def join2(self, t1: Thread, t2: Thread) -> None: Requires(t1 is not t2) Requires(getMethod(t1) == Clazz.readX) Requires(getMethod(t2) == Clazz.readX) Requires(getArg(t1, 0) is self) Requires(getArg(t2, 0) is self) Requires(Joinable(t1)) Requires(Joinable(t2)) Requires(Acc(ThreadPost(t1))) Requires(Acc(ThreadPost(t2))) Requires(WaitLevel() < Level(t1)) Requires(WaitLevel() < Level(t2)) Ensures(Acc(self.x, getARP(t1) + getARP(t2))) t1.join(self.readX) t2.join(self.readX)
def client_fork(t: Thread, l: BaseLock) -> None: Requires(Acc(MayStart(t))) Requires(getMethod(t) == noop) Requires(l is getArg(t, 0)) Ensures(WaitLevel() < Level(t)) #:: ExpectedOutput(invalid.program:invalid.thread.start) t.start(noop)
def thread_join_wrong_level(t: Thread, cl: Cell) -> None: Requires(getMethod(t) == decr) Requires(getArg(t, 0) is cl) Requires(getArg(t, 1) is 7) Requires(getOld(t, arg(0).val) is 123) Requires(Acc(ThreadPost(t))) #:: ExpectedOutput(thread.join.failed:wait.level.invalid) t.join(Cell.incr, decr)
def thread_join_not_joinable(t: Thread, cl: Cell) -> None: Requires(getMethod(t) == decr) Requires(getArg(t, 0) is cl) Requires(getArg(t, 1) is 7) Requires(getOld(t, arg(0).val) is 123) Requires(WaitLevel() < Level(t)) #:: ExpectedOutput(thread.join.failed:thread.not.joinable) t.join(Cell.incr, decr)
def client_fork_wrong_mayjoin(t: Thread, b: bool, cell: Cell) -> None: Requires(Acc(MayStart(t))) Requires(getMethod(t) == Cell.incr) Requires(Acc(cell.val)) Requires(cell is getArg(t, 0)) #:: ExpectedOutput(postcondition.violated:assertion.false) Ensures(Joinable(t)) t.start(decr, Cell.incr)
def client_fork_wrong_thread_post(t: Thread, b: bool, cell: Cell) -> None: Requires(Acc(MayStart(t))) Requires(getMethod(t) == Cell.incr) Requires(Acc(cell.val)) Requires(cell is getArg(t, 0)) #:: ExpectedOutput(postcondition.violated:insufficient.permission) Ensures(Acc(ThreadPost(t))) t.start(decr, Cell.incr)
def client_fork_wrong_old_2(t: Thread, b: bool, cell: Cell) -> None: Requires(Acc(MayStart(t))) Requires(getMethod(t) == Cell.incr) Requires(Acc(cell.val)) Requires(cell is getArg(t, 0)) #:: ExpectedOutput(postcondition.violated:assertion.false) Ensures(getOld(t, arg(0).val) == 14) cell.val = 12 t.start(decr, Cell.incr)
def join1(self, t: Thread) -> None: Requires(getMethod(t) == Clazz.readX) Requires(getArg(t, 0) is self) Requires(Joinable(t)) Requires(Acc(ThreadPost(t), 1)) Requires(Acc(self.x, 1 - getARP(t))) Requires(WaitLevel() < Level(t)) Ensures(Acc(self.x)) t.join(self.readX)
def thread_join_wrong_method(t: Thread, cl: Cell) -> None: Requires(getMethod(t) == Cell.incr) Requires(getArg(t, 0) is cl) Requires(getArg(t, 1) is 7) Requires(getOld(t, arg(0).val) is 123) Requires(Acc(ThreadPost(t))) Requires(WaitLevel() < Level(t)) t.join(decr) #:: ExpectedOutput(assert.failed:insufficient.permission) assert cl.val == 116
def thread_join_no_post_perm(t: Thread, cl: Cell) -> None: Requires(getMethod(t) == decr) Requires(getArg(t, 0) is cl) Requires(getArg(t, 1) is 7) Requires(getOld(t, arg(0).val) is 123) Requires(Joinable(t)) Requires(WaitLevel() < Level(t)) t.join(Cell.incr, decr) #:: ExpectedOutput(assert.failed:insufficient.permission) assert cl.val == 116
def client_fork(t: Thread, b: bool, cell: Cell) -> None: Requires(Acc(MayStart(t))) Requires(getMethod(t) == Cell.incr) Requires(Acc(cell.val)) Requires(cell is getArg(t, 0)) Ensures(getOld(t, arg(0).val) == 12) Ensures(WaitLevel() < Level(t)) #:: ExpectedOutput(postcondition.violated:insufficient.permission) Ensures(Acc(MayStart(t))) cell.val = 12 t.start(decr, Cell.incr)
def thread_join_part_perm(t: Thread, cl: Cell) -> None: Requires(getMethod(t) == decr) Requires(getArg(t, 0) is cl) Requires(getArg(t, 1) is 7) Requires(getOld(t, arg(0).val) is 123) Requires(Acc(ThreadPost(t), 1 / 2)) Requires(WaitLevel() < Level(t)) t.join(Cell.incr, decr) assert cl.val == 116 #:: ExpectedOutput(assignment.failed:insufficient.permission) cl.val = 11
def thread_join_pred_partial(t: Thread, cl: Cell) -> None: Requires(getMethod(t) == decr_pred) Requires(getArg(t, 0) is cl) Requires(getArg(t, 1) is 7) Requires(getOld(t, arg(0).val) is 123) Requires(Acc(ThreadPost(t), 1 / 2)) Requires(WaitLevel() < Level(t)) Ensures(Joinable(t)) t.join(decr, decr_pred) Unfold(Acc(cell_pred(cl, 116), 1 / 2)) assert cl.val == 116 #:: ExpectedOutput(unfold.failed:insufficient.permission) Unfold(Acc(cell_pred(cl, 116), 1 / 2))
def thread_join_pred(t: Thread, cl: Cell) -> None: Requires(getMethod(t) == decr_pred) Requires(getArg(t, 0) is cl) Requires(getArg(t, 1) is 7) Requires(getOld(t, arg(0).val) is 123) Requires(Acc(ThreadPost(t))) Requires(WaitLevel() < Level(t)) Ensures(Joinable(t)) #:: ExpectedOutput(postcondition.violated:assertion.false) Ensures(False) t.join(decr, decr_pred) Unfold(cell_pred(cl, 116)) assert cl.val == 116
def client_create(b: bool) -> Thread: Ensures(MayStart(Result())) Ensures(Implies(b, getArg(Result(), 1) is 3)) Ensures(Implies(not b, getArg(Result(), 1) is 6)) Ensures(Implies(not b, getMethod(Result()) == decr)) #:: ExpectedOutput(postcondition.violated:assertion.false) Ensures(getArg(Result(), 2) is None) cl = Cell() if b: t = Thread(None, target=cl.incr, args=(3, )) else: t = Thread(target=decr, group=None, args=(cl, 6)) return t
def client_fork_missing_start_perm(t: Thread, b: bool, cell: Cell) -> None: Requires(getMethod(t) == Cell.incr) Requires(Acc(cell.val)) Requires(cell is getArg(t, 0)) #:: ExpectedOutput(thread.start.failed:missing.start.permission) t.start(decr, Cell.incr)
def test(o: Thread) -> None: #:: ExpectedOutput(invalid.program:invalid.get.method.use) Requires(get_two(getMethod(o))) pass
def client_fork_precond_not_fulfilled(t: Thread, b: bool, cell: Cell) -> None: Requires(Acc(MayStart(t))) Requires(getMethod(t) == Cell.incr) Requires(cell is getArg(t, 0)) #:: ExpectedOutput(thread.start.failed:insufficient.permission) t.start(decr, Cell.incr)