len0rd/FreeRTOS-Kernel
1
0
Fork 0
mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git synced 2025-12-11 14:15:12 -05:00
Code Issues Projects Releases Packages Wiki Activity

Updated proof documentation.

Browse source
This commit is contained in:
Tobias Reinhard 2022-12-28 12:37:48 -05:00
parent 944cc51b94
commit 3057a186c2
1 changed files with 2 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

16
Test/VeriFast/tasks/vTaskSwitchContext/proof/lock_predicates.h
View file

@ -4,13 +4,6 @@
#include "task_running_states.h" #include "task_running_states.h"
/* We follow a minimalistic approach during the definition of the
* lock predicates. So far, the only encapsulate the resources and
* invariants required to verify `vTaskSwitchContext`.
* We are going to extend and refine them when we proceed to verify
* other parts of FRTOS.
*/
#include "verifast_lists_extended.h" #include "verifast_lists_extended.h"
@ -189,16 +182,11 @@ predicate_ctor readOnly_TCB_runState_IF_not_running_p
/*@
lemma void nonauto_nth_update<t>(int i, int j, t y, list<t> xs);
requires 0 <= i && i < length(xs) && 0 <= j && j < length(xs);
ensures nth(i, update(j, y, xs)) == (i == j ? y : nth(i, xs));
@*/
// ----------------------------------------------------------------------- // -----------------------------------------------------------------------
// TODO: Move lemmas below to separate header file. // The following lemmas are necessary to prove that state updates preserve
// the lock invariant.
/*@ /*@
lemma void update_readOnly_TCB_runState(TCB_t* t, lemma void update_readOnly_TCB_runState(TCB_t* t,