-
Notifications
You must be signed in to change notification settings - Fork 48
Expand file tree
/
Copy pathsif_loop_condition.vpr
More file actions
44 lines (36 loc) · 1018 Bytes
/
sif_loop_condition.vpr
File metadata and controls
44 lines (36 loc) · 1018 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
// Any copyright is dedicated to the Public Domain.
// http://creativecommons.org/publicdomain/zero/1.0/
// this testcase demonstrates how looping on a SIF expression behaves semantically
method InLowEventContexts(t: Int)
requires lowEvent
{
while (low(t))
{
assert low(t)
}
// this case is reachable as `t` might be the same in both executions or it might not
//:: ExpectedOutput(assert.failed:assertion.false)
assert false
}
method InLowEventContexts2(t: Int)
requires lowEvent
{
// since `low(t)` evaluates to the same value in both executions, both executions are guaranteed
// to execute the loop bodies in sync
while (low(t))
invariant lowEvent
{
assert lowEvent
}
assert lowEvent
}
method InNonLowEventContexts(t: Int)
requires !lowEvent
{
while (low(t))
{
assert low(t)
}
// the loop will never terminate as `low(t)` trivially evaluates to `true` as there is no second execution
assert false
}