len0rd/FreeRTOS-Kernel
1
0
Fork 0
mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git synced 2025-12-11 22:25:14 -05:00
Code Issues Projects Releases Packages Wiki Activity

Justified memset of TCB fields in prvInitialiseNewTask.

Browse source 
Fields: `pxNewTCB->ucNotifyState` and `pxNewTCB->ulNotifiedValue`
This commit is contained in:
Tobias Reinhard 2022-10-25 16:56:28 -04:00
parent 8a8f0ab9b1
commit 40931d229d
5 changed files with 394 additions and 232 deletions
Download patch file Download diff file Expand all files Collapse all files

541
verification/verifast/preprocessed_files/tasks--pp.c
View file

File diff suppressed because it is too large Load diff

6
verification/verifast/proof/task_predicates.h
View file

@ -36,9 +36,11 @@ predicate TCB_p(TCB_t * tcb, int stackSize) =
tcb->uxMutexesHeld |-> _ &*&
// void * pvThreadLocalStoragePointers[ 5 ];
pointers_(tcb->pvThreadLocalStoragePointers, _, _) &*&
pointers_(tcb->pvThreadLocalStoragePointers, 5, _) &*&
integers__(tcb->ulNotifiedValue, _, _, _, _) &*&
// We assume that the macro `configTASK_NOTIFICATION_ARRAY_ENTRIES`
// evaluates to 1.
integers__(tcb->ulNotifiedValue, 4, false, 1, _) &*&
uchars_(tcb->ucNotifyState, 1, _) &*&

53
verification/verifast/proof/verifast_prelude_extended.h Normal file
View file

@ -0,0 +1,53 @@
#ifndef VERIFAST_PRELUDE_EXTENDED_H
#define VERIFAST_PRELUDE_EXTENDED_H
/* This file contains axioms that would naturally fit into prelude.h
* but are missing.
*/
/* Reminder:
predicate chars_(char *array, int count; list<option<char> > cs) =
count == 0 ?
cs == nil
:
char_(array, ?c) &*& chars_(array + 1, count - 1, ?cs0) &*& cs == cons(c, cs0);
predicate chars(char *array, int count; list<char> cs) =
count == 0 ?
cs == nil
:
character(array, ?c) &*& chars(array + 1, count - 1, ?cs0) &*& cs == cons(c, cs0);
lemma_auto void chars__to_chars(char *array);
requires [?f]chars_(array, ?count, ?cs) &*& cs == map(some, map(the, cs));
ensures [f]chars(array, count, map(the, cs));
predicate integers__(void *p, int size, bool signed_, int count; list<option<int> > vs) =
count == 0 ?
vs == nil
:
integer__(p, size, signed_, ?v0) &*& integers__(p + size, size, signed_, count - 1, ?vs0) &*& vs == cons(v0, vs0);
predicate integers_(void *p, int size, bool signed_, int count; list<int> vs) =
count == 0 ?
vs == nil
:
integer_(p, size, signed_, ?v0) &*& integers_(p + size, size, signed_, count - 1, ?vs0) &*& vs == cons(v0, vs0);
*/
/*@
lemma_auto void integers___to_integers_(void *p);
requires [?f]integers__(p, ?size, ?signed_, ?count, _);
ensures [f]integers_(p, size, signed_, count, _);
@*/
#endif /* VERIFAST_PRELUDE_EXTENDED_H */