-
Notifications
You must be signed in to change notification settings - Fork 257
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Emit Rust code #601
Comments
I responded on #547, but then realized we can actually do better than your example! Because the Dafny verifier requires all array indexes to be provably safe, we should be able to compile all Dafny array operations to unsafe Rust array operations, since Dafny is already responsible for the bounds checking. There's a version of binary search in the Dafny test suite here that doesn't need dafny/Test/dafny4/BinarySearch.dfy Lines 55 to 76 in 14c5be9
|
In the current development of the Dafny to Rust code generator, arrays will be encoding using slices and accesses will be using unchecked access. So I'm happy to close this issue ! |
Let me leave it open until the branch is merged into master |
Rust is a particularly interesting language to interop with Dafny because of it's strong types, anti-aliasing guarantees, memory safety, and performance optimizations.
An example of how this could light up well is if Dafny could turn
expect
#547 expressions into compiler optimization hints. Here's the a Rust version of the binary search example that I wrote by hand:The resulting code (at least via MSVC) contains no bounds checks for
a[mid]
when the (faked) expect clause is included - cool!The text was updated successfully, but these errors were encountered: