I am playing around with KeY (https://www.key-project.org) for a teaching project.
On one hand I was happy that KeY easily proves correctness of the following jml annotated java code
/*@ ensures ((\result == a) || (\result == b));
@ ensures ((\result >= a) && (\result >= b));
*/
public int max(int a, int b) {
if(a <= b)
return b;
else
return a;
}
but on the other hand I was surprisingly not enable to prove correctness of the following equivalent program
/*@ ensures ((\result == a) || (\result == b));
@ ensures ((\result >= a) && (\result >= b));
*/
public int max(int a, int b) {
return (a <= b) ? b : a;
}
Does somebody know whether I am missing something?
Thanks for checking out KeY.
The stated examples verify automatically in no time with KeY 2.6.3 on my PC. KeY has a number of settings upon which the verification engine depends. Perhaps some of these settings make KeY fail.
You should press the button "Choose Predef" from the "Proof Search Strategy" panel and try again. It should work then.
You might also consider removing the directory ".key" in your home directory to fully reset the settings of KeY. Perhaps some settings prevents the tool from succeeding.
Hope this helps!