Skip to content

Fix: Shadowing of output variables in methods in Dafny-to-Rust #6278

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jun 24, 2025
Merged

Fix: Shadowing of output variables in methods in Dafny-to-Rust #6278

merged 3 commits into from
Jun 24, 2025

Conversation

@MikaelMayer
Copy link
Member

@MikaelMayer MikaelMayer commented Jun 23, 2025
edited
Loading

Fixes #6261

The root cause of the bug was that shadowed variables are never accessible in Dafny anymore except for one case: Output variables, through the return statement.
Indeed, a return statement with an expression assigns the result of the expression to the (unique) output variable, and then returns. Even in the presence of shadowing when another local variable overrides the output variable, the (outer) output variable is correctly assigned in the compiler.
I had not considered this case when considering enabling shadowing.

What was changed?

  • Whether a variable's name results in the shadowable name instead of the unique name is now more constrained: it requires that the variable name is different from any output variables.

How has this been tested?

By submitting this pull request, I confirm that my contribution is made under the terms of the MIT license.

@MikaelMayer MikaelMayer enabled auto-merge (squash) June 24, 2025 19:55
ssomayyajula
ssomayyajula reviewed Jun 24, 2025
View reviewed changes
Source/DafnyCore/Backends/Dafny/DafnyCodeGenerator.cs
return preventShadowing ? v.GetOrCreateCompileName(currentIdGenerator) : v.CompileNameShadowable;
var canShadow = !preventShadowing &&
!(enclosingMethod != null && enclosingMethod.Outs.Any(outVar => outVar.Name == v.Name));
return canShadow ? v.CompileNameShadowable : v.GetOrCreateCompileName(currentIdGenerator);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it acceptable to shadow a name declared in the body of the enclosing method, not necessarily among the out-parameters?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good question. Yes, because there is no way in Dafny to refer to outer variables, so there won't be an ambiguity in the generated code.

@MikaelMayer MikaelMayer merged commit 88f0ea0 into master Jun 24, 2025
34 of 35 checks passed
@MikaelMayer MikaelMayer deleted the fix-6261-shadowing-output-variables branch June 24, 2025 21:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ssomayyajula ssomayyajula ssomayyajula approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Bad Rust code generated when local variable shares name with return variable.

2 participants

@MikaelMayer @ssomayyajula