assertion might not hold +git-issue-3719.dfy(12,18): Error: assertion could not be proved git-issue-3719.dfy(7,37): Related location: this proposition could not be proved Dafny program verifier finished with 3 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3804.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3804.dfy.expect index 9c4938ace29..053887b0ee5 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3804.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3804.dfy.expect @@ -1,8 +1,8 @@ -git-issue-3804.dfy(9,2): Error: assertion might not hold -git-issue-3804.dfy(20,2): Error: assertion might not hold -git-issue-3804.dfy(22,2): Error: assertion might not hold -git-issue-3804.dfy(31,2): Error: assertion might not hold -git-issue-3804.dfy(48,2): Error: assertion might not hold -git-issue-3804.dfy(69,2): Error: assertion might not hold +git-issue-3804.dfy(9,2): Error: assertion could not be proved +git-issue-3804.dfy(20,2): Error: assertion could not be proved +git-issue-3804.dfy(22,2): Error: assertion could not be proved +git-issue-3804.dfy(31,2): Error: assertion could not be proved +git-issue-3804.dfy(48,2): Error: assertion could not be proved +git-issue-3804.dfy(69,2): Error: assertion could not be proved Dafny program verifier finished with 2 verified, 6 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3804b.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3804b.dfy.expect index 6bfab177c40..104627b027c 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3804b.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3804b.dfy.expect @@ -2,7 +2,7 @@ git-issue-3804b.dfy(18,2): Error: a postcondition could not be proved on this re git-issue-3804b.dfy(16,12): Related location: this is the postcondition that could not be proved git-issue-3804b.dfy(27,2): Error: a postcondition could not be proved on this return path git-issue-3804b.dfy(25,12): Related location: this is the postcondition that could not be proved -git-issue-3804b.dfy(40,2): Error: assertion might not hold -git-issue-3804b.dfy(48,2): Error: assertion might not hold +git-issue-3804b.dfy(40,2): Error: assertion could not be proved +git-issue-3804b.dfy(48,2): Error: assertion could not be proved Dafny program verifier finished with 5 verified, 4 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3804c.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3804c.dfy.expect index 7e33f1ab472..f7d5dae789a 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3804c.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-3804c.dfy.expect @@ -1,4 +1,4 @@ -git-issue-3804c.dfy(15,8): Error: assertion might not hold -git-issue-3804c.dfy(20,8): Error: assertion might not hold +git-issue-3804c.dfy(15,8): Error: assertion could not be proved +git-issue-3804c.dfy(20,8): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4055.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4055.dfy.expect index 933847eb2c5..76bedd02e6a 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4055.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4055.dfy.expect @@ -1,5 +1,5 @@ git-issue-4055.dfy(12,11): Warning: Assertion with {:only} temporarily transforms other assertions into assumptions -git-issue-4055.dfy(7,2): Error: assertion might not hold -git-issue-4055.dfy(18,2): Error: assertion might not hold +git-issue-4055.dfy(7,2): Error: assertion could not be proved +git-issue-4055.dfy(18,2): Error: assertion could not be proved Dafny program verifier finished with 1 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4074.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4074.dfy.expect index 4950864d1ac..0dce6d42065 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4074.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4074.dfy.expect @@ -2,8 +2,8 @@ git-issue-4074.dfy(23,11): Warning: Members with @VerifyOnly temporarily disable git-issue-4074.dfy(4,9): Warning: Members with @VerifyOnly temporarily disable the verification of other members in the entire file git-issue-4074.dfy(4,14): Warning: @VerifyOnly on members does not support arguments git-issue-4074.dfy(13,11): Warning: Members with @VerifyOnly temporarily disable the verification of other members in the entire file -git-issue-4074.dfy(5,2): Error: assertion might not hold -git-issue-4074.dfy(14,4): Error: assertion might not hold -git-issue-4074.dfy(24,4): Error: assertion might not hold +git-issue-4074.dfy(5,2): Error: assertion could not be proved +git-issue-4074.dfy(14,4): Error: assertion could not be proved +git-issue-4074.dfy(24,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 3 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-448.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-448.dfy.expect index 5ce60b89093..4774ef2834a 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-448.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-448.dfy.expect @@ -1,8 +1,8 @@ -git-issue-448.dfy(18,8): Error: variable 's', which is subject to definite-assignment rules, might be uninitialized here -git-issue-448.dfy(21,4): Error: variable 'c', which is subject to definite-assignment rules, might be uninitialized here -git-issue-448.dfy(23,13): Error: variable 'c', which is subject to definite-assignment rules, might be uninitialized here -git-issue-448.dfy(25,6): Error: variable 'c', which is subject to definite-assignment rules, might be uninitialized here -git-issue-448.dfy(27,13): Error: variable 'c', which is subject to definite-assignment rules, might be uninitialized here +git-issue-448.dfy(18,8): Error: variable 's', which is subject to definite-assignment rules, could not be proved to be initialized here +git-issue-448.dfy(21,4): Error: variable 'c', which is subject to definite-assignment rules, could not be proved to be initialized here +git-issue-448.dfy(23,13): Error: variable 'c', which is subject to definite-assignment rules, could not be proved to be initialized here +git-issue-448.dfy(25,6): Error: variable 'c', which is subject to definite-assignment rules, could not be proved to be initialized here +git-issue-448.dfy(27,13): Error: variable 'c', which is subject to definite-assignment rules, could not be proved to be initialized here git-issue-448.dfy(40,8): Error: possible division by zero Dafny program verifier finished with 1 verified, 6 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4939b.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4939b.dfy.expect index f38e41b4de0..43267499fb5 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4939b.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4939b.dfy.expect @@ -1,5 +1,5 @@ git-issue-4939b.dfy(24,11): Warning: because of cyclic dependencies among constructor argument types, no instances of datatype 'BadList' can be constructed -git-issue-4939b.dfy(16,12): Error: variable 'a', which is subject to definite-assignment rules, might be uninitialized here -git-issue-4939b.dfy(18,12): Error: variable 'b', which is subject to definite-assignment rules, might be uninitialized here +git-issue-4939b.dfy(16,12): Error: variable 'a', which is subject to definite-assignment rules, could not be proved to be initialized here +git-issue-4939b.dfy(18,12): Error: variable 'b', which is subject to definite-assignment rules, could not be proved to be initialized here Dafny program verifier finished with 1 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4946b.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4946b.dfy.expect index 24d3e14bd06..a5b446b0a84 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4946b.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4946b.dfy.expect @@ -1,4 +1,4 @@ -git-issue-4946b.dfy(6,5): Error: trying witness null: value of expression (of type 'GeneralTrait?') is not known to be an instance of type 'GeneralTrait', because it might be null -git-issue-4946b.dfy(7,5): Error: trying witness null: value of expression (of type 'ReferenceTrait?') is not known to be an instance of type 'ReferenceTrait', because it might be null +git-issue-4946b.dfy(6,5): Error: trying witness null: value of expression (of type 'GeneralTrait?') is not known to be an instance of type 'GeneralTrait', because it could not be proved to be non-null +git-issue-4946b.dfy(7,5): Error: trying witness null: value of expression (of type 'ReferenceTrait?') is not known to be an instance of type 'ReferenceTrait', because it could not be proved to be non-null Dafny program verifier finished with 0 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4946c.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4946c.dfy.expect index dc7590f7b42..ff7dd9ceeed 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4946c.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4946c.dfy.expect @@ -1,4 +1,4 @@ git-issue-4946c.dfy(6,5): Error: cannot find witness that shows type is inhabited; try giving a hint through a 'witness' or 'ghost witness' clause, or use 'witness *' to treat as a possibly empty type -git-issue-4946c.dfy(7,5): Error: trying witness null: value of expression (of type 'ReferenceTrait?') is not known to be an instance of type 'ReferenceTrait', because it might be null +git-issue-4946c.dfy(7,5): Error: trying witness null: value of expression (of type 'ReferenceTrait?') is not known to be an instance of type 'ReferenceTrait', because it could not be proved to be non-null Dafny program verifier finished with 0 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4994.dfy.refresh.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4994.dfy.refresh.expect index a18d22a4fac..4a6f88adf82 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4994.dfy.refresh.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-4994.dfy.refresh.expect @@ -1,10 +1,10 @@ -git-issue-4994.dfy(12,4): Error: assertion might not hold -git-issue-4994.dfy(14,4): Error: assertion might not hold -git-issue-4994.dfy(16,4): Error: assertion might not hold -git-issue-4994.dfy(18,4): Error: assertion might not hold -git-issue-4994.dfy(25,4): Error: assertion might not hold -git-issue-4994.dfy(27,4): Error: assertion might not hold -git-issue-4994.dfy(29,4): Error: assertion might not hold -git-issue-4994.dfy(31,4): Error: assertion might not hold +git-issue-4994.dfy(12,4): Error: assertion could not be proved +git-issue-4994.dfy(14,4): Error: assertion could not be proved +git-issue-4994.dfy(16,4): Error: assertion could not be proved +git-issue-4994.dfy(18,4): Error: assertion could not be proved +git-issue-4994.dfy(25,4): Error: assertion could not be proved +git-issue-4994.dfy(27,4): Error: assertion could not be proved +git-issue-4994.dfy(29,4): Error: assertion could not be proved +git-issue-4994.dfy(31,4): Error: assertion could not be proved Dafny program verifier finished with 1 verified, 8 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5017a.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5017a.dfy.expect index ff1a243c0c6..b02805fa024 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5017a.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5017a.dfy.expect @@ -1,6 +1,6 @@ -git-issue-5017a.dfy(45,4): Error: assertion might not hold -git-issue-5017a.dfy(72,4): Error: assertion might not hold -git-issue-5017a.dfy(79,4): Error: assertion might not hold -git-issue-5017a.dfy(127,4): Error: assertion might not hold +git-issue-5017a.dfy(45,4): Error: assertion could not be proved +git-issue-5017a.dfy(72,4): Error: assertion could not be proved +git-issue-5017a.dfy(79,4): Error: assertion could not be proved +git-issue-5017a.dfy(127,4): Error: assertion could not be proved Dafny program verifier finished with 14 verified, 4 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5017c.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5017c.dfy.expect index 4132fbfcaeb..e4567799eb7 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5017c.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5017c.dfy.expect @@ -1,4 +1,4 @@ -git-issue-5017c.dfy(33,4): Error: assertion might not hold -git-issue-5017c.dfy(75,4): Error: assertion might not hold +git-issue-5017c.dfy(33,4): Error: assertion could not be proved +git-issue-5017c.dfy(75,4): Error: assertion could not be proved Dafny program verifier finished with 11 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5023.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5023.dfy.expect index b0dfb78864c..53734e8b09a 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5023.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5023.dfy.expect @@ -1,11 +1,11 @@ -git-issue-5023.dfy(13,4): Error: field 'five', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body -git-issue-5023.dfy(22,12): Error: variable 'five', which is subject to definite-assignment rules, might be uninitialized here -git-issue-5023.dfy(25,23): Error: variable 'five', which is subject to definite-assignment rules, might be uninitialized here -git-issue-5023.dfy(69,4): Error: field 'five', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body -git-issue-5023.dfy(78,12): Error: variable 'five', which is subject to definite-assignment rules, might be uninitialized here -git-issue-5023.dfy(81,23): Error: variable 'five', which is subject to definite-assignment rules, might be uninitialized here -git-issue-5023.dfy(157,4): Error: field 'five', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body -git-issue-5023.dfy(167,11): Error: variable 'five', which is subject to definite-assignment rules, might be uninitialized here -git-issue-5023.dfy(170,23): Error: variable 'five', which is subject to definite-assignment rules, might be uninitialized here +git-issue-5023.dfy(13,4): Error: field 'five', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body +git-issue-5023.dfy(22,12): Error: variable 'five', which is subject to definite-assignment rules, could not be proved to be initialized here +git-issue-5023.dfy(25,23): Error: variable 'five', which is subject to definite-assignment rules, could not be proved to be initialized here +git-issue-5023.dfy(69,4): Error: field 'five', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body +git-issue-5023.dfy(78,12): Error: variable 'five', which is subject to definite-assignment rules, could not be proved to be initialized here +git-issue-5023.dfy(81,23): Error: variable 'five', which is subject to definite-assignment rules, could not be proved to be initialized here +git-issue-5023.dfy(157,4): Error: field 'five', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body +git-issue-5023.dfy(167,11): Error: variable 'five', which is subject to definite-assignment rules, could not be proved to be initialized here +git-issue-5023.dfy(170,23): Error: variable 'five', which is subject to definite-assignment rules, could not be proved to be initialized here Dafny program verifier finished with 7 verified, 9 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5136.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5136.dfy.expect index 070be655a9d..affef9b17b7 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5136.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5136.dfy.expect @@ -1,8 +1,8 @@ git-issue-5136.dfy(12,9): Error: value does not satisfy the subset constraints of 'Empty' git-issue-5136.dfy(16,16): Error: possible division by zero -git-issue-5136.dfy(37,4): Error: field 'x', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body +git-issue-5136.dfy(37,4): Error: field 'x', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body git-issue-5136.dfy(49,9): Error: value does not satisfy the subset constraints of 'Empty' git-issue-5136.dfy(54,16): Error: possible division by zero -git-issue-5136.dfy(75,4): Error: field 'x', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body +git-issue-5136.dfy(75,4): Error: field 'x', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body Dafny program verifier finished with 8 verified, 6 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5520.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5520.dfy.expect index 4d932b10f8b..b3d9b89b899 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5520.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5520.dfy.expect @@ -1,6 +1,6 @@ -git-issue-5520.dfy(12,12): Error: result of operation might violate subset type constraint for 'Empty' -git-issue-5520.dfy(25,12): Error: result of operation might violate subset type constraint for 'Empty' -git-issue-5520.dfy(48,12): Error: result of operation might violate subset type constraint for 'Empty' -git-issue-5520.dfy(61,12): Error: result of operation might violate subset type constraint for 'Empty' +git-issue-5520.dfy(12,12): Error: result of operation could not be proved to satisfy subset type constraint for 'Empty' +git-issue-5520.dfy(25,12): Error: result of operation could not be proved to satisfy subset type constraint for 'Empty' +git-issue-5520.dfy(48,12): Error: result of operation could not be proved to satisfy subset type constraint for 'Empty' +git-issue-5520.dfy(61,12): Error: result of operation could not be proved to satisfy subset type constraint for 'Empty' Dafny program verifier finished with 8 verified, 4 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5521.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5521.dfy.expect index 38696de0ef1..41a263bdaa9 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5521.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5521.dfy.expect @@ -1,7 +1,7 @@ -git-issue-5521.dfy(6,10): Error: trying witness 0: result of operation might violate subset type constraint for 'Empty' -git-issue-5521.dfy(24,35): Error: result of operation might violate subset type constraint for 'Empty' -git-issue-5521.dfy(42,41): Error: result of operation might violate subset type constraint for 'Empty' -git-issue-5521.dfy(52,22): Error: variable 'x', which is subject to definite-assignment rules, might be uninitialized here -git-issue-5521.dfy(70,22): Error: variable 'x', which is subject to definite-assignment rules, might be uninitialized here +git-issue-5521.dfy(6,10): Error: trying witness 0: result of operation could not be proved to satisfy subset type constraint for 'Empty' +git-issue-5521.dfy(24,35): Error: result of operation could not be proved to satisfy subset type constraint for 'Empty' +git-issue-5521.dfy(42,41): Error: result of operation could not be proved to satisfy subset type constraint for 'Empty' +git-issue-5521.dfy(52,22): Error: variable 'x', which is subject to definite-assignment rules, could not be proved to be initialized here +git-issue-5521.dfy(70,22): Error: variable 'x', which is subject to definite-assignment rules, could not be proved to be initialized here Dafny program verifier finished with 6 verified, 5 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-555.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-555.dfy.expect index af558470a29..bfe7808157e 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-555.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-555.dfy.expect @@ -1,4 +1,4 @@ -git-issue-555.dfy(17,2): Error: assertion might not hold +git-issue-555.dfy(17,2): Error: assertion could not be proved Dafny program verifier finished with 2 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5586.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5586.dfy.expect index 702ffec04b3..2c36e79615c 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5586.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5586.dfy.expect @@ -1,4 +1,4 @@ -git-issue-5586.dfy(14,10): Error: assertion might not hold +git-issue-5586.dfy(14,10): Error: assertion could not be proved git-issue-5586.dfy(10,4): Related location: this proposition could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5726b.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5726b.dfy.expect index 1b5edb239cc..c36955d550f 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5726b.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5726b.dfy.expect @@ -1,5 +1,5 @@ git-issue-5726b.dfy(15,16): Error: value of expression (of type 'G1') is not known to be an instance of type 'G' -git-issue-5726b.dfy(24,4): Error: assertion might not hold -git-issue-5726b.dfy(42,12): Error: target object might be null +git-issue-5726b.dfy(24,4): Error: assertion could not be proved +git-issue-5726b.dfy(42,12): Error: target object could not be proved to be non-null Dafny program verifier finished with 3 verified, 3 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5730/git-issue-5730.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5730/git-issue-5730.dfy.expect index 61b3253cb7a..fa00c66fd76 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5730/git-issue-5730.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5730/git-issue-5730.dfy.expect @@ -1,5 +1,5 @@ git-issue-5730.dfy(5,2): Warning: Members with @VerifyOnly temporarily disable the verification of other members in the entire file -git-issue-5730-include.dfy(4,2): Error: assertion might not hold -git-issue-5730.dfy(6,4): Error: assertion might not hold +git-issue-5730-include.dfy(4,2): Error: assertion could not be proved +git-issue-5730.dfy(6,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-580.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-580.dfy.expect index de995cf4538..364b8b3c36a 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-580.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-580.dfy.expect @@ -1,3 +1,3 @@ -git-issue-580.dfy(8,4): Error: assertion might not hold +git-issue-580.dfy(8,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5972.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5972.dfy.expect index 35d393053a0..85ac6a2b67d 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5972.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5972.dfy.expect @@ -2,8 +2,8 @@ git-issue-5972.dfy(19,11): Error: == can only be applied to expressions of types git-issue-5972.dfy(37,11): Error: == can only be applied to expressions of types that support equality (got S) (perhaps try declaring type parameter 'A' on line 24 as 'A(==)', which says it can only be instantiated with a type that supports equality) git-issue-5972.dfy(80,11): Error: == can only be applied to expressions of types that support equality (got M) (perhaps try declaring type parameter 'A' on line 67 as 'A(==)', which says it can only be instantiated with a type that supports equality) git-issue-5972.dfy(98,11): Error: == can only be applied to expressions of types that support equality (got S) (perhaps try declaring type parameter 'A' on line 85 as 'A(==)', which says it can only be instantiated with a type that supports equality) -git-issue-5972.dfy(124,7): Error: type 'MyMap' declared as supporting equality, but the RHS type (map) might not (perhaps try declaring type parameter 'U' on line 124 as 'U(==)', which says it can only be instantiated with a type that supports equality) -git-issue-5972.dfy(125,7): Error: type 'MySeq' declared as supporting equality, but the RHS type (seq) might not (perhaps try declaring type parameter 'T' on line 125 as 'T(==)', which says it can only be instantiated with a type that supports equality) +git-issue-5972.dfy(124,7): Error: type 'MyMap' declared as supporting equality, but the RHS type (map) could not be proved to support equality (perhaps try declaring type parameter 'U' on line 124 as 'U(==)', which says it can only be instantiated with a type that supports equality) +git-issue-5972.dfy(125,7): Error: type 'MySeq' declared as supporting equality, but the RHS type (seq) could not be proved to support equality (perhaps try declaring type parameter 'T' on line 125 as 'T(==)', which says it can only be instantiated with a type that supports equality) git-issue-5972.dfy(202,11): Error: == can only be applied to expressions of types that support equality (got M) (perhaps try declaring type parameter 'A' on line 189 as 'A(==)', which says it can only be instantiated with a type that supports equality) git-issue-5972.dfy(220,11): Error: == can only be applied to expressions of types that support equality (got S) (perhaps try declaring type parameter 'A' on line 207 as 'A(==)', which says it can only be instantiated with a type that supports equality) 8 resolution/type errors detected in git-issue-5972.dfy diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5972a.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5972a.dfy.expect index 54f54d2f936..a6940e2cf59 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5972a.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-5972a.dfy.expect @@ -1,5 +1,5 @@ git-issue-5972a.dfy(24,11): Error: == can only be applied to expressions of types that support equality (got M) (perhaps try declaring type parameter 'A' on line 11 as 'A(==)', which says it can only be instantiated with a type that supports equality) git-issue-5972a.dfy(42,11): Error: == can only be applied to expressions of types that support equality (got S) (perhaps try declaring type parameter 'A' on line 29 as 'A(==)', which says it can only be instantiated with a type that supports equality) -git-issue-5972a.dfy(68,7): Error: type 'MyMap' declared as supporting equality, but the RHS type (map) might not (perhaps try declaring type parameter 'U' on line 68 as 'U(==)', which says it can only be instantiated with a type that supports equality) -git-issue-5972a.dfy(69,7): Error: type 'MySeq' declared as supporting equality, but the RHS type (seq) might not (perhaps try declaring type parameter 'T' on line 69 as 'T(==)', which says it can only be instantiated with a type that supports equality) +git-issue-5972a.dfy(68,7): Error: type 'MyMap' declared as supporting equality, but the RHS type (map) could not be proved to support equality (perhaps try declaring type parameter 'U' on line 68 as 'U(==)', which says it can only be instantiated with a type that supports equality) +git-issue-5972a.dfy(69,7): Error: type 'MySeq' declared as supporting equality, but the RHS type (seq) could not be proved to support equality (perhaps try declaring type parameter 'T' on line 69 as 'T(==)', which says it can only be instantiated with a type that supports equality) 4 resolution/type errors detected in git-issue-5972a.dfy diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-604.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-604.dfy.expect index db503984405..5425b1d0bda 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-604.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-604.dfy.expect @@ -1,5 +1,5 @@ git-issue-604.dfy(6,2): Warning: this loop has no body (loop frame: x) -git-issue-604.dfy(8,2): Error: assertion might not hold -git-issue-604.dfy(20,2): Error: assertion might not hold +git-issue-604.dfy(8,2): Error: assertion could not be proved +git-issue-604.dfy(20,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-6164.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-6164.dfy.expect index 6079bfaf99d..8746867603c 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-6164.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-6164.dfy.expect @@ -1,4 +1,4 @@ -git-issue-6164.dfy(29,6): Error: assertion might not hold -git-issue-6164.dfy(69,6): Error: assertion might not hold +git-issue-6164.dfy(29,6): Error: assertion could not be proved +git-issue-6164.dfy(69,6): Error: assertion could not be proved Dafny program verifier finished with 4 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-816.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-816.dfy.expect index 2c384e5a8d9..12f4deb8951 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-816.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-816.dfy.expect @@ -1,5 +1,5 @@ -git-issue-816.dfy(7,2): Error: assertion might not hold -git-issue-816.dfy(20,2): Error: assertion might not hold -git-issue-816.dfy(26,2): Error: assertion might not hold +git-issue-816.dfy(7,2): Error: assertion could not be proved +git-issue-816.dfy(20,2): Error: assertion could not be proved +git-issue-816.dfy(26,2): Error: assertion could not be proved Dafny program verifier finished with 1 verified, 3 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-817c.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-817c.dfy.expect index 44427e3d7c5..56546b4b1a9 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-817c.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-817c.dfy.expect @@ -1,10 +1,10 @@ -git-issue-817c.dfy(22,15): Error: left-hand sides this.data and data might refer to the same location -git-issue-817c.dfy(29,15): Error: left-hand sides data and this.data might refer to the same location -git-issue-817c.dfy(45,8): Error: left-hand sides i and i refer to the same location -git-issue-817c.dfy(51,5): Error: left-hand sides i and i refer to the same location -git-issue-817c.dfy(67,14): Error: left-hand sides ccc.data and c.data might refer to the same location -git-issue-817c.dfy(75,17): Error: left-hand sides ccc.data and c.data might refer to the same location -git-issue-817c.dfy(83,14): Error: left-hand sides aaa[2] and a[2] might refer to the same location -git-issue-817c.dfy(91,14): Error: left-hand sides aaa[2] and a[2] might refer to the same location +git-issue-817c.dfy(22,15): Error: left-hand sides this.data and data could not be proved to refer to different locations +git-issue-817c.dfy(29,15): Error: left-hand sides data and this.data could not be proved to refer to different locations +git-issue-817c.dfy(45,8): Error: left-hand sides i and i could not be proved to refer to different locations +git-issue-817c.dfy(51,5): Error: left-hand sides i and i could not be proved to refer to different locations +git-issue-817c.dfy(67,14): Error: left-hand sides ccc.data and c.data could not be proved to refer to different locations +git-issue-817c.dfy(75,17): Error: left-hand sides ccc.data and c.data could not be proved to refer to different locations +git-issue-817c.dfy(83,14): Error: left-hand sides aaa[2] and a[2] could not be proved to refer to different locations +git-issue-817c.dfy(91,14): Error: left-hand sides aaa[2] and a[2] could not be proved to refer to different locations Dafny program verifier finished with 5 verified, 8 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-851.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-851.dfy.expect index c131c1f3935..fe668460247 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-851.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-851.dfy.expect @@ -21,7 +21,7 @@ git-issue-851.dfy(265,13): Warning: Could not find a trigger for this quantifier git-issue-851.dfy(271,13): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. git-issue-851.dfy(17,4): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. git-issue-851.dfy(37,4): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. -git-issue-851.dfy(55,4): Error: variable 'd', which is subject to definite-assignment rules, might be uninitialized here +git-issue-851.dfy(55,4): Error: variable 'd', which is subject to definite-assignment rules, could not be proved to be initialized here git-issue-851.dfy(62,13): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. git-issue-851.dfy(70,13): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. git-issue-851.dfy(127,14): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-885.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-885.dfy.expect index 88f2d806475..24b3d1163a9 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-885.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-885.dfy.expect @@ -4,7 +4,7 @@ git-issue-885.dfy(22,13): Error: value of expression (of type 'Trait?') is not k git-issue-885.dfy(29,13): Error: value of expression (of type 'Trait') is not known to be an instance of type 'Class' git-issue-885.dfy(35,13): Error: value of expression (of type 'Trait?') is not known to be an instance of type 'Class?' git-issue-885.dfy(49,18): Error: value of expression (of type 'Trait') is not known to be an instance of type 'Class' -git-issue-885.dfy(53,18): Error: value of expression (of type 'Class?') is not known to be an instance of type 'Class', because it might be null +git-issue-885.dfy(53,18): Error: value of expression (of type 'Class?') is not known to be an instance of type 'Class', because it could not be proved to be non-null git-issue-885.dfy(59,19): Error: value of expression (of type 'ClassT?<_T0>') is not known to be an instance of type 'ClassT<_T0>' (possible cause: it may be null) Dafny program verifier finished with 2 verified, 8 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-889a.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-889a.dfy.expect index 7d104e3a33c..867766ce4e7 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-889a.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-889a.dfy.expect @@ -1,14 +1,14 @@ git-issue-889a.dfy(137,4): Warning: this branch is redundant git-issue-889a.dfy(145,4): Warning: this branch is redundant -git-issue-889a.dfy(38,15): Error: result of operation might violate newtype constraint for 'int8' -git-issue-889a.dfy(41,14): Error: result of operation might violate newtype constraint for 'int8' -git-issue-889a.dfy(43,12): Error: result of operation might violate newtype constraint for 'exactly5' -git-issue-889a.dfy(45,11): Error: result of operation might violate newtype constraint for 'smallneg' -git-issue-889a.dfy(51,9): Error: result of operation might violate newtype constraint for 'int8' -git-issue-889a.dfy(53,9): Error: result of operation might violate newtype constraint for 'int8' -git-issue-889a.dfy(55,9): Error: result of operation might violate newtype constraint for 'smallneg' -git-issue-889a.dfy(57,9): Error: result of operation might violate newtype constraint for 'smallneg' -git-issue-889a.dfy(97,2): Error: assertion might not hold +git-issue-889a.dfy(38,15): Error: result of operation could not be proved to satisfy newtype constraint for 'int8' +git-issue-889a.dfy(41,14): Error: result of operation could not be proved to satisfy newtype constraint for 'int8' +git-issue-889a.dfy(43,12): Error: result of operation could not be proved to satisfy newtype constraint for 'exactly5' +git-issue-889a.dfy(45,11): Error: result of operation could not be proved to satisfy newtype constraint for 'smallneg' +git-issue-889a.dfy(51,9): Error: result of operation could not be proved to satisfy newtype constraint for 'int8' +git-issue-889a.dfy(53,9): Error: result of operation could not be proved to satisfy newtype constraint for 'int8' +git-issue-889a.dfy(55,9): Error: result of operation could not be proved to satisfy newtype constraint for 'smallneg' +git-issue-889a.dfy(57,9): Error: result of operation could not be proved to satisfy newtype constraint for 'smallneg' +git-issue-889a.dfy(97,2): Error: assertion could not be proved git-issue-889a.dfy(121,4): Error: missing case in match statement: not all possibilities for selector of type bv1 have been covered Dafny program verifier finished with 9 verified, 10 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-897.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-897.dfy.expect index ff7099c6c4e..d250f990c99 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-897.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-897.dfy.expect @@ -1,5 +1,5 @@ git-issue-897.dfy(10,17): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. -git-issue-897.dfy(11,4): Error: assertion might not hold +git-issue-897.dfy(11,4): Error: assertion could not be proved git-issue-897.dfy(16,30): Error: possible violation of postcondition of forall statement Dafny program verifier finished with 0 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-936.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-936.dfy.expect index cd58cea9bc4..180589bbc64 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-936.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-936.dfy.expect @@ -1,3 +1,3 @@ -git-issue-936.dfy(29,5): Error: assertion might not hold +git-issue-936.dfy(29,5): Error: assertion could not be proved Dafny program verifier finished with 9 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-952.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-952.dfy.expect index e4fcebf8ffe..a2cae75cda6 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-952.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-952.dfy.expect @@ -1,8 +1,8 @@ -git-issue-952.dfy(35,6): Error: assertion might not hold -git-issue-952.dfy(38,6): Error: assertion might not hold -git-issue-952.dfy(71,6): Error: assertion might not hold -git-issue-952.dfy(74,6): Error: assertion might not hold -git-issue-952.dfy(100,6): Error: assertion might not hold -git-issue-952.dfy(103,6): Error: assertion might not hold +git-issue-952.dfy(35,6): Error: assertion could not be proved +git-issue-952.dfy(38,6): Error: assertion could not be proved +git-issue-952.dfy(71,6): Error: assertion could not be proved +git-issue-952.dfy(74,6): Error: assertion could not be proved +git-issue-952.dfy(100,6): Error: assertion could not be proved +git-issue-952.dfy(103,6): Error: assertion could not be proved Dafny program verifier finished with 4 verified, 6 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-977.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-977.dfy.expect index b916d6d74aa..4b06e33c92a 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-977.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/git-issue-977.dfy.expect @@ -45,13 +45,13 @@ git-issue-977.dfy(71,4): Info: ensures RicochetOrd(m, num) git-issue-977.dfy(110,28): Info: Some instances of this call are not inlined. git-issue-977.dfy(143,26): Info: Some instances of this call are not inlined. git-issue-977.dfy(162,21): Info: Some instances of this call are not inlined. -git-issue-977.dfy(39,25): Error: assertion might not hold +git-issue-977.dfy(39,25): Error: assertion could not be proved git-issue-977.dfy(14,29): Related location: this proposition could not be proved git-issue-977.dfy(9,7): Related location: this proposition could not be proved -git-issue-977.dfy(41,31): Error: assertion might not hold +git-issue-977.dfy(41,31): Error: assertion could not be proved git-issue-977.dfy(22,13): Related location: this proposition could not be proved git-issue-977.dfy(9,7): Related location: this proposition could not be proved -git-issue-977.dfy(43,26): Error: assertion might not hold +git-issue-977.dfy(43,26): Error: assertion could not be proved git-issue-977.dfy(30,29): Related location: this proposition could not be proved git-issue-977.dfy(9,7): Related location: this proposition could not be proved git-issue-977.dfy(220,18): Info: Some instances of this call are not inlined. diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/github-issue-2574.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/github-issue-2574.dfy.expect index 1840e46245c..17893574d8d 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/github-issue-2574.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/git-issues/github-issue-2574.dfy.expect @@ -1,4 +1,4 @@ -github-issue-2574.dfy(12,2): Error: out-parameter 'i', which is subject to definite-assignment rules, might be uninitialized at this return point +github-issue-2574.dfy(12,2): Error: out-parameter 'i', which is subject to definite-assignment rules, could not be proved to be initialized at this return point | 12 | } | ^ diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Apply.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Apply.dfy.expect index 1a63b6a43da..04876f615a1 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Apply.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Apply.dfy.expect @@ -1,4 +1,4 @@ -Apply.dfy(95,4): Error: assertion might not hold +Apply.dfy(95,4): Error: assertion could not be proved Apply.dfy(46,23): Error: function could not be proved to be allocated in the state in which the function is invoked Apply.dfy(57,31): Error: argument could not be proved to be allocated in the state in which the function is invoked Apply.dfy(58,31): Error: argument could not be proved to be allocated in the state in which the function is invoked diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Classes.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Classes.dfy.expect index 067d7a0f32f..27578100299 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Classes.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Classes.dfy.expect @@ -1,4 +1,4 @@ Classes.dfy(33,17): Error: function precondition could not be proved -Classes.dfy(60,2): Error: assertion might not hold +Classes.dfy(60,2): Error: assertion could not be proved Dafny program verifier finished with 4 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Field.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Field.dfy.expect index ae5a833a8e0..38d51a8ac43 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Field.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Field.dfy.expect @@ -1,6 +1,6 @@ -Field.dfy(12,2): Error: assertion might not hold +Field.dfy(12,2): Error: assertion could not be proved Field.dfy(12,11): Error: function precondition could not be proved -Field.dfy(21,2): Error: assertion might not hold +Field.dfy(21,2): Error: assertion could not be proved Field.dfy(21,11): Error: function precondition could not be proved Dafny program verifier finished with 0 verified, 4 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Frame.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Frame.dfy.expect index 8621a4760df..3c2396c6bbc 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Frame.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Frame.dfy.expect @@ -1,9 +1,9 @@ -Frame.dfy(23,4): Error: assertion might not hold -Frame.dfy(37,2): Error: assertion might not hold -Frame.dfy(63,4): Error: assertion might not hold +Frame.dfy(23,4): Error: assertion could not be proved +Frame.dfy(37,2): Error: assertion could not be proved +Frame.dfy(63,4): Error: assertion could not be proved Frame.dfy(66,18): Error: insufficient reads clause to read array element; Consider extracting a[0] to a local variable before the lambda expression, or adding 'reads a' in the enclosing lambda specification for resolution Frame.dfy(68,27): Error: insufficient reads clause to read array element; Consider adding 'reads a' in the enclosing lambda specification for resolution Frame.dfy(120,22): Error: function precondition could not be proved -Frame.dfy(123,6): Error: assertion might not hold +Frame.dfy(123,6): Error: assertion could not be proved Dafny program verifier finished with 6 verified, 7 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Lambda.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Lambda.dfy.expect index 43b329ad805..04415df7ffa 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Lambda.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Lambda.dfy.expect @@ -1,3 +1,3 @@ -Lambda.dfy(24,4): Error: assertion might not hold +Lambda.dfy(24,4): Error: assertion could not be proved Dafny program verifier finished with 3 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/ReadsReads.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/ReadsReads.dfy.expect index 7f67349bb47..bdc6e370d48 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/ReadsReads.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/ReadsReads.dfy.expect @@ -5,17 +5,17 @@ ReadsReads.dfy(40,4): Error: insufficient reads clause to invoke function ReadsReads.dfy(52,16): Error: function precondition could not be proved ReadsReads.dfy(52,16): Error: insufficient reads clause to invoke function ReadsReads.dfy(64,14): Error: insufficient reads clause to invoke function -ReadsReads.dfy(93,18): Error: assertion might not hold -ReadsReads.dfy(95,18): Error: assertion might not hold -ReadsReads.dfy(105,18): Error: assertion might not hold -ReadsReads.dfy(107,18): Error: assertion might not hold -ReadsReads.dfy(179,4): Error: assertion might not hold -ReadsReads.dfy(189,4): Error: assertion might not hold -ReadsReads.dfy(199,4): Error: assertion might not hold -ReadsReads.dfy(209,4): Error: assertion might not hold -ReadsReads.dfy(242,4): Error: assertion might not hold -ReadsReads.dfy(252,4): Error: assertion might not hold -ReadsReads.dfy(262,4): Error: assertion might not hold -ReadsReads.dfy(272,4): Error: assertion might not hold +ReadsReads.dfy(93,18): Error: assertion could not be proved +ReadsReads.dfy(95,18): Error: assertion could not be proved +ReadsReads.dfy(105,18): Error: assertion could not be proved +ReadsReads.dfy(107,18): Error: assertion could not be proved +ReadsReads.dfy(179,4): Error: assertion could not be proved +ReadsReads.dfy(189,4): Error: assertion could not be proved +ReadsReads.dfy(199,4): Error: assertion could not be proved +ReadsReads.dfy(209,4): Error: assertion could not be proved +ReadsReads.dfy(242,4): Error: assertion could not be proved +ReadsReads.dfy(252,4): Error: assertion could not be proved +ReadsReads.dfy(262,4): Error: assertion could not be proved +ReadsReads.dfy(272,4): Error: assertion could not be proved Dafny program verifier finished with 16 verified, 19 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Simple.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Simple.dfy.expect index 9bb06a48b20..4c38a201297 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Simple.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/hofs/Simple.dfy.expect @@ -3,6 +3,6 @@ Simple.dfy(27,9): Error: possible division by zero Simple.dfy(37,8): Error: function precondition could not be proved Simple.dfy(49,8): Error: function precondition could not be proved Simple.dfy(61,9): Error: function precondition could not be proved -Simple.dfy(73,2): Error: assertion might not hold +Simple.dfy(73,2): Error: assertion could not be proved Dafny program verifier finished with 5 verified, 6 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/lambdas/LambdaEq.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/lambdas/LambdaEq.dfy.expect index 412a924a7e7..63b1f772331 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/lambdas/LambdaEq.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/lambdas/LambdaEq.dfy.expect @@ -1,4 +1,4 @@ -LambdaEq.dfy(10,2): Error: assertion might not hold -LambdaEq.dfy(17,2): Error: assertion might not hold +LambdaEq.dfy(10,2): Error: assertion could not be proved +LambdaEq.dfy(17,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/lambdas/LitInt.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/lambdas/LitInt.dfy.expect index 96d60789808..cc9823033cb 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/lambdas/LitInt.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/lambdas/LitInt.dfy.expect @@ -1,4 +1,4 @@ -LitInt.dfy(22,22): Error: assertion might not hold -LitInt.dfy(32,26): Error: assertion might not hold +LitInt.dfy(22,22): Error: assertion could not be proved +LitInt.dfy(32,26): Error: assertion could not be proved Dafny program verifier finished with 2 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/logger/ProofDependencyLogging.dfy b/Source/IntegrationTests/TestFiles/LitTests/LitTest/logger/ProofDependencyLogging.dfy index c8235bd500f..66cad05792b 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/logger/ProofDependencyLogging.dfy +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/logger/ProofDependencyLogging.dfy @@ -167,7 +167,7 @@ // CHECK: ProofDependencies.dfy\(417,13\)-\(417,17\): ensures clause // CHECK: ProofDependencies.dfy\(420,7\)-\(420,15\): assignment \(or return\) // CHECK: Unused by proof: -// CHECK: ProofDependencies.dfy\(428,5\)-\(428,9\): assumption that divisor is always non-zero. +// CHECK: ProofDependencies.dfy\(428,5\)-\(428,9\): assumption that divisor is always non-zero // CHECK: ProofDependencies.dfy\(428,5\)-\(428,9\): calc statement result // // CHECK: Results for M.GetX \(well-formedness\) diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/metatests/TestDoesNotVerify.dfy.testdafny.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/metatests/TestDoesNotVerify.dfy.testdafny.expect index 336bffcf501..0480bff976b 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/metatests/TestDoesNotVerify.dfy.testdafny.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/metatests/TestDoesNotVerify.dfy.testdafny.expect @@ -1,7 +1,7 @@ Using legacy resolver and verifying... AssertEqualWithDiff() Failure Diff (changing expected into actual): --TestDoesNotVerify.dfy(6,11): Error: assertion might not hold -+TestDoesNotVerify.dfy(6,2): Error: assertion might not hold +-TestDoesNotVerify.dfy(6,11): Error: assertion could not be proved ++TestDoesNotVerify.dfy(6,2): Error: assertion could not be proved diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/metatests/TestDoesNotVerify.dfy.verifier.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/metatests/TestDoesNotVerify.dfy.verifier.expect index 61b04415c49..91f542b0454 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/metatests/TestDoesNotVerify.dfy.verifier.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/metatests/TestDoesNotVerify.dfy.verifier.expect @@ -1 +1 @@ -TestDoesNotVerify.dfy(6,11): Error: assertion might not hold +TestDoesNotVerify.dfy(6,11): Error: assertion could not be proved diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/patterns/PatternMatchingErrors.dfy b/Source/IntegrationTests/TestFiles/LitTests/LitTest/patterns/PatternMatchingErrors.dfy index 5cb05394879..c716a26b9f6 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/patterns/PatternMatchingErrors.dfy +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/patterns/PatternMatchingErrors.dfy @@ -53,7 +53,7 @@ function GetNat(dt: Dt): nat { case Make(y) => y } -// postcondition might not hold on this return path (in least lemma) +// could not prove postcondition on this return path (in least lemma) datatype cmd = Inc | Seq(cmd, cmd) | Repeat(cmd) type state = int @@ -90,7 +90,7 @@ least lemma BadMonotonic1(c: cmd, s: state, t: state) } -// postcondition might not hold on this return path (in method) +// could not prove postcondition on this return path (in method) method PostTest(xs: List) returns (r: int) ensures r == 0 diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/patterns/nested.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/patterns/nested.dfy.expect index b4d59951dac..409656d3a75 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/patterns/nested.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/patterns/nested.dfy.expect @@ -2,6 +2,6 @@ nested.dfy(8,6): Warning: this forall statement has no body nested.dfy(8,6): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. nested.dfy(16,11): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. nested.dfy(8,28): Error: match has no cases and this is only allowed when the verifier can prove the match is unreachable -nested.dfy(16,4): Error: assertion might not hold +nested.dfy(16,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/char-overflow-non-unicode.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/char-overflow-non-unicode.dfy.expect index e9ef169fb45..94abe013d95 100755 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/char-overflow-non-unicode.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/char-overflow-non-unicode.dfy.expect @@ -1,5 +1,5 @@ CLI: Warning: the option unicode-char has been deprecated. -char-overflow-non-unicode.dfy(5,7): Error: char addition might overflow +char-overflow-non-unicode.dfy(5,7): Error: char addition could not be proved to remain below maximum Asserted expression: 0 <= c0 as int + c1 as int && c0 as int + c1 as int < 65536 Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/char-overflow-unicode.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/char-overflow-unicode.dfy.expect index 45fec41a241..e2589dfe9f5 100755 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/char-overflow-unicode.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/char-overflow-unicode.dfy.expect @@ -1,4 +1,4 @@ -char-overflow-unicode.dfy(5,7): Error: char addition might overflow +char-overflow-unicode.dfy(5,7): Error: char addition could not be proved to remain below maximum Asserted expression: (0 <= c0 as int + c1 as int && c0 as int + c1 as int < 55296) || (57344 <= c0 as int + c1 as int && c0 as int + c1 as int < 1114112) Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/char-underflow-non-unicode.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/char-underflow-non-unicode.dfy.expect index ed2b2f3c1ee..1f6107aaf62 100755 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/char-underflow-non-unicode.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/char-underflow-non-unicode.dfy.expect @@ -1,5 +1,5 @@ CLI: Warning: the option unicode-char has been deprecated. -char-underflow-non-unicode.dfy(5,7): Error: char subtraction might underflow +char-underflow-non-unicode.dfy(5,7): Error: char subtraction could not be proved to remain above minimum Asserted expression: 0 <= c0 as int - c1 as int && c0 as int - c1 as int < 65536 Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/char-underflow-unicode.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/char-underflow-unicode.dfy.expect index 5a010370340..bd808f7fc23 100755 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/char-underflow-unicode.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/char-underflow-unicode.dfy.expect @@ -1,4 +1,4 @@ -char-underflow-unicode.dfy(5,7): Error: char subtraction might underflow +char-underflow-unicode.dfy(5,7): Error: char subtraction could not be proved to remain above minimum Asserted expression: (0 <= c0 as int - c1 as int && c0 as int - c1 as int < 55296) || (57344 <= c0 as int - c1 as int && c0 as int - c1 as int < 1114112) Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/comprehension-no-alias.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/comprehension-no-alias.dfy.expect index dcaddf16d20..c84242fbaa4 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/comprehension-no-alias.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/comprehension-no-alias.dfy.expect @@ -1,5 +1,5 @@ comprehension-no-alias.dfy(6,4): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. -comprehension-no-alias.dfy(6,45): Error: key expressions might be referring to the same value +comprehension-no-alias.dfy(6,45): Error: key expressions could not be proved to refer to different values Asserted expression: forall x: nat, y: nat, x': nat, y': nat | x < i && y < j && x' < i && y' < j && (x != x' || y != y') :: x + y != x' + y' || x == x' Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/conversion-fit.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/conversion-fit.dfy.expect index 0e4a896a303..eed04b7867c 100755 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/conversion-fit.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/conversion-fit.dfy.expect @@ -1,4 +1,4 @@ -conversion-fit.dfy(6,6): Error: value to be converted might not fit in bv8 +conversion-fit.dfy(6,6): Error: value to be converted could not be proved to fit in bv8 Asserted expression: 0 < i && i <= 1 << 8 Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/conversion-is-natural.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/conversion-is-natural.dfy.expect index c0725c64dc5..bb319fd9cf8 100755 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/conversion-is-natural.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/conversion-is-natural.dfy.expect @@ -1,4 +1,4 @@ -conversion-is-natural.dfy(6,8): Error: value to be converted might be bigger than every natural number +conversion-is-natural.dfy(6,8): Error: value to be converted could not be proved to be a natural number Asserted expression: ord is nat Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/conversion-satisfies-constraints.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/conversion-satisfies-constraints.dfy.expect index cef9b70b74c..e69dd8cbadf 100755 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/conversion-satisfies-constraints.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/conversion-satisfies-constraints.dfy.expect @@ -1,4 +1,4 @@ -conversion-satisfies-constraints.dfy(8,6): Error: result of operation might violate newtype constraint for 'uint8' +conversion-satisfies-constraints.dfy(8,6): Error: result of operation could not be proved to satisfy newtype constraint for 'uint8' Asserted expression: 0 <= i && i < 256 Dafny program verifier finished with 1 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/definite-assignment.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/definite-assignment.dfy.expect index ceda23307b2..6ae8ec77aea 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/definite-assignment.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/definite-assignment.dfy.expect @@ -1,32 +1,32 @@ -definite-assignment.dfy(16,4): Error: field 'y', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body +definite-assignment.dfy(16,4): Error: field 'y', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body Asserted expression: assigned(y) -definite-assignment.dfy(16,4): Error: field 'x', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body +definite-assignment.dfy(16,4): Error: field 'x', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body Asserted expression: assigned(x) -definite-assignment.dfy(33,9): Error: variable 'y', which is subject to definite-assignment rules, might be uninitialized here +definite-assignment.dfy(33,9): Error: variable 'y', which is subject to definite-assignment rules, could not be proved to be initialized here Asserted expression: assigned(y) -definite-assignment.dfy(36,0): Error: out-parameter 'x', which is subject to definite-assignment rules, might be uninitialized at this return point +definite-assignment.dfy(36,0): Error: out-parameter 'x', which is subject to definite-assignment rules, could not be proved to be initialized at this return point Asserted expression: assigned(x) -definite-assignment.dfy(36,0): Error: out-parameter 'y', which is subject to definite-assignment rules, might be uninitialized at this return point +definite-assignment.dfy(36,0): Error: out-parameter 'y', which is subject to definite-assignment rules, could not be proved to be initialized at this return point Asserted expression: assigned(y) -definite-assignment.dfy(41,11): Error: variable 'x', which is subject to definite-assignment rules, might be uninitialized here +definite-assignment.dfy(41,11): Error: variable 'x', which is subject to definite-assignment rules, could not be proved to be initialized here Asserted expression: assigned(x) -definite-assignment.dfy(41,14): Error: variable 'y', which is subject to definite-assignment rules, might be uninitialized here +definite-assignment.dfy(41,14): Error: variable 'y', which is subject to definite-assignment rules, could not be proved to be initialized here Asserted expression: assigned(y) -definite-assignment.dfy(50,14): Error: variable 'y', which is subject to definite-assignment rules, might be uninitialized here +definite-assignment.dfy(50,14): Error: variable 'y', which is subject to definite-assignment rules, could not be proved to be initialized here Asserted expression: assigned(y) -definite-assignment.dfy(58,9): Error: variable 'y', which is subject to definite-assignment rules, might be uninitialized here +definite-assignment.dfy(58,9): Error: variable 'y', which is subject to definite-assignment rules, could not be proved to be initialized here Asserted expression: assigned(y) -definite-assignment.dfy(59,17): Error: variable 'z', which is subject to definite-assignment rules, might be uninitialized here +definite-assignment.dfy(59,17): Error: variable 'z', which is subject to definite-assignment rules, could not be proved to be initialized here Asserted expression: assigned(z) -definite-assignment.dfy(68,4): Error: out-parameter 'y', which is subject to definite-assignment rules, might be uninitialized at this return point +definite-assignment.dfy(68,4): Error: out-parameter 'y', which is subject to definite-assignment rules, could not be proved to be initialized at this return point Asserted expression: assigned(y) -definite-assignment.dfy(76,9): Error: variable 'y', which is subject to definite-assignment rules, might be uninitialized here +definite-assignment.dfy(76,9): Error: variable 'y', which is subject to definite-assignment rules, could not be proved to be initialized here Asserted expression: assigned(y) -definite-assignment.dfy(77,4): Error: out-parameter 'z', which is subject to definite-assignment rules, might be uninitialized at this return point +definite-assignment.dfy(77,4): Error: out-parameter 'z', which is subject to definite-assignment rules, could not be proved to be initialized at this return point Asserted expression: assigned(z) -definite-assignment.dfy(85,12): Error: variable 'y', which is subject to definite-assignment rules, might be uninitialized here +definite-assignment.dfy(85,12): Error: variable 'y', which is subject to definite-assignment rules, could not be proved to be initialized here Asserted expression: assigned(y) -definite-assignment.dfy(85,15): Error: variable 'x', which is subject to definite-assignment rules, might be uninitialized here +definite-assignment.dfy(85,15): Error: variable 'x', which is subject to definite-assignment rules, could not be proved to be initialized here Asserted expression: assigned(x) Dafny program verifier finished with 0 verified, 15 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/distinct-lhs.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/distinct-lhs.dfy.expect index 802b0258bb0..e40b5f7459d 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/distinct-lhs.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/distinct-lhs.dfy.expect @@ -1,8 +1,8 @@ -distinct-lhs.dfy(9,9): Error: when left-hand sides a[j] and a[i] refer to the same location, they must be assigned the same value +distinct-lhs.dfy(9,9): Error: when left-hand sides a[j] and a[i] could not be proved to refer to different locations, they must be assigned the same value Asserted expression: a != a || j != i -distinct-lhs.dfy(19,17): Error: when left-hand sides a[j0, j1] and a[i0, i1] refer to the same location, they must be assigned the same value +distinct-lhs.dfy(19,17): Error: when left-hand sides a[j0, j1] and a[i0, i1] could not be proved to refer to different locations, they must be assigned the same value Asserted expression: a != a || j0 != i0 || j1 != i1 -distinct-lhs.dfy(26,11): Error: when left-hand sides c.f and c.f refer to the same location, they must be assigned the same value +distinct-lhs.dfy(26,11): Error: when left-hand sides c.f and c.f could not be proved to refer to different locations, they must be assigned the same value Asserted expression: c != c Dafny program verifier finished with 2 verified, 3 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/forall-lhs-unique.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/forall-lhs-unique.dfy.expect index b59ab3d1291..c5cda0cd21b 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/forall-lhs-unique.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/forall-lhs-unique.dfy.expect @@ -1,10 +1,10 @@ forall-lhs-unique.dfy(7,4): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. forall-lhs-unique.dfy(15,4): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. -forall-lhs-unique.dfy(8,13): Error: left-hand sides for different forall-statement bound variables might refer to the same location (and right-hand sides might not be equivalent) +forall-lhs-unique.dfy(8,13): Error: left-hand sides for different forall-statement bound variables could not be proved to refer to different locations (and right-hand sides could not be proved to be equivalent) Asserted expression: forall i: int, i': int | 0 <= i < a.Length && 0 <= i' && i' < a.Length && i != i' :: a != a || 0 != 0 || i == i' -forall-lhs-unique.dfy(16,16): Error: left-hand sides for different forall-statement bound variables might refer to the same location (and right-hand sides might not be equivalent) +forall-lhs-unique.dfy(16,16): Error: left-hand sides for different forall-statement bound variables could not be proved to refer to different locations (and right-hand sides could not be proved to be equivalent) Asserted expression: forall i: int, j: int, i': int, j': int | 0 <= i < a.Length0 && 0 <= j < a.Length1 && 0 <= i' && i' < a.Length0 && 0 <= j' && j' < a.Length1 && (i != i' || j != j') :: a != a || 0 != 0 || 0 != 0 || i + j == i' + j' -forall-lhs-unique.dfy(27,15): Error: left-hand sides for different forall-statement bound variables might refer to the same location (and right-hand sides might not be equivalent) +forall-lhs-unique.dfy(27,15): Error: left-hand sides for different forall-statement bound variables could not be proved to refer to different locations (and right-hand sides could not be proved to be equivalent) Asserted expression: forall i: int, i': int | 0 <= i < a.Length && 0 <= i' && i' < a.Length && i != i' :: a[i] != a[i] || i == i' Dafny program verifier finished with 1 verified, 3 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/frame-dereference-non-null.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/frame-dereference-non-null.dfy.expect index 502abcad366..d684ccdd04d 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/frame-dereference-non-null.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/frame-dereference-non-null.dfy.expect @@ -1,4 +1,4 @@ -frame-dereference-non-null.dfy(7,12): Error: frame expression might dereference null +frame-dereference-non-null.dfy(7,12): Error: frame expression could not be proved to be non-null Asserted expression: c != null Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/modifiable.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/modifiable.dfy.expect index d68b9142c9c..4e912693993 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/modifiable.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/modifiable.dfy.expect @@ -1,14 +1,14 @@ -modifiable.dfy(10,4): Error: assignment might update an object not in the enclosing context's modifies clause +modifiable.dfy(10,4): Error: modified field could not be proved to be in the current modifies clause Asserted expression: this in {} -modifiable.dfy(33,7): Error: assignment might update an object not in the enclosing context's modifies clause +modifiable.dfy(33,7): Error: modified field could not be proved to be in the current modifies clause Asserted expression: s[0] == s[1] || s[0] == s[1] as C || s[0] in {s[1]} || s[0] in {s[1] as C} -modifiable.dfy(42,6): Error: assignment might update an object field not in the enclosing context's modifies clause +modifiable.dfy(42,6): Error: modified field could not be proved to be in the current modifies clause Asserted expression: c == s[1] -modifiable.dfy(50,5): Error: assignment might update an array element not in the enclosing context's modifies clause +modifiable.dfy(50,5): Error: modified array location could not be proved to be in the current modifies clause Asserted expression: a == b -modifiable.dfy(59,5): Error: assignment might update an array element not in the enclosing context's modifies clause +modifiable.dfy(59,5): Error: modified array location could not be proved to be in the current modifies clause Asserted expression: a == s[1] -modifiable.dfy(66,5): Error: assignment might update an array element not in the enclosing context's modifies clause +modifiable.dfy(66,5): Error: modified array location could not be proved to be in the current modifies clause Asserted expression: a in {} Dafny program verifier finished with 4 verified, 6 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/modify-frame-subset.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/modify-frame-subset.dfy.expect index 240d6a6c23f..a9a2fdbfcd8 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/modify-frame-subset.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/modify-frame-subset.dfy.expect @@ -1,8 +1,8 @@ -modify-frame-subset.dfy(15,2): Error: modify statement might violate context's modifies clause +modify-frame-subset.dfy(15,2): Error: modified object in modify statement could not be proved to be in the current modifies clause Asserted expression: (s[0] == s[3] || s[0] in {s[4]} || s[0] in {s[5]}) && (forall obj: C | obj in {s[1]} :: obj == s[3] || obj in {s[4]}) && forall obj: C | obj in {s[2]} :: obj == s[3] || obj in {s[5]} -modify-frame-subset.dfy(24,2): Error: loop modifies clause might violate context's modifies clause +modify-frame-subset.dfy(24,2): Error: modified object in loop modifies clause could not be proved to be in the current modifies clause Asserted expression: (s[0] == s[3] || s[0] in {s[4]} || s[0] in {s[5]}) && (forall obj: C | obj in {s[1]} :: obj == s[3] || obj in {s[4]}) && forall obj: C | obj in {s[2]} :: obj == s[3] || obj in {s[5]} -modify-frame-subset.dfy(39,8): Error: call might violate context's modifies clause +modify-frame-subset.dfy(39,8): Error: modified object in call could not be proved to be in the current modifies clause Asserted expression: (s[0] == s[3] || s[0] in {s[4]} || s[0] in {s[5]}) && (forall obj: C | obj in {s[1]} :: obj == s[3] || obj in {s[4]}) && forall obj: C | obj in {s[2]} :: obj == s[3] || obj in {s[5]} Dafny program verifier finished with 4 verified, 3 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/non-negative.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/non-negative.dfy.expect index 2a53adab9ea..26faaa09662 100755 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/non-negative.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/non-negative.dfy.expect @@ -1,4 +1,4 @@ -non-negative.dfy(6,8): Error: sequence size might be negative +non-negative.dfy(6,8): Error: sequence size could not be proved to be non-negative Asserted expression: 0 <= -1 Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/non-null.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/non-null.dfy.expect index f3e3b6f05b9..47cd548d114 100755 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/non-null.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/non-null.dfy.expect @@ -1,4 +1,4 @@ -non-null.dfy(6,6): Error: target object might be null +non-null.dfy(6,6): Error: target object could not be proved to be non-null Asserted expression: a != null Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/ordinal-subtraction-is-natural.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/ordinal-subtraction-is-natural.dfy.expect index 10bb3b11cc6..121f7a2aa65 100755 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/ordinal-subtraction-is-natural.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/ordinal-subtraction-is-natural.dfy.expect @@ -1,4 +1,4 @@ -ordinal-subtraction-is-natural.dfy(7,7): Error: RHS of ORDINAL subtraction must be a natural number, but the given RHS might be larger +ordinal-subtraction-is-natural.dfy(7,7): Error: RHS of ORDINAL subtraction must be a natural number, but the given RHS could not be proved to be a natural number Asserted expression: o1.IsNat Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/ordinal-subtraction-underflow.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/ordinal-subtraction-underflow.dfy.expect index f5854e35307..ecd12b5ac6d 100755 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/ordinal-subtraction-underflow.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/ordinal-subtraction-underflow.dfy.expect @@ -1,4 +1,4 @@ -ordinal-subtraction-underflow.dfy(7,7): Error: ORDINAL subtraction might underflow a limit ordinal (that is, RHS might be too large) +ordinal-subtraction-underflow.dfy(7,7): Error: ORDINAL subtraction could not be proved to remain above limit ordinal (that is, RHS could not be proved to be sufficiently small) Asserted expression: o1.Offset <= o0.Offset Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/pattern-shape-is-valid.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/pattern-shape-is-valid.dfy.expect index c18beb779fa..5ea11277f2a 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/pattern-shape-is-valid.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/pattern-shape-is-valid.dfy.expect @@ -1,4 +1,4 @@ -pattern-shape-is-valid.dfy(7,2): Error: assertion might not hold +pattern-shape-is-valid.dfy(7,2): Error: assertion could not be proved Asserted expression: d.D0? Dafny program verifier finished with 0 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/subrange-check-no-type-system-refresh.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/subrange-check-no-type-system-refresh.dfy.expect index e075451038b..046dd158674 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/subrange-check-no-type-system-refresh.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/subrange-check-no-type-system-refresh.dfy.expect @@ -1,4 +1,4 @@ -subrange-check-no-type-system-refresh.dfy(5,30): Error: value of expression (of type 'object?') is not known to be an instance of type 'object', because it might be null +subrange-check-no-type-system-refresh.dfy(5,30): Error: value of expression (of type 'object?') is not known to be an instance of type 'object', because it could not be proved to be non-null Asserted expression: o is object subrange-check-no-type-system-refresh.dfy(6,28): Error: value does not satisfy the subset constraints of 'T -> U' (possible cause: it may be partial or have read effects) subrange-check-no-type-system-refresh.dfy(7,31): Error: value does not satisfy the subset constraints of 'T --> U' (possible cause: it may have read effects) diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/subrange-check.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/subrange-check.dfy.expect index a6a14bc0988..fde174c3742 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/subrange-check.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/subrange-check.dfy.expect @@ -1,4 +1,4 @@ -subrange-check.dfy(5,30): Error: value of expression (of type 'object?') is not known to be an instance of type 'object', because it might be null +subrange-check.dfy(5,30): Error: value of expression (of type 'object?') is not known to be an instance of type 'object', because it could not be proved to be non-null Asserted expression: o is object subrange-check.dfy(6,28): Error: value does not satisfy the subset constraints of 'T -> U' (possible cause: it may be partial or have read effects) Asserted expression: p is T -> U diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/trait-frame.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/trait-frame.dfy.expect index cbfa79998a3..0129a00da51 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/trait-frame.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/proof-obligation-desc/trait-frame.dfy.expect @@ -1,6 +1,6 @@ -trait-frame.dfy(10,9): Error: method might modify an object not in the parent trait context's modifies clause +trait-frame.dfy(10,9): Error: modified object in method could not be proved to be in the parent trait's modifies clause Asserted expression: this in {} -trait-frame.dfy(11,11): Error: function might read an object not in the parent trait context's reads clause +trait-frame.dfy(11,11): Error: accessed object in function could not be proved to be in the parent trait's reads clause Asserted expression: this in {} Dafny program verifier finished with 0 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/referrers/memorylocations-errors.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/referrers/memorylocations-errors.dfy.expect index bc5e6e6a272..98548aa3fde 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/referrers/memorylocations-errors.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/referrers/memorylocations-errors.dfy.expect @@ -1,7 +1,7 @@ memorylocations-errors.dfy(10,11): Error: index 0 out of range memorylocations-errors.dfy(14,15): Error: index out of range memorylocations-errors.dfy(14,15): Error: insufficient reads clause to read array element; Consider adding 'reads a' in the enclosing function specification for resolution -memorylocations-errors.dfy(23,3): Error: assignment might update an array element not in the enclosing context's modifies clause +memorylocations-errors.dfy(23,3): Error: modified array location could not be proved to be in the current modifies clause memorylocations-errors.dfy(28,20): Error: index 0 out of range memorylocations-errors.dfy(29,21): Error: index 0 out of range memorylocations-errors.dfy(34,20): Error: index 0 out of range diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/server/minimal.transcript.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/server/minimal.transcript.expect index 7e307f5991a..91b6106fe6d 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/server/minimal.transcript.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/server/minimal.transcript.expect @@ -2,6 +2,6 @@ Verifying A (correctness) ... [1 proof obligation] error -transcript(3,2): Error: assertion might not hold +transcript(3,2): Error: assertion could not be proved Verification completed successfully! [SUCCESS] [[DAFNY-SERVER: EOM]] diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/server/simple-session.transcript.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/server/simple-session.transcript.expect index 217a356a20f..413ed83fa80 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/server/simple-session.transcript.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/server/simple-session.transcript.expect @@ -2,25 +2,25 @@ Verifying A (correctness) ... [1 proof obligation] error -transcript(3,9): Error: assertion might not hold +transcript(3,9): Error: assertion could not be proved Verification completed successfully! [SUCCESS] [[DAFNY-SERVER: EOM]] Verifying A (correctness) ... [0 proof obligations] error -transcript(3,9): Error: assertion might not hold +transcript(3,9): Error: assertion could not be proved Verification completed successfully! [SUCCESS] [[DAFNY-SERVER: EOM]] Verifying A (correctness) ... [0 proof obligations] error -transcript(3,9): Error: assertion might not hold +transcript(3,9): Error: assertion could not be proved Verification completed successfully! [SUCCESS] [[DAFNY-SERVER: EOM]] Verifying A (correctness) ... [0 proof obligations] error -transcript(3,9): Error: assertion might not hold +transcript(3,9): Error: assertion could not be proved Verification completed successfully! [SUCCESS] [[DAFNY-SERVER: EOM]] Verification completed successfully! @@ -121,7 +121,7 @@ transcript(10,9): Info: Selected triggers: {x' * x'} Verifying M' (correctness) ... [1 proof obligation] error -transcript(10,9): Error: assertion might not hold +transcript(10,9): Error: assertion could not be proved Verification completed successfully! [SUCCESS] [[DAFNY-SERVER: EOM]] transcript(5,0): Warning: module-level methods are always non-instance, so the 'static' keyword is not allowed here @@ -263,7 +263,7 @@ Retrieving cached verification result for implementation M1 (correctness)... Verifying M2 (correctness) ... [2 proof obligations] error -transcript(38,9): Error: assertion might not hold +transcript(38,9): Error: assertion could not be proved Verification completed successfully! [SUCCESS] [[DAFNY-SERVER: EOM]] transcript(5,0): Warning: module-level methods are always non-instance, so the 'static' keyword is not allowed here @@ -290,7 +290,7 @@ Retrieving cached verification result for implementation M1 (correctness)... Verifying M2 (correctness) ... [2 proof obligations] error -transcript(38,9): Error: assertion might not hold +transcript(38,9): Error: assertion could not be proved Verification completed successfully! [SUCCESS] [[DAFNY-SERVER: EOM]] transcript(5,0): Warning: module-level methods are always non-instance, so the 'static' keyword is not allowed here diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/traits/GeneralTraitsVerify.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/traits/GeneralTraitsVerify.dfy.expect index 42ee8f0def8..15d699bb4b7 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/traits/GeneralTraitsVerify.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/traits/GeneralTraitsVerify.dfy.expect @@ -4,6 +4,6 @@ GeneralTraitsVerify.dfy(40,13): Error: value of expression (of type 'Parent') is GeneralTraitsVerify.dfy(43,13): Error: value of expression (of type 'Parent') is not known to be an instance of type 'Abstract' GeneralTraitsVerify.dfy(50,13): Error: value of expression (of type 'Parent') is not known to be an instance of type 'MyInt' GeneralTraitsVerify.dfy(53,13): Error: value does not satisfy the subset constraints of 'MyConstrainedInt' -GeneralTraitsVerify.dfy(419,4): Error: assertion might not hold +GeneralTraitsVerify.dfy(419,4): Error: assertion could not be proved Dafny program verifier finished with 52 verified, 7 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/traits/TraitUsingParentMembers.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/traits/TraitUsingParentMembers.dfy.expect index 762b78e3a93..47a02d07239 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/traits/TraitUsingParentMembers.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/traits/TraitUsingParentMembers.dfy.expect @@ -1,3 +1,3 @@ -TraitUsingParentMembers.dfy(10,7): Error: assignment might update an array element not in the enclosing context's modifies clause +TraitUsingParentMembers.dfy(10,7): Error: modified array location could not be proved to be in the current modifies clause Dafny program verifier finished with 4 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/traits/TraitVerify.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/traits/TraitVerify.dfy.expect index d4be00f5cb7..95982e383df 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/traits/TraitVerify.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/traits/TraitVerify.dfy.expect @@ -1,5 +1,5 @@ TraitVerify.dfy(21,7): Error: value of expression (of type 'C?') is not known to be an instance of type 'Tr' TraitVerify.dfy(25,7): Error: value of expression (of type 'A?') is not known to be an instance of type 'Tr' -TraitVerify.dfy(30,7): Error: value of expression (of type 'A?') is not known to be an instance of type 'A', because it might be null +TraitVerify.dfy(30,7): Error: value of expression (of type 'A?') is not known to be an instance of type 'A', because it could not be proved to be non-null Dafny program verifier finished with 6 verified, 3 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/InductionWithoutTriggers.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/InductionWithoutTriggers.dfy.expect index 77cdde2a885..29b4ad549f3 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/InductionWithoutTriggers.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/InductionWithoutTriggers.dfy.expect @@ -2,7 +2,7 @@ InductionWithoutTriggers.dfy(17,21): Warning: Could not find a trigger for the i InductionWithoutTriggers.dfy(40,24): Warning: Could not find a trigger for the induction hypothesis. Without a trigger, this may cause brittle verification. Change or remove the {:induction} attribute to generate a different induction hypothesis, or add {:nowarn} to silence this warning. For more information, see the section on quantifier instantiation rules in the reference manual. InductionWithoutTriggers.dfy(46,24): Warning: Could not find a trigger for the induction hypothesis. Without a trigger, this may cause brittle verification. Change or remove the {:induction} attribute to generate a different induction hypothesis, or add {:nowarn} to silence this warning. For more information, see the section on quantifier instantiation rules in the reference manual. InductionWithoutTriggers.dfy(66,19): Warning: Could not find a trigger for the induction hypothesis. Without a trigger, this may cause brittle verification. Change or remove the {:induction} attribute to generate a different induction hypothesis, or add {:nowarn} to silence this warning. For more information, see the section on quantifier instantiation rules in the reference manual. -InductionWithoutTriggers.dfy(11,9): Error: assertion might not hold +InductionWithoutTriggers.dfy(11,9): Error: assertion could not be proved InductionWithoutTriggers.dfy(43,0): Error: a postcondition could not be proved on this return path InductionWithoutTriggers.dfy(42,11): Related location: this is the postcondition that could not be proved InductionWithoutTriggers.dfy(31,28): Related location: this proposition could not be proved diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/InductionWithoutTriggers.dfy.refresh.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/InductionWithoutTriggers.dfy.refresh.expect index ac696c0397a..4ba4460cb58 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/InductionWithoutTriggers.dfy.refresh.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/InductionWithoutTriggers.dfy.refresh.expect @@ -2,7 +2,7 @@ InductionWithoutTriggers.dfy(17,21): Warning: Could not find a trigger for the i InductionWithoutTriggers.dfy(40,24): Warning: Could not find a trigger for the induction hypothesis. Without a trigger, this may cause brittle verification. Change or remove the {:induction} attribute to generate a different induction hypothesis, or add {:nowarn} to silence this warning. For more information, see the section on quantifier instantiation rules in the reference manual. InductionWithoutTriggers.dfy(46,24): Warning: Could not find a trigger for the induction hypothesis. Without a trigger, this may cause brittle verification. Change or remove the {:induction} attribute to generate a different induction hypothesis, or add {:nowarn} to silence this warning. For more information, see the section on quantifier instantiation rules in the reference manual. InductionWithoutTriggers.dfy(66,19): Warning: Could not find a trigger for the induction hypothesis. Without a trigger, this may cause brittle verification. Change or remove the {:induction} attribute to generate a different induction hypothesis, or add {:nowarn} to silence this warning. For more information, see the section on quantifier instantiation rules in the reference manual. -InductionWithoutTriggers.dfy(11,9): Error: assertion might not hold +InductionWithoutTriggers.dfy(11,9): Error: assertion could not be proved InductionWithoutTriggers.dfy(43,0): Error: a postcondition could not be proved on this return path InductionWithoutTriggers.dfy(42,11): Related location: this is the postcondition that could not be proved InductionWithoutTriggers.dfy(31,28): Related location: this proposition could not be proved diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/TriggersForSuchThat.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/TriggersForSuchThat.dfy.expect index d2913be14e2..ed776a09d56 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/TriggersForSuchThat.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/TriggersForSuchThat.dfy.expect @@ -13,16 +13,16 @@ TriggersForSuchThat.dfy(214,6): Info: Selected triggers: {P(x)} TriggersForSuchThat.dfy(220,6): Info: Selected triggers: {P(x)} TriggersForSuchThat.dfy(234,4): Info: Selected triggers: {P(x)} TriggersForSuchThat.dfy(241,4): Info: Selected triggers: {P(x)} -TriggersForSuchThat.dfy(24,6): Error: assertion might not hold +TriggersForSuchThat.dfy(24,6): Error: assertion could not be proved TriggersForSuchThat.dfy(26,13): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. TriggersForSuchThat.dfy(28,12): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. -TriggersForSuchThat.dfy(35,6): Error: assertion might not hold +TriggersForSuchThat.dfy(35,6): Error: assertion could not be proved TriggersForSuchThat.dfy(37,13): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. TriggersForSuchThat.dfy(39,22): Error: cannot establish the existence of LHS values that satisfy the such-that predicate. Note, no trigger was found for the such-that predicate, which may be the reason the proof failed. To give a trigger explicitly, use the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. -TriggersForSuchThat.dfy(63,6): Error: assertion might not hold +TriggersForSuchThat.dfy(63,6): Error: assertion could not be proved TriggersForSuchThat.dfy(65,13): Error: cannot establish the existence of LHS values that satisfy the such-that predicate TriggersForSuchThat.dfy(67,28): Error: cannot establish the existence of LHS values that satisfy the such-that predicate -TriggersForSuchThat.dfy(74,6): Error: assertion might not hold +TriggersForSuchThat.dfy(74,6): Error: assertion could not be proved TriggersForSuchThat.dfy(76,13): Error: cannot establish the existence of LHS values that satisfy the such-that predicate TriggersForSuchThat.dfy(78,23): Error: cannot establish the existence of LHS values that satisfy the such-that predicate TriggersForSuchThat.dfy(125,2): Error: a postcondition could not be proved on this return path diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/emptyTrigger.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/emptyTrigger.dfy.expect index 09755f7c501..e2cb5261ffb 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/emptyTrigger.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/emptyTrigger.dfy.expect @@ -1,10 +1,10 @@ emptyTrigger.dfy(6,9): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. -emptyTrigger.dfy(6,2): Error: assertion might not hold -emptyTrigger.dfy(7,2): Error: assertion might not hold +emptyTrigger.dfy(6,2): Error: assertion could not be proved +emptyTrigger.dfy(7,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 2 errors emptyTrigger.dfy(6,9): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. -emptyTrigger.dfy(6,2): Error: assertion might not hold -emptyTrigger.dfy(7,2): Error: assertion might not hold +emptyTrigger.dfy(6,2): Error: assertion could not be proved +emptyTrigger.dfy(7,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/some-proofs-only-work-without-autoTriggers.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/some-proofs-only-work-without-autoTriggers.dfy.expect index 5836ade8cba..6ede8ba5f7b 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/some-proofs-only-work-without-autoTriggers.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/some-proofs-only-work-without-autoTriggers.dfy.expect @@ -4,8 +4,8 @@ some-proofs-only-work-without-autoTriggers.dfy(27,11): Info: Selected triggers: some-proofs-only-work-without-autoTriggers.dfy(28,11): Info: Selected triggers: {a[i]} some-proofs-only-work-without-autoTriggers.dfy(31,11): Info: Selected triggers: {x in a[..3]} some-proofs-only-work-without-autoTriggers.dfy(33,11): Info: Selected triggers: {x in a[..2]} -some-proofs-only-work-without-autoTriggers.dfy(20,4): Error: assertion might not hold -some-proofs-only-work-without-autoTriggers.dfy(28,4): Error: assertion might not hold -some-proofs-only-work-without-autoTriggers.dfy(33,4): Error: assertion might not hold +some-proofs-only-work-without-autoTriggers.dfy(20,4): Error: assertion could not be proved +some-proofs-only-work-without-autoTriggers.dfy(28,4): Error: assertion could not be proved +some-proofs-only-work-without-autoTriggers.dfy(33,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 3 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/some-terms-do-not-look-like-the-triggers-they-match.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/some-terms-do-not-look-like-the-triggers-they-match.dfy.expect index 1967c269fe9..9c01c5b925a 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/some-terms-do-not-look-like-the-triggers-they-match.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/triggers/some-terms-do-not-look-like-the-triggers-they-match.dfy.expect @@ -74,6 +74,6 @@ some-terms-do-not-look-like-the-triggers-they-match.dfy(163,12): Info: Selected some-terms-do-not-look-like-the-triggers-they-match.dfy(164,12): Info: Selected triggers: {x >= ms} some-terms-do-not-look-like-the-triggers-they-match.dfy(166,12): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. some-terms-do-not-look-like-the-triggers-they-match.dfy(167,12): Warning: Could not find a trigger for this quantifier. Without a trigger, the quantifier may cause brittle verification. To silence this warning, add an explicit trigger using the {:trigger} attribute. For more information, see the section on quantifier instantiation rules in the reference manual. -some-terms-do-not-look-like-the-triggers-they-match.dfy(152,2): Error: assertion might not hold +some-terms-do-not-look-like-the-triggers-they-match.dfy(152,2): Error: assertion could not be proved Dafny program verifier finished with 4 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/unicodecharsFalse/dafny0/Char.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/unicodecharsFalse/dafny0/Char.dfy.expect index 8b78a9f143f..b913c74362c 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/unicodecharsFalse/dafny0/Char.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/unicodecharsFalse/dafny0/Char.dfy.expect @@ -1,7 +1,7 @@ -Char.dfy(48,8): Error: assertion might not hold -Char.dfy(52,8): Error: assertion might not hold -Char.dfy(63,6): Error: assertion might not hold -Char.dfy(81,13): Error: char addition might overflow -Char.dfy(89,7): Error: char subtraction might underflow +Char.dfy(48,8): Error: assertion could not be proved +Char.dfy(52,8): Error: assertion could not be proved +Char.dfy(63,6): Error: assertion could not be proved +Char.dfy(81,13): Error: char addition could not be proved to remain below maximum +Char.dfy(89,7): Error: char subtraction could not be proved to remain above minimum Dafny program verifier finished with 8 verified, 5 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/verification/filter.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/verification/filter.dfy.expect index 381f316364d..e2527c5f6b7 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/verification/filter.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/verification/filter.dfy.expect @@ -6,30 +6,30 @@ source1.dfy(6,10): Related location: this is the postcondition that could not be Dafny program verifier finished with 0 assertions verified, 1 error Dafny program verifier finished with 1 assertions verified, 0 errors -single-file.dfy(8,4): Error: assertion might not hold +single-file.dfy(8,4): Error: assertion could not be proved single-file.dfy(16,14): Error: loop invariant violation -single-file.dfy(24,2): Error: assertion might not hold -single-file.dfy(24,16): Error: assertion might not hold +single-file.dfy(24,2): Error: assertion could not be proved +single-file.dfy(24,16): Error: assertion could not be proved Dafny program verifier finished with 1 verified, 4 errors Dafny program verifier finished with 0 assertions verified, 0 errors Dafny program verifier finished with 0 verified, 0 errors -single-file.dfy(8,4): Error: assertion might not hold +single-file.dfy(8,4): Error: assertion could not be proved Dafny program verifier finished with 3 assertions verified, 1 error -single-file.dfy(8,4): Error: assertion might not hold +single-file.dfy(8,4): Error: assertion could not be proved Dafny program verifier finished with 4 assertions verified, 1 error Dafny program verifier finished with 1 assertions verified, 0 errors Dafny program verifier finished with 1 assertions verified, 0 errors -single-file.dfy(8,4): Error: assertion might not hold +single-file.dfy(8,4): Error: assertion could not be proved Dafny program verifier finished with 0 assertions verified, 1 error -single-file.dfy(8,4): Error: assertion might not hold +single-file.dfy(8,4): Error: assertion could not be proved Dafny program verifier finished with 1 assertions verified, 1 error @@ -41,11 +41,11 @@ single-file.dfy(16,14): Error: loop invariant violation Dafny program verifier finished with 0 assertions verified, 1 error Dafny program verifier finished with 1 assertions verified, 0 errors -single-file.dfy(24,2): Error: assertion might not hold -single-file.dfy(24,16): Error: assertion might not hold +single-file.dfy(24,2): Error: assertion could not be proved +single-file.dfy(24,16): Error: assertion could not be proved Dafny program verifier finished with 0 assertions verified, 2 errors -single-file.dfy(24,2): Error: assertion might not hold -single-file.dfy(24,16): Error: assertion might not hold +single-file.dfy(24,2): Error: assertion could not be proved +single-file.dfy(24,16): Error: assertion could not be proved Dafny program verifier finished with 0 assertions verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/verification/proofDivision/isolateAssertionOrJump.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/verification/proofDivision/isolateAssertionOrJump.dfy.expect index cdecca24535..4bc22772a0a 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/verification/proofDivision/isolateAssertionOrJump.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/verification/proofDivision/isolateAssertionOrJump.dfy.expect @@ -1,7 +1,7 @@ Verified 0/3 symbols. Waiting for Assertion to verify. Verified 1/2 of Assertion: assertion at line 14 - could not be verified Verified 2/2 of Assertion: assertion at line 22 - verified successfully -isolateAssertionOrJump.dfy(14,2): Error: assertion might not hold +isolateAssertionOrJump.dfy(14,2): Error: assertion could not be proved Verified 1/3 symbols. Waiting for Return to verify. Verified 1/3 of Return: remaining assertions - could not be verified Verified 2/3 of Return: return at line 44 - could not be verified diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/verification/proofDivision/isolatePaths.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/verification/proofDivision/isolatePaths.dfy.expect index 739a50bb2af..b278004b5f4 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/verification/proofDivision/isolatePaths.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/verification/proofDivision/isolatePaths.dfy.expect @@ -3,7 +3,7 @@ Verified 1/4 of Assertion: assertion at line 21, after executing lines 8, 16 - c Verified 2/4 of Assertion: assertion at line 21, after executing lines 8, 18 - verified successfully Verified 3/4 of Assertion: assertion at line 21, after executing lines 11, 16 - verified successfully Verified 4/4 of Assertion: assertion at line 21, after executing lines 11, 18 - verified successfully -isolatePaths.dfy(21,2): Error: assertion might not hold +isolatePaths.dfy(21,2): Error: assertion could not be proved Verified 1/2 symbols. Waiting for Return to verify. Verified 1/3 of Return: remaining assertions - could not be verified Verified 2/3 of Return: return at line 38, after executing lines 30 - could not be verified diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/wishlist/FunctionEquality.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/wishlist/FunctionEquality.dfy.expect index 02aff987e5e..b830bb8f6f4 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/wishlist/FunctionEquality.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/wishlist/FunctionEquality.dfy.expect @@ -1,6 +1,6 @@ -FunctionEquality.dfy(11,4): Error: assertion might not hold -FunctionEquality.dfy(13,4): Error: assertion might not hold -FunctionEquality.dfy(15,4): Error: assertion might not hold -FunctionEquality.dfy(19,4): Error: assertion might not hold +FunctionEquality.dfy(11,4): Error: assertion could not be proved +FunctionEquality.dfy(13,4): Error: assertion could not be proved +FunctionEquality.dfy(15,4): Error: assertion could not be proved +FunctionEquality.dfy(19,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 4 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/wishlist/assign-such-that-antecedent.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/wishlist/assign-such-that-antecedent.dfy.expect index 60441ed95fc..1900b9ce3d1 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/wishlist/assign-such-that-antecedent.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/wishlist/assign-such-that-antecedent.dfy.expect @@ -1,3 +1,3 @@ -assign-such-that-antecedent.dfy(13,2): Error: assertion might not hold +assign-such-that-antecedent.dfy(13,2): Error: assertion could not be proved Dafny program verifier finished with 3 verified, 1 error diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/wishlist/exists-b-exists-not-b.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/wishlist/exists-b-exists-not-b.dfy.expect index 908675b3b47..ea1c4fcee12 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/wishlist/exists-b-exists-not-b.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/wishlist/exists-b-exists-not-b.dfy.expect @@ -1,4 +1,4 @@ -exists-b-exists-not-b.dfy(8,2): Error: assertion might not hold -exists-b-exists-not-b.dfy(9,2): Error: assertion might not hold +exists-b-exists-not-b.dfy(8,2): Error: assertion could not be proved +exists-b-exists-not-b.dfy(9,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 2 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/wishlist/sequences-literals.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/wishlist/sequences-literals.dfy.expect index f8465a97e4b..fc7c8e013ab 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/wishlist/sequences-literals.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/wishlist/sequences-literals.dfy.expect @@ -1,6 +1,6 @@ -sequences-literals.dfy(23,2): Error: assertion might not hold -sequences-literals.dfy(44,2): Error: assertion might not hold -sequences-literals.dfy(61,2): Error: assertion might not hold -sequences-literals.dfy(76,2): Error: assertion might not hold +sequences-literals.dfy(23,2): Error: assertion could not be proved +sequences-literals.dfy(44,2): Error: assertion could not be proved +sequences-literals.dfy(61,2): Error: assertion could not be proved +sequences-literals.dfy(76,2): Error: assertion could not be proved Dafny program verifier finished with 4 verified, 4 errors diff --git a/Source/IntegrationTests/TestFiles/LitTests/LitTest/wishlist/sequences-s0-in-s.dfy.expect b/Source/IntegrationTests/TestFiles/LitTests/LitTest/wishlist/sequences-s0-in-s.dfy.expect index f46380d2ff0..5869590cdd6 100644 --- a/Source/IntegrationTests/TestFiles/LitTests/LitTest/wishlist/sequences-s0-in-s.dfy.expect +++ b/Source/IntegrationTests/TestFiles/LitTests/LitTest/wishlist/sequences-s0-in-s.dfy.expect @@ -1,3 +1,3 @@ -sequences-s0-in-s.dfy(12,2): Error: assertion might not hold +sequences-s0-in-s.dfy(12,2): Error: assertion could not be proved Dafny program verifier finished with 2 verified, 1 error diff --git a/docs/DafnyRef/Attributes.3.expect b/docs/DafnyRef/Attributes.3.expect index eca60fd0700..53d5a6fa3fd 100644 --- a/docs/DafnyRef/Attributes.3.expect +++ b/docs/DafnyRef/Attributes.3.expect @@ -1,3 +1,3 @@ -text.dfy(25,6): Error: assertion might not hold +text.dfy(25,6): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/DafnyRef/Expressions.5.expect b/docs/DafnyRef/Expressions.5.expect index ecbb16ae6b8..bf4aea5c916 100644 --- a/docs/DafnyRef/Expressions.5.expect +++ b/docs/DafnyRef/Expressions.5.expect @@ -1,3 +1,3 @@ -text.dfy(2,2): Error: assertion might not hold +text.dfy(2,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error \ No newline at end of file diff --git a/docs/DafnyRef/Modules.2.expect b/docs/DafnyRef/Modules.2.expect index a7543901649..045e5b9a103 100644 --- a/docs/DafnyRef/Modules.2.expect +++ b/docs/DafnyRef/Modules.2.expect @@ -1,4 +1,4 @@ text.dfy(9,6): Error: value does not satisfy the subset constraints of 'nat' -text.dfy(12,4): Error: assertion might not hold +text.dfy(12,4): Error: assertion could not be proved Dafny program verifier finished with 1 verified, 2 errors diff --git a/docs/DafnyRef/Modules.4.expect b/docs/DafnyRef/Modules.4.expect index 920194df24f..35c7d75ee47 100644 --- a/docs/DafnyRef/Modules.4.expect +++ b/docs/DafnyRef/Modules.4.expect @@ -1,3 +1,3 @@ -text.dfy(10,4): Error: assertion might not hold +text.dfy(10,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/DafnyRef/Statements.10.expect b/docs/DafnyRef/Statements.10.expect index c19750ce8af..5522d312aae 100644 --- a/docs/DafnyRef/Statements.10.expect +++ b/docs/DafnyRef/Statements.10.expect @@ -1,3 +1,3 @@ -text.dfy(8,4): Error: assertion might not hold +text.dfy(8,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/DafnyRef/Statements.16.expect b/docs/DafnyRef/Statements.16.expect index 971d1af6958..b9d8f9200e8 100644 --- a/docs/DafnyRef/Statements.16.expect +++ b/docs/DafnyRef/Statements.16.expect @@ -1,3 +1,3 @@ -text.dfy(17,2): Error: assertion might not hold +text.dfy(17,2): Error: assertion could not be proved Dafny program verifier finished with 2 verified, 1 error diff --git a/docs/DafnyRef/Statements.3.expect b/docs/DafnyRef/Statements.3.expect index ce5fed02512..a3cdeb0e2bf 100644 --- a/docs/DafnyRef/Statements.3.expect +++ b/docs/DafnyRef/Statements.3.expect @@ -1,5 +1,5 @@ text.dfy(12,2): Warning: this loop has no body (loop frame: i, a, $Heap) -text.dfy(16,2): Error: assertion might not hold -text.dfy(18,2): Error: assertion might not hold +text.dfy(16,2): Error: assertion could not be proved +text.dfy(18,2): Error: assertion could not be proved Dafny program verifier finished with 1 verified, 2 errors diff --git a/docs/DafnyRef/Statements.5.expect b/docs/DafnyRef/Statements.5.expect index ed0077a6b2c..b054160782e 100644 --- a/docs/DafnyRef/Statements.5.expect +++ b/docs/DafnyRef/Statements.5.expect @@ -1,4 +1,4 @@ -text.dfy(2,2): Error: assertion might not hold -text.dfy(3,2): Error: assertion might not hold +text.dfy(2,2): Error: assertion could not be proved +text.dfy(3,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 2 errors diff --git a/docs/DafnyRef/Statements.6.expect b/docs/DafnyRef/Statements.6.expect index 5d7469ee2d2..a34c37cecfd 100644 --- a/docs/DafnyRef/Statements.6.expect +++ b/docs/DafnyRef/Statements.6.expect @@ -1,3 +1,3 @@ -text.dfy(2,2): Error: assertion might not hold +text.dfy(2,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/DafnyRef/Statements.7.expect b/docs/DafnyRef/Statements.7.expect index 5d7469ee2d2..a34c37cecfd 100644 --- a/docs/DafnyRef/Statements.7.expect +++ b/docs/DafnyRef/Statements.7.expect @@ -1,3 +1,3 @@ -text.dfy(2,2): Error: assertion might not hold +text.dfy(2,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/DafnyRef/Statements.9.expect b/docs/DafnyRef/Statements.9.expect index 4bcfe07ad49..70d7aa5c57e 100644 --- a/docs/DafnyRef/Statements.9.expect +++ b/docs/DafnyRef/Statements.9.expect @@ -1,3 +1,3 @@ -text.dfy(4,14): Error: assertion might not hold +text.dfy(4,14): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/DafnyRef/Statements.opaqueBlock.expect b/docs/DafnyRef/Statements.opaqueBlock.expect index 04352d31b9a..2d275083008 100644 --- a/docs/DafnyRef/Statements.opaqueBlock.expect +++ b/docs/DafnyRef/Statements.opaqueBlock.expect @@ -1,3 +1,3 @@ -text.dfy(12,2): Error: assertion might not hold +text.dfy(12,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/DafnyRef/Types.19.expect b/docs/DafnyRef/Types.19.expect index e513b84da3c..4ac23827a38 100644 --- a/docs/DafnyRef/Types.19.expect +++ b/docs/DafnyRef/Types.19.expect @@ -1,3 +1,3 @@ -text.dfy(9,2): Error: assertion might not hold +text.dfy(9,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/DafnyRef/Types.21.expect b/docs/DafnyRef/Types.21.expect index 22303ff0d42..e08ce6a81a5 100644 --- a/docs/DafnyRef/Types.21.expect +++ b/docs/DafnyRef/Types.21.expect @@ -1,4 +1,4 @@ -text.dfy(8,4): Error: field 'x', which is subject to definite-assignment rules, might be uninitialized at this point in the constructor body -text.dfy(10,4): Error: assertion might not hold +text.dfy(8,4): Error: field 'x', which is subject to definite-assignment rules, could not be proved to be initialized at this point in the constructor body +text.dfy(10,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 2 errors diff --git a/docs/DafnyRef/Types.25.expect b/docs/DafnyRef/Types.25.expect index 90911938794..0b33728b649 100644 --- a/docs/DafnyRef/Types.25.expect +++ b/docs/DafnyRef/Types.25.expect @@ -1,3 +1,3 @@ -text.dfy(3,4): Error: assertion might not hold +text.dfy(3,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/DafnyRef/Types.4.expect b/docs/DafnyRef/Types.4.expect index 1ff5ae0f7bd..d15e478125b 100644 --- a/docs/DafnyRef/Types.4.expect +++ b/docs/DafnyRef/Types.4.expect @@ -1,3 +1,3 @@ -text.dfy(4,11): Error: value to be converted might not fit in bv3 +text.dfy(4,11): Error: value to be converted could not be proved to fit in bv3 Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/DafnyRef/Types.7a.expect b/docs/DafnyRef/Types.7a.expect index 126cd8b0650..2fc74e63134 100644 --- a/docs/DafnyRef/Types.7a.expect +++ b/docs/DafnyRef/Types.7a.expect @@ -1,3 +1,3 @@ -text.dfy(5,2): Error: assertion might not hold +text.dfy(5,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/DafnyRef/Types.7b.expect b/docs/DafnyRef/Types.7b.expect index 6a174dee60a..7efcbb45889 100644 --- a/docs/DafnyRef/Types.7b.expect +++ b/docs/DafnyRef/Types.7b.expect @@ -1,3 +1,3 @@ -text.dfy(5,0): Error: out-parameter 'x', which is subject to definite-assignment rules, might be uninitialized at this return point +text.dfy(5,0): Error: out-parameter 'x', which is subject to definite-assignment rules, could not be proved to be initialized at this return point Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/DafnyRef/Types.8.expect b/docs/DafnyRef/Types.8.expect index dd8e7d20593..5324505402e 100644 --- a/docs/DafnyRef/Types.8.expect +++ b/docs/DafnyRef/Types.8.expect @@ -1,4 +1,4 @@ -text.dfy(6,0): Error: out-parameter 'b', which is subject to definite-assignment rules, might be uninitialized at this return point -text.dfy(6,0): Error: out-parameter 'h', which is subject to definite-assignment rules, might be uninitialized at this return point +text.dfy(6,0): Error: out-parameter 'b', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +text.dfy(6,0): Error: out-parameter 'h', which is subject to definite-assignment rules, could not be proved to be initialized at this return point Dafny program verifier finished with 0 verified, 2 errors diff --git a/docs/DafnyRef/UserGuide.3.expect b/docs/DafnyRef/UserGuide.3.expect index 649ca8fcd97..9e9e2c4a6ba 100644 --- a/docs/DafnyRef/UserGuide.3.expect +++ b/docs/DafnyRef/UserGuide.3.expect @@ -1,3 +1,3 @@ -text.dfy(7,4): Error: assertion might not hold +text.dfy(7,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/DafnyRef/UserGuide.4.expect b/docs/DafnyRef/UserGuide.4.expect index 649ca8fcd97..9e9e2c4a6ba 100644 --- a/docs/DafnyRef/UserGuide.4.expect +++ b/docs/DafnyRef/UserGuide.4.expect @@ -1,3 +1,3 @@ -text.dfy(7,4): Error: assertion might not hold +text.dfy(7,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/DafnyRef/UserGuide.5.expect b/docs/DafnyRef/UserGuide.5.expect index 4b136e308e1..3201dd8b97a 100644 --- a/docs/DafnyRef/UserGuide.5.expect +++ b/docs/DafnyRef/UserGuide.5.expect @@ -1,3 +1,3 @@ -text.dfy(6,4): Error: assertion might not hold +text.dfy(6,4): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/DafnyRef/UserGuide.6.expect b/docs/DafnyRef/UserGuide.6.expect index 9437cf4f95b..f45f8b95072 100644 --- a/docs/DafnyRef/UserGuide.6.expect +++ b/docs/DafnyRef/UserGuide.6.expect @@ -1,3 +1,3 @@ -text.dfy(5,19): Error: assertion might not hold +text.dfy(5,19): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/DafnyRef/UserGuide.7.expect b/docs/DafnyRef/UserGuide.7.expect index 0368a09f9ae..99b54bd6165 100644 --- a/docs/DafnyRef/UserGuide.7.expect +++ b/docs/DafnyRef/UserGuide.7.expect @@ -1,3 +1,3 @@ -text.dfy(4,19): Error: assertion might not hold +text.dfy(4,19): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/DafnyRef/UserGuide.8.expect b/docs/DafnyRef/UserGuide.8.expect index 4cbde3d1381..dca787e6a4b 100644 --- a/docs/DafnyRef/UserGuide.8.expect +++ b/docs/DafnyRef/UserGuide.8.expect @@ -1,3 +1,3 @@ -text.dfy(5,13): Error: result of operation might violate newtype constraint for 'byte' +text.dfy(5,13): Error: result of operation could not be proved to satisfy newtype constraint for 'byte' Dafny program verifier finished with 1 verified, 1 error diff --git a/docs/DafnyRef/UserGuide.md b/docs/DafnyRef/UserGuide.md index e3fb11b94c1..53008273bce 100644 --- a/docs/DafnyRef/UserGuide.md +++ b/docs/DafnyRef/UserGuide.md @@ -88,13 +88,19 @@ on the command-line or referenced, recursively, by `include` directives within those files. It does not matter if files are repeated either as includes or on the command-line.[^fn-duplicate-files] -All files recursively included are always parsed and type-checked. -However, which files are verified, built, run, or processed by other -dafny commands depends on the individual command. -These commands are described in [Section 13.6.1](#sec-dafny-commands). - -[^fn-duplicate-files]: Files may be included more than once or both included and listed on the command line. Duplicate inclusions are detected and each file processed only once. -For the purpose of detecting duplicates, file names are considered equal if they have the same absolute path, compared as case-sensitive strings (regardless of whether the underlying file-system is case sensitive). Using symbolic links may make the same file have a different absolute path; this will generally cause duplicate declaration errors. +Note however that although the complete set of files, command-line plus +included files, make up the program, by default, only those files listed on +the command-line are verified. To do a complete verification, each file +must be verified; it may well happen that a verification failure in one +file (which is not on the command-line and thus not checked) may hide a +verification failure in a file that is being checked. +Thus it is important to eventually check all files, preferably in an order +in which the files without dependencies are checked first, then those that +depend on them, etc., until all files are checked. +The `--verify-included-files` option (`-verifyAllModules` in legacy mode) will cause all modules, whether the result of include directives or not, +to be verified. + +[^fn-duplicate-files]: File names are considered equal if they have the same absolute path, compared as case-sensitive strings (regardless of whether the underlying file-system is case sensitive). Using symbolic links may make the same file have a different absolute path; this will generally cause duplicate declaration errors. ### 13.3.1. Dafny Verification Artifacts: the Library Backend and .doo Files {#sec-doo-files} @@ -270,8 +276,8 @@ The options relevant to this command are - those that affect the syntax of Dafny, such as - `--prelude` - `--unicode-char` - - `--function-syntax` - - `--quantifier-syntax` + - `--function-syntax` + - `--quantifier-syntax` - `--track-print-effects` - `--warn-shadowing` - `--warn-missing-constructor-parentheses` @@ -279,7 +285,8 @@ The options relevant to this command are #### 13.6.1.3. `dafny verify` {#sec-dafny-verify} -The `dafny verify` command performs the [`dafny resolve`](#sec-dafny-resolve) checks and then attempts to verify each declaration in the program. +The `dafny verify` command performs the [`dafny resolve`](#sec-dafny-resolve) checks and then attempts to verify each method in the files listed on the command line. Although the Dafny program being considered +consists of the listed files and any included files (recursively), by default only listed files are verified. A guide to controlling and aiding the verification process is given in [a later section](#sec-verification). @@ -310,10 +317,8 @@ Various options control the verification process, in addition to all those descr - `--filter-symbol` - Control of the proof engine - - `--manual-lemma-induction` - `--verification-time-limit` - `--boogie` - - `--solver-path` #### 13.6.1.4. `dafny translate ` {#sec-dafny-translate} @@ -792,9 +797,8 @@ _This command is under development and not yet functional._ #### 13.6.1.17. Plugins This execution mode is not a command, per se, but rather a command-line option that enables executing plugins to the dafny tool. -Plugins may be either standalone tools or be additions to existing commands. -The form of the command-line is `dafny --plugin:` or `dafny --plugin:` +The form of the command-line is `dafny --plugin:` where the argument to `--plugin` gives the path to the compiled assembly of the plugin and the arguments to be provided to the plugin. More on writing and building plugins can be found [in this section](#sec-plugins). @@ -874,11 +878,12 @@ It's not possible to use Dafny project files in combination with the legacy CLI ## 13.7. Verification {#sec-verification} -In this section, we suggest a methodology to figure out [why a single assertion might not hold](#sec-verification-debugging), we propose techniques to deal with [assertions that slow a proof down](#sec-verification-debugging-slow), we explain how to [verify assertions in parallel or in a focused way](#sec-assertion-batches), and we also give some more examples of [useful options and attributes to control verification](#sec-command-line-options-and-attributes-for-verification). +In this section, we suggest a methodology to figure out [why Dafny cannot prove a single assertion](#sec-verification-debugging), we propose techniques to deal with [assertions that slow a proof down](#sec-verification-debugging-slow), we explain how to [verify assertions in parallel or in a focused way](#sec-assertion-batches), and we also give some more examples of [useful options and attributes to control verification](#sec-command-line-options-and-attributes-for-verification). ### 13.7.1. Verification debugging when verification fails {#sec-verification-debugging} -Let's assume one assertion is failing ("assertion might not hold" or "postcondition might not hold"). What should you do next? +Let's assume one assertion is failing ("assertion could not be proved" or "postcondition could not be proved"). What should you do next? +First, it's good to know that if an assertion is failing, it means that the assertion might not hold or that Dafny would requires more proof hints, which can be found in a mechanical way. The following section is textual description of the animation below, which illustrates the principle of debugging an assertion by computing the weakest precondition: ![weakestpreconditionDemo](https://user-images.githubusercontent.com/3601079/157976402-83fe4d37-8042-40fc-940f-bcfc235c7d2b.gif) @@ -893,7 +898,7 @@ method FailingPostcondition(b: bool) returns (i: int) var j := if !b then 3 else 1; if b { return j; - }//^^^^^^^ a postcondition might not hold on this return path. + }//^^^^^^^ a postcondition could not be proved on this return path i := 2; } ``` @@ -907,7 +912,7 @@ method FailingPostcondition(b: bool) returns (i: int) if b { i := j; return; - }//^^^^^^^ a postcondition might not hold on this return path. + }//^^^^^^^ a postcondition could not be proved on this return path i := 2; } ``` @@ -920,7 +925,7 @@ method FailingPostcondition(b: bool) returns (i: int) var j := if !b then 3 else 1; if b { i := j; - assert 2 <= i; // This assertion might not hold + assert 2 <= i; // could not prove this assertion return; } i := 2; @@ -939,14 +944,14 @@ method FailingPostcondition(b: bool) returns (i: int) var j := if !b then 3 else 1; if b { i := j; - assert 2 <= i; // This assertion might not hold + assert 2 <= i; // could not prove this assertion return; } i := 2; } ``` -To debug why this assert might not hold, we need to _move this assert up_, which is similar to [_computing the weakest precondition_](https://en.wikipedia.org/wiki/Predicate_transformer_semantics#Weakest_preconditions). -For example, if we have `x := Y; assert F;` and the `assert F;` might not hold, the weakest precondition for it to hold before `x := Y;` can be written as the assertion `assert F[x:= Y];`, where we replace every occurrence of `x` in `F` into `Y`. +To debug why Dafny cannot prove this assert, we need to _move this assert up_, which is similar to [_computing the weakest precondition_](https://en.wikipedia.org/wiki/Predicate_transformer_semantics#Weakest_preconditions). +For example, if we have `x := Y; assert F;` and Dafny cannot prove `assert F;`, the weakest precondition for it to hold before `x := Y;` can be written as the assertion `assert F[x:= Y];`, where we replace every occurrence of `x` in `F` into `Y`. Let's do it in our example: ```dafny @@ -955,7 +960,7 @@ method FailingPostcondition(b: bool) returns (i: int) { var j := if !b then 3 else 1; if b { - assert 2 <= j; // This assertion might not hold + assert 2 <= j; // could not prove this assertion i := j; assert 2 <= i; return; @@ -972,7 +977,7 @@ method FailingPostcondition(b: bool) returns (i: int) ensures 2 <= i { var j := if !b then 3 else 1; - assert b ==> 2 <= j; // This assertion might not hold + assert b ==> 2 <= j; // could not prove this assertion if b { assert 2 <= j; i := j; @@ -989,7 +994,7 @@ Now, either the error is obvious, or we can one more time replace `j` by its val method FailingPostcondition(b: bool) returns (i: int) ensures 2 <= i { - assert b ==> 2 <= (if !b then 3 else 1); // This assertion might not hold + assert b ==> 2 <= (if !b then 3 else 1); // could not prove this assertion var j := if !b then 3 else 1; assert b ==> 2 <= j; if b { diff --git a/docs/HowToFAQ/ERROR_SeqComp.md b/docs/HowToFAQ/ERROR_SeqComp.md index 67bb2891308..754208aa8aa 100644 --- a/docs/HowToFAQ/ERROR_SeqComp.md +++ b/docs/HowToFAQ/ERROR_SeqComp.md @@ -1,5 +1,5 @@ --- -title: "Error: function precondition might not hold" +title: "Error: function precondition could not be proved" --- This error can occur when trying to write a sequence comprehension expression like diff --git a/docs/HowToFAQ/ERROR_SeqComp.txt b/docs/HowToFAQ/ERROR_SeqComp.txt index 151a22afc37..eb646228ea9 100644 --- a/docs/HowToFAQ/ERROR_SeqComp.txt +++ b/docs/HowToFAQ/ERROR_SeqComp.txt @@ -1,4 +1,4 @@ -ERROR_SeqComp.dfy(8,23): Error: function precondition might not hold +ERROR_SeqComp.dfy(8,23): Error: function precondition could not be proved ERROR_SeqComp.dfy(2,13): Related location Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/HowToFAQ/onepage.md b/docs/HowToFAQ/onepage.md index 86e6fe6a596..77b7a43f0d7 100644 --- a/docs/HowToFAQ/onepage.md +++ b/docs/HowToFAQ/onepage.md @@ -2809,7 +2809,7 @@ To declare `formula` as _contravariant_ use `formula<-T>`. Then `formula` is Type parameter characteristics are discussed in [the reference manual](../DafnyRef/DafnyRef.html#sec-type-parameter-variance) -# "Error: function precondition might not hold" +# "Error: function precondition could not be proved" This error can occur when trying to write a sequence comprehension expression like diff --git a/docs/OnlineTutorial/Lemmas.1.expect b/docs/OnlineTutorial/Lemmas.1.expect index 3f137e67b4b..350cfd31eb2 100644 --- a/docs/OnlineTutorial/Lemmas.1.expect +++ b/docs/OnlineTutorial/Lemmas.1.expect @@ -1,3 +1,3 @@ -text.dfy(5,0): Error: out-parameter 'index', which is subject to definite-assignment rules, might be uninitialized at this return point +text.dfy(5,0): Error: out-parameter 'index', which is subject to definite-assignment rules, could not be proved to be initialized at this return point Dafny program verifier finished with 1 verified, 1 error diff --git a/docs/OnlineTutorial/Modules.1.expect b/docs/OnlineTutorial/Modules.1.expect index 7eaa7bdf82a..d6dc21a21f9 100644 --- a/docs/OnlineTutorial/Modules.1.expect +++ b/docs/OnlineTutorial/Modules.1.expect @@ -1,4 +1,4 @@ -text.dfy(27,4): Error: assertion might not hold -text.dfy(37,4): Error: assertion might not hold +text.dfy(27,4): Error: assertion could not be proved +text.dfy(37,4): Error: assertion could not be proved Dafny program verifier finished with 5 verified, 2 errors diff --git a/docs/OnlineTutorial/Modules.5.expect b/docs/OnlineTutorial/Modules.5.expect index 18a41e0a296..6b41b05f352 100644 --- a/docs/OnlineTutorial/Modules.5.expect +++ b/docs/OnlineTutorial/Modules.5.expect @@ -1,3 +1,3 @@ -text.dfy(13,4): Error: assertion might not hold +text.dfy(13,4): Error: assertion could not be proved Dafny program verifier finished with 2 verified, 1 error diff --git a/docs/OnlineTutorial/Sets.1.expect b/docs/OnlineTutorial/Sets.1.expect index 1f7b7788814..3d1df100b62 100644 --- a/docs/OnlineTutorial/Sets.1.expect +++ b/docs/OnlineTutorial/Sets.1.expect @@ -1,3 +1,3 @@ -text.dfy(4,2): Error: assertion might not hold +text.dfy(4,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/OnlineTutorial/guide.1.expect b/docs/OnlineTutorial/guide.1.expect index 465351d18e5..1c276ada048 100644 --- a/docs/OnlineTutorial/guide.1.expect +++ b/docs/OnlineTutorial/guide.1.expect @@ -1,3 +1,3 @@ -text.dfy(4,0): Error: out-parameter 'y', which is subject to definite-assignment rules, might be uninitialized at this return point +text.dfy(4,0): Error: out-parameter 'y', which is subject to definite-assignment rules, could not be proved to be initialized at this return point Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/OnlineTutorial/guide.11.expect b/docs/OnlineTutorial/guide.11.expect index 6b872c178a9..d9d235bd0b0 100644 --- a/docs/OnlineTutorial/guide.11.expect +++ b/docs/OnlineTutorial/guide.11.expect @@ -1,5 +1,5 @@ text.dfy(9,0): Error: a postcondition could not be proved on this return path text.dfy(8,12): Related location: this is the postcondition that could not be proved -text.dfy(11,0): Error: out-parameter 'b', which is subject to definite-assignment rules, might be uninitialized at this return point +text.dfy(11,0): Error: out-parameter 'b', which is subject to definite-assignment rules, could not be proved to be initialized at this return point Dafny program verifier finished with 1 verified, 2 errors diff --git a/docs/OnlineTutorial/guide.12.expect b/docs/OnlineTutorial/guide.12.expect index e513b84da3c..4ac23827a38 100644 --- a/docs/OnlineTutorial/guide.12.expect +++ b/docs/OnlineTutorial/guide.12.expect @@ -1,3 +1,3 @@ -text.dfy(9,2): Error: assertion might not hold +text.dfy(9,2): Error: assertion could not be proved Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/OnlineTutorial/guide.2.expect b/docs/OnlineTutorial/guide.2.expect index 516d8069a48..2b02006f0ec 100644 --- a/docs/OnlineTutorial/guide.2.expect +++ b/docs/OnlineTutorial/guide.2.expect @@ -1,4 +1,4 @@ -text.dfy(4,0): Error: out-parameter 'less', which is subject to definite-assignment rules, might be uninitialized at this return point -text.dfy(4,0): Error: out-parameter 'more', which is subject to definite-assignment rules, might be uninitialized at this return point +text.dfy(4,0): Error: out-parameter 'less', which is subject to definite-assignment rules, could not be proved to be initialized at this return point +text.dfy(4,0): Error: out-parameter 'more', which is subject to definite-assignment rules, could not be proved to be initialized at this return point Dafny program verifier finished with 0 verified, 2 errors diff --git a/docs/OnlineTutorial/guide.6.expect b/docs/OnlineTutorial/guide.6.expect index eec02903b2c..330dd75bbbf 100644 --- a/docs/OnlineTutorial/guide.6.expect +++ b/docs/OnlineTutorial/guide.6.expect @@ -1,3 +1,3 @@ -text.dfy(6,0): Error: out-parameter 'c', which is subject to definite-assignment rules, might be uninitialized at this return point +text.dfy(6,0): Error: out-parameter 'c', which is subject to definite-assignment rules, could not be proved to be initialized at this return point Dafny program verifier finished with 0 verified, 1 error diff --git a/docs/OnlineTutorial/guide.7.expect b/docs/OnlineTutorial/guide.7.expect index a2e55896b30..7b7328252c0 100644 --- a/docs/OnlineTutorial/guide.7.expect +++ b/docs/OnlineTutorial/guide.7.expect @@ -1,3 +1,3 @@ -text.dfy(14,2): Error: assertion might not hold +text.dfy(14,2): Error: assertion could not be proved Dafny program verifier finished with 1 verified, 1 error diff --git a/docs/OnlineTutorial/guide.8.expect b/docs/OnlineTutorial/guide.8.expect index 791d7d90bb7..d11d0d05600 100644 --- a/docs/OnlineTutorial/guide.8.expect +++ b/docs/OnlineTutorial/guide.8.expect @@ -1,3 +1,3 @@ -text.dfy(11,2): Error: assertion might not hold +text.dfy(11,2): Error: assertion could not be proved Dafny program verifier finished with 1 verified, 1 error diff --git a/docs/OnlineTutorial/guide.9.expect b/docs/OnlineTutorial/guide.9.expect index 29cca6b4ef3..0f758f1836e 100644 --- a/docs/OnlineTutorial/guide.9.expect +++ b/docs/OnlineTutorial/guide.9.expect @@ -1,3 +1,3 @@ -text.dfy(10,2): Error: assertion might not hold +text.dfy(10,2): Error: assertion could not be proved Dafny program verifier finished with 1 verified, 1 error diff --git a/docs/dev/news/3216.fix b/docs/dev/news/3216.fix new file mode 100644 index 00000000000..dbfb1b7a1b5 --- /dev/null +++ b/docs/dev/news/3216.fix @@ -0,0 +1 @@ +**Breaking change**: Error messages now use "could not be proved" instead of "might not hold" to better reflect Dafny's verification semantics. This change improves user experience by shifting focus from uncertainty about assertions to Dafny's inability to prove them. External tools that parse Dafny output may need to update their error message patterns.