Update VeriFast proofs (#836)

* Undo syntax changes preventing VeriFast parsing

* Update proofs inline with source changes

Outstanding:
  - xQueueGenericReset return code
  - Not using prvIncrementQueueTxLock or prvIncrementQueueRxLock macros

* Remove git hash check

* Document new changes between proven code and implementation

* Update copyright header

* VeriFast proofs: turn off uncrustify checks

Uncrustify requires formatting of comments that is at odds with VeriFast's
proof annotations, which are contained within comments.

* Update ci.yml

Co-authored-by: Joseph Julicher <jjulicher@mac.com>
Co-authored-by: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com>

FreeRTOS/Test/VeriFast/include/proof/queuecontracts.h

@@ -1,6 +1,6 @@
 /*
  * FreeRTOS V202112.00
- * Copyright (C) Amazon.com, Inc. or its affiliates.  All Rights Reserved.
+ * Copyright (C) 2020 Amazon.com, Inc. or its affiliates.  All Rights Reserved.
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy of
  * this software and associated documentation files (the "Software"), to deal in
@@ -24,37 +24,33 @@
  *
  */
 
+/* *INDENT-OFF* */
+
 #ifndef QUEUECONTRACTS_H
 #define QUEUECONTRACTS_H
 
 #include "queue.h"
 
-void prvCopyDataFromQueue( Queue_t * const pxQueue,
-                           void * const pvBuffer );
+void prvCopyDataFromQueue( Queue_t * const pxQueue, void * const pvBuffer );
 /*@requires queue(pxQueue, ?Storage, ?N, ?M, ?W, ?R, ?K, ?is_locked, ?abs) &*& 0 < K &*& chars(pvBuffer, M, _);@*/
-
 /*@ensures queue_after_prvCopyDataFromQueue(pxQueue, Storage, N, M, W, (R+1)%N, K, is_locked, abs) &*&
- *  chars(pvBuffer, M, head(abs));@*/
-
-BaseType_t prvCopyDataToQueue( Queue_t * const pxQueue,
-                               const void * pvItemToQueue,
-                               const BaseType_t xPosition );
+    chars(pvBuffer, M, head(abs));@*/
 
+BaseType_t prvCopyDataToQueue( Queue_t * const pxQueue, const void *pvItemToQueue, const BaseType_t xPosition );
 /*@requires queue(pxQueue, ?Storage, ?N, ?M, ?W, ?R, ?K, ?is_locked, ?abs) &*&
- *  (K < N || xPosition == queueOVERWRITE) &*&
- *  chars(pvItemToQueue, M, ?x) &*&
- *  (xPosition == queueSEND_TO_BACK || xPosition == queueSEND_TO_FRONT || (xPosition == queueOVERWRITE && N == 1));@*/
-
+    (K < N || xPosition == queueOVERWRITE) &*&
+    chars(pvItemToQueue, M, ?x) &*&
+    (xPosition == queueSEND_TO_BACK || xPosition == queueSEND_TO_FRONT || (xPosition == queueOVERWRITE && N == 1));@*/
 /*@ensures
- *  (xPosition == queueSEND_TO_BACK
- *      ? queue(pxQueue, Storage, N, M, (W+1)%N, R, (K+1), is_locked, append(abs, singleton(x)))
- *      : (xPosition == queueSEND_TO_FRONT
- *          ? (R == 0
- *              ? queue(pxQueue, Storage, N, M, W, (N-1), (K+1), is_locked, cons(x, abs))
- *              : queue(pxQueue, Storage, N, M, W, (R-1), (K+1), is_locked, cons(x, abs)))
- *          : xPosition == queueOVERWRITE &*& queue(pxQueue, Storage, N, M, W, R, 1, is_locked, singleton(x)))
- *  ) &*&
- *  chars(pvItemToQueue, M, x);@*/
+    (xPosition == queueSEND_TO_BACK
+        ? queue(pxQueue, Storage, N, M, (W+1)%N, R, (K+1), is_locked, append(abs, singleton(x)))
+        : (xPosition == queueSEND_TO_FRONT
+            ? (R == 0
+                ? queue(pxQueue, Storage, N, M, W, (N-1), (K+1), is_locked, cons(x, abs))
+                : queue(pxQueue, Storage, N, M, W, (R-1), (K+1), is_locked, cons(x, abs)))
+            : xPosition == queueOVERWRITE &*& queue(pxQueue, Storage, N, M, W, R, 1, is_locked, singleton(x)))
+    ) &*&
+    chars(pvItemToQueue, M, x);@*/
 
 BaseType_t prvIsQueueEmpty( Queue_t * pxQueue );
 /*@requires [1/2]queuehandle(pxQueue, ?N, ?M, ?is_isr) &*& is_isr == false;@*/
@@ -65,3 +61,5 @@ BaseType_t prvIsQueueFull( Queue_t * pxQueue );
 /*@ensures [1/2]queuehandle(pxQueue, N, M, is_isr);@*/
 
 #endif /* QUEUECONTRACTS_H */
+
+/* *INDENT-ON* */