Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

009-rolling-max does not show that bounds are tight #46

Open
Tracked by #44
jesyspa opened this issue Oct 1, 2024 · 1 comment
Open
Tracked by #44

009-rolling-max does not show that bounds are tight #46

jesyspa opened this issue Oct 1, 2024 · 1 comment
Labels
weak postcondition The postcondition is (much) weaker than what is specified in the prompt

Comments

@jesyspa
Copy link
Collaborator

jesyspa commented Oct 1, 2024

The conditions on rolling_max show that the returned sequence is a non-decreasing pointwise upper bound on the original sequence, but it does not show that it is the minimal such sequence.

There are two directions one can go with strengthening this: express the property explicitly (result[i] is the maximum of the previous elements, i.e. an upper bound and equal to one of them) or express indirectly (e.g. always equal to previous upper bound or the element, first element of result and input are the same). The former is probably more work, but would be neater.
@jesyspa jesyspa added the weak postcondition The postcondition is (much) weaker than what is specified in the prompt label Oct 1, 2024
@jesyspa jesyspa mentioned this issue Oct 1, 2024
Open
7 tasks
@jesyspa
Copy link
Collaborator Author

jesyspa commented Oct 7, 2024

One thing to note here: the invariant uses old, but this has no effect in this context. old isn't about the value of the variable before the loop iteration, it's about the heap state. So I'm fairly sure there's something weird going on with the verification here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
weak postcondition The postcondition is (much) weaker than what is specified in the prompt
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jesyspa