diff options
Diffstat (limited to 'Test/lock')
| -rw-r--r-- | Test/lock/Answer | 8 | ||||
| -rw-r--r-- | Test/lock/Lock.bpl | 122 | ||||
| -rw-r--r-- | Test/lock/LockIncorrect.bpl | 51 | ||||
| -rw-r--r-- | Test/lock/Output | 8 | ||||
| -rw-r--r-- | Test/lock/runtest.bat | 7 |
5 files changed, 196 insertions, 0 deletions
diff --git a/Test/lock/Answer b/Test/lock/Answer new file mode 100644 index 00000000..bcfc9f1c --- /dev/null +++ b/Test/lock/Answer @@ -0,0 +1,8 @@ +
+Boogie program verifier finished with 3 verified, 0 errors
+LockIncorrect.bpl(17,3): Error BP5001: This assertion might not hold.
+Execution trace:
+ LockIncorrect.bpl(9,1): start
+ LockIncorrect.bpl(14,1): LoopHead
+
+Boogie program verifier finished with 0 verified, 1 error
diff --git a/Test/lock/Lock.bpl b/Test/lock/Lock.bpl new file mode 100644 index 00000000..ed24a710 --- /dev/null +++ b/Test/lock/Lock.bpl @@ -0,0 +1,122 @@ +procedure LockingExample();
+
+implementation LockingExample()
+{
+var x: int;
+var y: int;
+var held: int;
+
+start:
+ held := 0;
+ x := 0;
+ goto LoopHead;
+
+LoopHead:
+ // Lock
+ assert held == 0;
+ held := 1;
+
+ y := x;
+ goto UnlockNow, LoopEnd;
+
+UnlockNow:
+ // Unlock
+ assert held == 1;
+ held := 0;
+
+ x := x + 1;
+ goto LoopEnd;
+
+LoopEnd:
+ goto ContinueIteration, EndIteration;
+
+ContinueIteration:
+ assume x != y;
+ goto LoopHead;
+
+EndIteration:
+ assume x == y;
+ goto AfterLoop;
+
+AfterLoop:
+ // Unlock
+ assert held == 1;
+ held := 0;
+
+ return;
+
+}
+
+
+procedure StructuredLockingExample()
+{
+ var x: int;
+ var y: int;
+ var held: bool;
+
+ held := false;
+ x := 0;
+
+ while (true)
+ invariant !held;
+ {
+ // Lock
+ assert !held;
+ held := true;
+
+ y := x;
+ if (*) {
+ // Unlock
+ assert held;
+ held := false;
+
+ x := x + 1;
+ }
+
+ if (x == y) { break; }
+ }
+
+ // Unlock
+ assert held;
+ held := false;
+}
+
+procedure StructuredLockingExampleWithCalls()
+{
+ var x: int;
+ var y: int;
+ var mutex: Mutex;
+
+ call mutex := Initialize();
+ x := 0;
+
+ while (true)
+ invariant !IsHeld(mutex);
+ {
+ call mutex := Acquire(mutex);
+
+ y := x;
+ if (*) {
+ call mutex := Release(mutex);
+ x := x + 1;
+ }
+
+ if (x == y) { break; }
+ }
+
+ call mutex := Release(mutex);
+}
+
+type Mutex;
+function IsHeld(Mutex) returns (bool);
+
+procedure Initialize() returns (post: Mutex);
+ ensures !IsHeld(post);
+
+procedure Acquire(pre: Mutex) returns (post: Mutex);
+ requires !IsHeld(pre);
+ ensures IsHeld(post);
+
+procedure Release(pre: Mutex) returns (post: Mutex);
+ requires IsHeld(pre);
+ ensures !IsHeld(post);
diff --git a/Test/lock/LockIncorrect.bpl b/Test/lock/LockIncorrect.bpl new file mode 100644 index 00000000..776f8af6 --- /dev/null +++ b/Test/lock/LockIncorrect.bpl @@ -0,0 +1,51 @@ +procedure LockingExample();
+
+implementation LockingExample()
+{
+var x: int;
+var y: int;
+var held: int;
+
+start:
+ held := 0;
+ x := 0;
+ goto LoopHead;
+
+LoopHead:
+ // Lock
+ held := held + 6;
+ assert held == 0;
+ held := 1;
+
+ y := x;
+ goto UnlockNow, LoopEnd;
+
+UnlockNow:
+ // Unlock
+ assert held == 1;
+ held := 0;
+
+ x := x + 1;
+ goto LoopEnd;
+
+LoopEnd:
+ goto ContinueIteration, EndIteration;
+
+ContinueIteration:
+ assume x != y;
+ goto LoopHead;
+
+EndIteration:
+ assume x == y;
+ goto AfterLoop;
+
+AfterLoop:
+ // Unlock
+ assert held == 1;
+ held := 0;
+
+ return;
+
+}
+
+
diff --git a/Test/lock/Output b/Test/lock/Output new file mode 100644 index 00000000..bcfc9f1c --- /dev/null +++ b/Test/lock/Output @@ -0,0 +1,8 @@ +
+Boogie program verifier finished with 3 verified, 0 errors
+LockIncorrect.bpl(17,3): Error BP5001: This assertion might not hold.
+Execution trace:
+ LockIncorrect.bpl(9,1): start
+ LockIncorrect.bpl(14,1): LoopHead
+
+Boogie program verifier finished with 0 verified, 1 error
diff --git a/Test/lock/runtest.bat b/Test/lock/runtest.bat new file mode 100644 index 00000000..a90972c9 --- /dev/null +++ b/Test/lock/runtest.bat @@ -0,0 +1,7 @@ +@echo off
+setlocal
+
+set BGEXE=..\..\Binaries\Boogie.exe
+
+%BGEXE% %* Lock.bpl
+%BGEXE% %* LockIncorrect.bpl
|