✓
Passing This code compiles and runs correctly.
Code
// TEST: Valid usage - connection → transaction → execute → commit → close
//
// This is the happy path: open a connection, start a transaction,
// do some work, commit, and close. All obligations are satisfied.
//
// EXPECTED: Compiles and runs successfully
~import "$app/db"
~app.db:connect(host: "localhost")
| ok c |>
app.db:begin(conn: c.conn)
| ok t |>
app.db:exec(tx: t.tx, sql: "INSERT INTO users VALUES (1, 'alice')")
| ok r |>
app.db:commit(tx: r.tx)
| ok conn |>
app.db:close(conn: conn.conn)
| err _ |> _
Expected
Executing: INSERT INTO users VALUES (1, 'alice')
COMMIT
Connection closed
Actual
Executing: INSERT INTO users VALUES (1, 'alice')
COMMIT
Connection closed
Imported Files
// Database module demonstrating phantom obligation semantics
//
// State machine:
// connect() → Connection[connected!] -- must use connection
// begin() → Transaction[started!] -- consumes conn, must exec
// exec() → Transaction[active!] -- now can commit/rollback
// commit() → Connection[active!] -- returns conn, can reuse or close
// rollback() → Connection[active!] -- returns conn, can reuse or close
// close() → void -- only accepts [!active], not [!connected]
//
// Key insight: close() requires [!active], which only comes from commit/rollback.
// This FORCES you to use the connection meaningfully before closing.
const std = @import("std");
const Connection = struct { handle: i32 };
const Transaction = struct { conn_handle: i32 };
// connect: creates connection with [connected!] obligation
~pub event connect { host: []const u8 }
| ok { conn: *Connection[connected!] }
| err { msg: []const u8 }
~proc connect {
const c = std.heap.page_allocator.create(Connection) catch unreachable;
c.* = Connection{ .handle = 42 };
return .{ .ok = .{ .conn = c } };
}
// begin: consumes [!connected] OR [!active], produces Transaction[started!]
~pub event begin { conn: *Connection[!connected|!active] }
| ok { tx: *Transaction[started!] }
~proc begin {
const tx = std.heap.page_allocator.create(Transaction) catch unreachable;
tx.* = Transaction{ .conn_handle = conn.handle };
return .{ .ok = .{ .tx = tx } };
}
// exec: consumes [!started] OR [!active], produces Transaction[active!]
~pub event exec { tx: *Transaction[!started|!active], sql: []const u8 }
| ok { tx: *Transaction[active!] }
~proc exec {
std.debug.print("Executing: {s}\n", .{sql});
return .{ .ok = .{ .tx = tx } };
}
// commit: consumes [!active], returns Connection[active!]
~pub event commit { tx: *Transaction[!active] }
| ok { conn: *Connection[active!] }
~proc commit {
std.debug.print("COMMIT\n", .{});
const c = std.heap.page_allocator.create(Connection) catch unreachable;
c.* = Connection{ .handle = tx.conn_handle };
std.heap.page_allocator.destroy(tx);
return .{ .ok = .{ .conn = c } };
}
// rollback: consumes [!active], returns Connection[active!]
~pub event rollback { tx: *Transaction[!active] }
| ok { conn: *Connection[active!] }
~proc rollback {
std.debug.print("ROLLBACK\n", .{});
const c = std.heap.page_allocator.create(Connection) catch unreachable;
c.* = Connection{ .handle = tx.conn_handle };
std.heap.page_allocator.destroy(tx);
return .{ .ok = .{ .conn = c } };
}
// close: ONLY accepts [!active] - forces meaningful use before close
~pub event close { conn: *Connection[!active] }
~proc close {
std.debug.print("Connection closed\n", .{});
std.heap.page_allocator.destroy(conn);
}
Test Configuration
MUST_RUN