summaryrefslogtreecommitdiff
path: root/Test/lock
diff options
context:
space:
mode:
Diffstat (limited to 'Test/lock')
-rw-r--r--Test/lock/Answer8
-rw-r--r--Test/lock/Lock.bpl122
-rw-r--r--Test/lock/LockIncorrect.bpl51
-rw-r--r--Test/lock/Output8
-rw-r--r--Test/lock/runtest.bat7
5 files changed, 196 insertions, 0 deletions
diff --git a/Test/lock/Answer b/Test/lock/Answer
new file mode 100644
index 00000000..bcfc9f1c
--- /dev/null
+++ b/Test/lock/Answer
@@ -0,0 +1,8 @@
+
+Boogie program verifier finished with 3 verified, 0 errors
+LockIncorrect.bpl(17,3): Error BP5001: This assertion might not hold.
+Execution trace:
+ LockIncorrect.bpl(9,1): start
+ LockIncorrect.bpl(14,1): LoopHead
+
+Boogie program verifier finished with 0 verified, 1 error
diff --git a/Test/lock/Lock.bpl b/Test/lock/Lock.bpl
new file mode 100644
index 00000000..ed24a710
--- /dev/null
+++ b/Test/lock/Lock.bpl
@@ -0,0 +1,122 @@
+procedure LockingExample();
+
+implementation LockingExample()
+{
+var x: int;
+var y: int;
+var held: int;
+
+start:
+ held := 0;
+ x := 0;
+ goto LoopHead;
+
+LoopHead:
+ // Lock
+ assert held == 0;
+ held := 1;
+
+ y := x;
+ goto UnlockNow, LoopEnd;
+
+UnlockNow:
+ // Unlock
+ assert held == 1;
+ held := 0;
+
+ x := x + 1;
+ goto LoopEnd;
+
+LoopEnd:
+ goto ContinueIteration, EndIteration;
+
+ContinueIteration:
+ assume x != y;
+ goto LoopHead;
+
+EndIteration:
+ assume x == y;
+ goto AfterLoop;
+
+AfterLoop:
+ // Unlock
+ assert held == 1;
+ held := 0;
+
+ return;
+
+}
+
+
+procedure StructuredLockingExample()
+{
+ var x: int;
+ var y: int;
+ var held: bool;
+
+ held := false;
+ x := 0;
+
+ while (true)
+ invariant !held;
+ {
+ // Lock
+ assert !held;
+ held := true;
+
+ y := x;
+ if (*) {
+ // Unlock
+ assert held;
+ held := false;
+
+ x := x + 1;
+ }
+
+ if (x == y) { break; }
+ }
+
+ // Unlock
+ assert held;
+ held := false;
+}
+
+procedure StructuredLockingExampleWithCalls()
+{
+ var x: int;
+ var y: int;
+ var mutex: Mutex;
+
+ call mutex := Initialize();
+ x := 0;
+
+ while (true)
+ invariant !IsHeld(mutex);
+ {
+ call mutex := Acquire(mutex);
+
+ y := x;
+ if (*) {
+ call mutex := Release(mutex);
+ x := x + 1;
+ }
+
+ if (x == y) { break; }
+ }
+
+ call mutex := Release(mutex);
+}
+
+type Mutex;
+function IsHeld(Mutex) returns (bool);
+
+procedure Initialize() returns (post: Mutex);
+ ensures !IsHeld(post);
+
+procedure Acquire(pre: Mutex) returns (post: Mutex);
+ requires !IsHeld(pre);
+ ensures IsHeld(post);
+
+procedure Release(pre: Mutex) returns (post: Mutex);
+ requires IsHeld(pre);
+ ensures !IsHeld(post);
diff --git a/Test/lock/LockIncorrect.bpl b/Test/lock/LockIncorrect.bpl
new file mode 100644
index 00000000..776f8af6
--- /dev/null
+++ b/Test/lock/LockIncorrect.bpl
@@ -0,0 +1,51 @@
+procedure LockingExample();
+
+implementation LockingExample()
+{
+var x: int;
+var y: int;
+var held: int;
+
+start:
+ held := 0;
+ x := 0;
+ goto LoopHead;
+
+LoopHead:
+ // Lock
+ held := held + 6;
+ assert held == 0;
+ held := 1;
+
+ y := x;
+ goto UnlockNow, LoopEnd;
+
+UnlockNow:
+ // Unlock
+ assert held == 1;
+ held := 0;
+
+ x := x + 1;
+ goto LoopEnd;
+
+LoopEnd:
+ goto ContinueIteration, EndIteration;
+
+ContinueIteration:
+ assume x != y;
+ goto LoopHead;
+
+EndIteration:
+ assume x == y;
+ goto AfterLoop;
+
+AfterLoop:
+ // Unlock
+ assert held == 1;
+ held := 0;
+
+ return;
+
+}
+
+
diff --git a/Test/lock/Output b/Test/lock/Output
new file mode 100644
index 00000000..bcfc9f1c
--- /dev/null
+++ b/Test/lock/Output
@@ -0,0 +1,8 @@
+
+Boogie program verifier finished with 3 verified, 0 errors
+LockIncorrect.bpl(17,3): Error BP5001: This assertion might not hold.
+Execution trace:
+ LockIncorrect.bpl(9,1): start
+ LockIncorrect.bpl(14,1): LoopHead
+
+Boogie program verifier finished with 0 verified, 1 error
diff --git a/Test/lock/runtest.bat b/Test/lock/runtest.bat
new file mode 100644
index 00000000..a90972c9
--- /dev/null
+++ b/Test/lock/runtest.bat
@@ -0,0 +1,7 @@
+@echo off
+setlocal
+
+set BGEXE=..\..\Binaries\Boogie.exe
+
+%BGEXE% %* Lock.bpl
+%BGEXE% %* LockIncorrect.bpl