```ml
invariant { forall k. true }
```
We got: `This variable has polymorphic type 'xi2 where type variable 'xi2 is never
named explicitly`.
When doing:
```ml
invariant { forall k: int. true }
```
We got: `unused variable k`.
But when doing:
```ml
invariant { forall _: int. true }
```
```ocaml
let test () =
let one x = Array.make 1 x in
let (++) a b = Array.append a b in
max_sum (one 1 ++ one 3 ++ one 2)
```
and I found some documentation in how to actually run the test in section 7.1 ( http://why3.lri.fr/doc/exec.html#sec101 ). But running my test code (which is different from the one in 7.1) exhibits the following behavior:
```
File "../buffer/max_and_sum.mlw", line 3, characters 2-20:
warning: the keyword `import' is redundant here and can be omitted
File "../buffer/max_and_sum.mlw", line 4, characters 2-20:
warning: the keyword `import' is redundant here and can be omitted
File "../buffer/max_and_sum.mlw", line 5, characters 2-24:
warning: the keyword `import' is redundant here and can be omitted
Execution of MaxAndSum.test ():
type: (int, int)
anomaly: Why3.Pinterp.CannotCompute
```
After scratching my head, I figured out that the problem is with the Array.append function, which is defined as a built-in in the standard library. The following patch (suitable for `git am` application)
[0001-teach-Array.append-to-Pinterp.patch](/uploads/1b66a911b50c092a939425898b7eb606/0001-teach-Array.append-to-Pinterp.patch)
lets pinterp.ml know about Array.append, and now my code above successfully computes the expected result.
## Question
MARCHE Claude
```
use list.List
type t = T (list int)
let f (t: t) = match t with T (Cons x Nil) -> x | _ -> absurd end
```
gets extracted to:
```
type t =
| T of (Z.t) list
let f (t1: t) : Z.t =
match t1 with
| T x :: [] -> x
| _ -> assert false (* absurd *)
```
PARREIRA PEREIRA Mário José
The following one-line program is enough in order to reproduce the problem:
```
let f (x: int) = Z.(x)
```When I try to "locally open" a module to evaluate an expression, if that module is not imported then Why3 fails with `anomaly: Not_found`.
The following one-line program is enough in order to reproduce the problem:
```
let f (x: int) = Z.(x)
```https://gitlab.inria.fr/why3/why3/issues/326extraction of records fields used as functions2019-06-07T12:09:06ZLéo Andrèsextraction of records fields used as functionsThe following is allowed by Why3:
```ml
use int.Int
type t = {
is_p: bool;
n: int;
}
let f (x: t) (pred: t -> bool) : int
=
if pred x then x.n else 0
let g () =
f { is_p = true; n = 42 } is_p
```
But then, when extracted using:
```sh
why3 extract -L . -D ocaml64 --recursive f.mlw -o f.ml
ocamlfind ocamlopt -package zarith -c -i f.ml
```
Here's the generated OCaml file:
```ml
type t = {
is_p: bool;
n: Z.t;
}
let f (x: t) (pred: t -> (bool)) : Z.t =
if pred x then begin x.n end else begin Z.zero end
let g (_: unit) : Z.t = f ({ is_p = true; n = (Z.of_string "42") }) is_p
```
The `is_p` on the last line should be replaced by `(fun el -> el.is_p)`, otherwise it fails with this error:
```sh
why3 extract -L . -D ocaml64 --recursive f.mlw -o f.ml
ocamlfind ocamlopt -package zarith -c -i f.ml
File "f.ml", line 9, characters 68-72:
Error: Unbound value is_p
make: *** [Makefile:4: extract] Error 2
```
use int.Int
let function f (ghost x:int) = 42
let main () =
let y = f 26 in
y + 2
```The following example is miscompiled because `Compile` treats RLnone and RLls differently.
```
use int.Int
let function f (ghost x:int) = 42
let main () =
let y = f 26 in
y + 2
```1.3.0Raphaël Rieu-HelftRaphaël Rieu-Helfthttps://gitlab.inria.fr/why3/why3/issues/323Allow Coq proof using why3prove only2019-10-25T14:22:29ZDAILLER SylvainAllow Coq proof using why3prove onlyIt could be useful to allow doing Coq proof from the command line with Why3prove in the following way:
```
why3prove -P coq foo.mlw -o bar
coqide -R path_to_why3 Why3 bar/*.mlw
why3replay foo
```
For example, in the following code:
```
module Ex2
use array.Array
use int.Int
use option.Option
val my_set: array (option int) -> int -> option int -> unit
let rec my_fact (mem: array (option int)) (n: int): int
=
match mem[n] with
| None -> let r = n * my_fact mem (n- 1) in
my_set mem n (Some r);
r
| Some n -> n
end
end
```
The error is (after 8 reloads):
` line 154, characters 10-17: The type of this function contains an alias with external variable my_set8`
I think we managed to solve (or mitigate) this problem in the past for typing error of transformations: it is possible that it does not work anymore either.When reloading after a typing error occurs, the error message increments the disambiguation of the ident.
For example, in the following code:
```
module Ex2
use array.Array
use int.Int
use option.Option
val my_set: array (option int) -> int -> option int -> unit
let rec my_fact (mem: array (option int)) (n: int): int
=
match mem[n] with
| None -> let r = n * my_fact mem (n- 1) in
my_set mem n (Some r);
r
| Some n -> n
end
end
```
The error is (after 8 reloads):
` line 154, characters 10-17: The type of this function contains an alias with external variable my_set8`
I think we managed to solve (or mitigate) this problem in the past for typing error of transformations: it is possible that it does not work anymore either.https://gitlab.inria.fr/why3/why3/issues/321"val" differenciation question2019-05-23T06:51:11ZDAILLER Sylvain"val" differenciation questionHello,
Léo Andrès
3. update the 6 examples using queue.Queue1. queue.Queue: use sequences instead of lists for the specs
2. update the OCaml driver
3. update the 6 examples using queue.QueueLéo AndrèsLéo Andrèshttps://gitlab.inria.fr/why3/why3/issues/316extraction of references2019-05-27T12:53:51ZMARCHE Claudeextraction of referencesAn update to a reference `x <- e` is extracted (ocaml64) in two
different ways: Without using `--modular`, the result is simply
`x.contents <- e`. But when using `--modular`, the field of the
reference is qualified as `x.Why3__Ref.contents <- e`.
Is the latter intended, and is there a library that defines the module
Why3__Ref? Or does somebody have a pointer where the builtin reference
is substituted in the Why3 codebase?
(I am using the last week’s master branch of Why3.)
```
$ cat test.mlw
module Test
let ref x = ()
let f (y:unit) = x <- y
end
$ why3 extract -D ocaml64 -L . test.Test
let x = ref ()
let f (y: unit) : unit = x.contents <- y
$ why3 extract --modular -D ocaml64 -L . test.Test -o .
$ cat test__Test.ml
let x = ref ()
let f (y: unit) : unit = x.Why3__Ref.contents <- y
Andrei Paskevich
```
File "atold.mlw", line 9, characters 17-18:
warning: this `at'/`old' operator is never used
```
```
use int.Int
let lemma l (x:int) requires { x <> 0 } ensures { x * x > 0 } = ()
let f () =
let ref x = any int ensures { result <> 0 } in
label L in
x <- -3;
l (pure { x at L });
assert { (x at L) * (x at L) > 0 };
```
use int.Int
use seq.Seq
let function dirac (a b : int) =
if b = a then 1 else 0
let rec function count (x : int) (seq : seq int)
variant { Seq.length seq }
=
if Seq.length seq = 0
then 0
else dirac x seq[0] + count x seq[1..]
lemma count_case :
forall x h, t : seq int.
(if x = h
then (count x (cons h t) = count x t + 1
by dirac x h = 1)
else (count x (cons h t) = count x t
by dirac x h = 0))
by (cons h t)[1..] == t
```
When trying to prove the generated VCs (after split_vc) corresponding to the if-branches in the lemma,
the hypothesis `(cons h t)[1..] == t` is missing from the context. This makes the solvers fail to prove
the VCs directly (at least on my machine, giving them a reasonable delay).Consider the following code :
Loïc Correnson
Having an « unknown » goal is a normal outcome, and shall not be meld with syntactic errors!
Although, it can be interesting to known with an exit code whether all goals have been proven or not, and it shall be different from `1`. Better: what about some `-exit-unproved <n>` option on the command line, that would exit with status code `<n>` in this case?
