Chalice/tests/examples/SmokeTestTest.chalice


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121

// This file is meant as a test for Chalice's smoke testing feature (command line switch -smoke)
class Cell {
  var f: int;
  
  invariant acc(this.f) && f == 1
  invariant f == 2 // SMOKE: contradiction
  
  method a1()
    requires false // SMOKE: precondition is false
  {}
  
  method a2()
    requires acc(this.f,-2) // SMOKE: precondition is equivalent to false
  {}
  
  method a3()
    requires acc(this.f)
  {
    if (this.f > 0) {
      this.f := 0;
    }
  }
  
  method a4()
    requires acc(this.f)
  {
    if (false) {
      this.f := 0; // SMOKE: unreachable
    }
  }
  
  method a5()
    requires acc(this.f)
  {
    if (true) {
      this.f := 0;
    }
  }
  
  method a6()
    requires acc(this.f)
  {
    if (false) {
      this.f := 0; // SMOKE: unreachable
    } else {
      this.f := 1;
    }
  }
  
  method a7(i: int, j: int)
    requires i != j;
  {
    assume i == j; // SMOKE: introduces contradiction
  }
  
  method a8()
    requires acc(this.f)
  {
    while (true)
      invariant acc(this.f)
    {
      this.f := this.f + 1
    }
    // SMOKE: unreachable, loop does not terminate
  }
  
  method a9()
    requires acc(this.f)
  {
    call a8()
  }
  
  method a10()
    requires acc(this.f)
  {
    if (true) {
      this.f := 0;
    } else {
      this.f := 1; // SMOKE: unreachable
    }
  }
  
  function f1(): int
    requires false // SMOKE: precondition is false
  { 1 }
  
  method a11()
  {
    var i: int := 0
    if (false) {
      // SMOKE: unreachable
    } else {
      if (true) { assume false } // SMOKE: introduces contradiction
      else { assume i == 1 } // SMOKE: introduces contradiction
    }
  }
  
  method a12()
  {
    assume false // SMOKE: introduces contradiction
    while (false) {
    
    }
  }
  
  method a13()
    ensures false // ERROR: cannot prove false
  {
  }
  
  method a14()
  {
    call a13(); // SMOKE: statements afterwards not reachable anymore
  }
  
  predicate valid {
    1 == 2 // SMOKE: contradiction
  }
}

channel C(msg: bool) where msg && !msg // SMOKE: contradiction