Assignment 8 – WP exercises and Dafny
Assignment 8 – WP exercises and Dafny
1 Part two:   Dafny exercises.
1.1 Dafny installation instructions

Assignment 8 – WP exercises and Dafny

Due Wed 12/8 11:59pm

1 Part two: Dafny exercises.

Write the following methods with appropriate specifications (in other words, appropriate ensures properties). The dafny verifier should accept your methods without any assume or expects in the body of the methods. The lecture code is available for reference on syntax etc at hw8-reference.dfy.

For the any methods involving loops, write down the two implications capturing the correctness of the loop as asserts above the loop, like we did in class (see also the reference above).

To use dafny, either install it with the Dafny installation instructions below, or use the VM we provide (password: dafny2021).

  1. Max, which accepts two integers and returns the larger one. For the specification, the method should ensure that the result is greater or equal to both inputs, and that it is equal to one of them.

  2. Nsqrt, which accepts a natural and returns its natural square root (ie the truncation of the real root). You should come up with an appropriate specification.

  3. Fib, which accepts a natural n and computes the nth one using a loop. You should come up with an appropriate specification, using the following function (like Abs in class):

    function fib(n: nat): nat {

      if (n == 0 || n == 1) then 1 else fib(n-1) + fib(n-2)

    }

Possibly useful tips and reminders:

  • Use assert liberally to check what the verifier knows at any point in your program.

  • You can use expect to write dynamic tests, as well as print if necessary for debugging.

  • You can run the Main method of a program (see the reference for example) that doesn’t verify with

    dafny /compile:4 my-program.dfy

    This is most useful if you want to print or run tests with expect.

  • You can verify and then run the Main method of a program (see the reference for example) with

    dafny /compile:3 my-program.dfy

1.1 Dafny installation instructions

  1. Download the Dafny 3.2.0 release and unzip it in a reasonable location. You will need the paths to the dafny (win: Dafny.exe), dafny-server (win: DafnyServer.exe), and z3 (win: Z3.exe) executables inside to configure the emacs mode below.

  2. Install .NET 5.0 SDK and make sure the dotnet executable is in your $PATH.

    Note: If you’re on linux and use the snap installation method, don’t use snap alias and instead just symlink the dotnet binary from /snap to /usr/local/bin:

    sudo ln -s /snap/dotnet-sdk/current/dotnet /usr/local/bin/dotnet

  3. Install the boogie-friends emacs package by

    1. adding the following lines to your .emacs or init.el, if you don’t already have them:

      (require 'package)

      (add-to-list 'package-archives '("melpa" . "http://melpa.org/packages/") t)

      (package-initialize)

    2. restarting emacs and installing the package with M-x package-refresh-contents RET, then M-x package-install RET boogie-friends RET,

    3. adding the following to your .emacs before restarting emacs again:

      (setq flycheck-dafny-executable "PATH-TO-Dafny.exe")

      (setq flycheck-z3-smt2-executable "PATH-TO-Z3.exe")

      (setq flycheck-inferior-dafny-executable "PATH-TO-DafnyServer.exe")

  4. Open a dafny file with emacs (extension .dfy) and dafny-mode should start automatically verifying in the background. Hit C-c C-c to verify manually.