len0rd/FreeRTOS-Kernel
1
0
Fork 0
mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git synced 2025-10-15 01:07:47 -04:00
Code Issues Projects Releases Packages Wiki Activity

Remove or rework assumptions in queue proofs (#603)

Browse source 
This commit is paired with another to queue.c in the kernel.  To
accomodate changes in newer versions of CBMC, the
--pointer-overflow-check is removed.
This commit is contained in:
Dan Good 2021-06-04 15:42:14 -04:00 committed by GitHub
parent d9ddcc0134
commit b6624fa44d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
33 changed files with 57 additions and 124 deletions
Download patch file Download diff file Expand all files Collapse all files

21
FreeRTOS/Test/CBMC/proofs/Queue/QueueGenericCreate/QueueGenericCreate_harness.c
View file

@ -32,19 +32,14 @@
#include "cbmc.h"
void harness(){
UBaseType_t uxQueueLength;
UBaseType_t uxItemSize;
uint8_t ucQueueType;
void harness()
{
UBaseType_t uxQueueLength;
UBaseType_t uxItemSize;
uint8_t ucQueueType;
size_t uxQueueStorageSize;
__CPROVER_assume(uxQueueStorageSize < (UINT32_MAX>>8));
/* Allow CBMC to run in a reasonable amount of time. */
__CPROVER_assume( ( uxQueueLength == QUEUE_LENGTH ) || ( uxItemSize == QUEUE_ITEM_SIZE ) );
// QueueGenericCreate does not check for multiplication overflow
__CPROVER_assume(uxItemSize < uxQueueStorageSize/uxQueueLength);
// QueueGenericCreate asserts positive queue length
__CPROVER_assume(uxQueueLength > ( UBaseType_t ) 0);
xQueueGenericCreate( uxQueueLength, uxItemSize, ucQueueType );
xQueueGenericCreate( uxQueueLength, uxItemSize, ucQueueType );
}