len0rd/FreeRTOS-Kernel
1
0
Fork 0
mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git synced 2025-10-26 23:36:32 -04:00
Code Issues Projects Releases Packages Wiki Activity

Sync with a:FR (#75)

Browse source 
* AFR sync

* AFR sync: CBMC

* AFR sync: CBMC: remove .bak files

* AFR sync: CBMC: more cleanup

* Corrected CBMC proofs

* Corrected CBMC patches

* Corrected CBMC patches-1

* Corrected CBMC patches-2

* remove .bak files (3)

Co-authored-by: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com>
This commit is contained in:
Aniruddha Kanhere 2020-05-28 10:11:58 -07:00 committed by GitHub
parent 6557291e54
commit cb7edd2323
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
99 changed files with 6475 additions and 4241 deletions
Download patch file Download diff file Expand all files Collapse all files

149
FreeRTOS/Test/CBMC/include/cbmc.h
View file

@ -1,67 +1,100 @@
/*
* CBMC models a pointer as an object id and an offset into that
* object. The top bits of a pointer encode the object id and the
* remaining bits encode the offset. This means there is a bound on
* the maximum offset into an object in CBMC, and hence a bound on the
* size of objects in CBMC.
*/
#define CBMC_BITS 7
#define CBMC_MAX_OBJECT_SIZE (0xFFFFFFFF >> CBMC_BITS)
/* Standard includes. */
#include <stdint.h>
#include <stdio.h>
enum CBMC_LOOP_CONDITION { CBMC_LOOP_BREAK, CBMC_LOOP_CONTINUE, CBMC_LOOP_RETURN };
/* FreeRTOS includes. */
#include "FreeRTOS.h"
#include "task.h"
#include "semphr.h"
// CBMC specification: capture old value for precondition /
// postcondition checking
#define OLDVAL(var) _old_ ## var
#define SAVE_OLDVAL(var,typ) const typ OLDVAL(var) = var
// CBMC specification: capture old value for values passed by
// reference in function abstractions
#define OBJ(var) (*var)
#define OLDOBJ(var) _oldobj_ ## var
#define SAVE_OLDOBJ(var,typ) const typ OLDOBJ(var) = OBJ(var)
// CBMC debugging: printfs for expressions
#define __CPROVER_printf(var) { uint32_t ValueOf_ ## var = (uint32_t) var; }
#define __CPROVER_printf2(str,exp) { uint32_t ValueOf_ ## str = (uint32_t) (exp); }
// CBMC debugging: printfs for pointer expressions
#define __CPROVER_printf_ptr(var) { uint8_t *ValueOf_ ## var = (uint8_t *) var; }
#define __CPROVER_printf2_ptr(str,exp) { uint8_t *ValueOf_ ## str = (uint8_t *) (exp); }
/* FreeRTOS+TCP includes. */
#include "FreeRTOS_IP.h"
#include "FreeRTOS_Sockets.h"
#include "FreeRTOS_IP_Private.h"
#include "FreeRTOS_UDP_IP.h"
#include "FreeRTOS_DNS.h"
#include "FreeRTOS_DHCP.h"
#include "NetworkBufferManagement.h"
#include "NetworkInterface.h"
/*
* An assertion that pvPortMalloc returns NULL when asked to allocate 0 bytes.
* This assertion is used in some of the Task proofs.
*/
#define __CPROVER_assert_zero_allocation() \
__CPROVER_assert( pvPortMalloc(0) == NULL, \
"pvPortMalloc allows zero-allocated memory.")
* CBMC models a pointer as an object id and an offset into that
* object. The top bits of a pointer encode the object id and the
* remaining bits encode the offset. This means there is a bound on
* the maximum offset into an object in CBMC, and hence a bound on the
* size of objects in CBMC.
*/
#define CBMC_BITS 7
#define CBMC_MAX_OBJECT_SIZE ( 0xFFFFFFFF >> ( CBMC_BITS + 1 ) )
/*
* A stub for pvPortMalloc that nondeterministically chooses to return
* either NULL or an allocation of the requested space. The stub is
* guaranteed to return NULL when asked to allocate 0 bytes.
* This stub is used in some of the Task proofs.
*/
void *pvPortMalloc( size_t xWantedSize )
{
if ( xWantedSize == 0 )
{
return NULL;
}
return nondet_bool() ? malloc( xWantedSize ) : NULL;
}
void vPortFree( void *pv )
{
(void)pv;
free(pv);
}
#define IMPLIES( a, b ) ( !( a ) || ( b ) )
BaseType_t nondet_basetype();
UBaseType_t nondet_ubasetype();
TickType_t nondet_ticktype();
int32_t nondet_int32();
uint32_t nondet_uint32();
size_t nondet_sizet();
#define nondet_BaseType() nondet_basetype()
void * safeMalloc( size_t size );
enum CBMC_LOOP_CONDITION
{
CBMC_LOOP_BREAK, CBMC_LOOP_CONTINUE, CBMC_LOOP_RETURN
};
/* CBMC specification: capture old value for precondition and */
/* postcondition checking */
#define OLDVAL( var ) _old_ ## var
#define SAVE_OLDVAL( var, typ ) const typ OLDVAL( var ) = var
/* CBMC specification: capture old value for values passed by */
/* reference in function abstractions */
#define OBJ( var ) ( * var )
#define OLDOBJ( var ) _oldobj_ ## var
#define SAVE_OLDOBJ( var, typ ) const typ OLDOBJ( var ) = OBJ( var )
/* CBMC debugging: printfs for expressions */
#define __CPROVER_printf( var ) { uint32_t ValueOf_ ## var = ( uint32_t ) var; }
#define __CPROVER_printf2( str, exp ) { uint32_t ValueOf_ ## str = ( uint32_t ) ( exp ); }
/* CBMC debugging: printfs for pointer expressions */
#define __CPROVER_printf_ptr( var ) { uint8_t * ValueOf_ ## var = ( uint8_t * ) var; }
#define __CPROVER_printf2_ptr( str, exp ) { uint8_t * ValueOf_ ## str = ( uint8_t * ) ( exp ); }
/*
* An assertion that pvPortMalloc returns NULL when asked to allocate 0 bytes.
* This assertion is used in some of the TaskPool proofs.
*/
#define __CPROVER_assert_zero_allocation() \
__CPROVER_assert( pvPortMalloc( 0 ) == NULL, \
"pvPortMalloc allows zero-allocated memory." )
/*
* A stub for pvPortMalloc that nondeterministically chooses to return
* either NULL or an allocation of the requested space. The stub is
* guaranteed to return NULL when asked to allocate 0 bytes.
* This stub is used in some of the TaskPool proofs.
*/
void * pvPortMalloc( size_t xWantedSize )
{
if( xWantedSize == 0 )
{
return NULL;
}
return nondet_bool() ? malloc( xWantedSize ) : NULL;
}
void vPortFree( void * pv )
{
( void ) pv;
free( pv );
}

121
FreeRTOS/Test/CBMC/patches/0001-Remove-static-storage-class-from-entry-points.patch
View file

@ -1,121 +0,0 @@
From 884e69144abac08d203bbf8257c6b4a96a2a91ea Mon Sep 17 00:00:00 2001
From: "Mark R. Tuttle" <mrtuttle@amazon.com>
Date: Mon, 21 Oct 2019 14:17:50 -0400
Subject: [PATCH] Remove static storage class from entry points
Many of the entry points we wish to test are marked as being static.
This commit removes the static keyword from all entry points that we
test.
Patch revised on October 21, 2019.
---
.../freertos_plus_tcp/source/FreeRTOS_DHCP.c | 6 +++---
.../standard/freertos_plus_tcp/source/FreeRTOS_DNS.c | 12 ++++++------
.../freertos_plus_tcp/source/FreeRTOS_TCP_WIN.c | 2 +-
3 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c
index c4f79e8e7..d8089a5e7 100644
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c
@@ -198,7 +198,7 @@ static void prvSendDHCPDiscover( void );
/*
* Interpret message received on the DHCP socket.
*/
-static BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType );
+BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType );
/*
* Generate a DHCP request packet, and send it on the DHCP socket.
@@ -234,7 +234,7 @@ static void prvCreateDHCPSocket( void );
/*-----------------------------------------------------------*/
/* The next DHCP transaction Id to be used. */
-static DHCPData_t xDHCPData;
+DHCPData_t xDHCPData;
/*-----------------------------------------------------------*/
@@ -607,7 +607,7 @@ static void prvInitialiseDHCP( void )
}
/*-----------------------------------------------------------*/
-static BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType )
+BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType )
{
uint8_t *pucUDPPayload, *pucLastByte;
struct freertos_sockaddr xClient;
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c
index e511ca324..d6f335304 100644
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c
@@ -116,7 +116,7 @@ static size_t prvCreateDNSMessage( uint8_t *pucUDPPayloadBuffer,
/*
* Simple routine that jumps over the NAME field of a resource record.
*/
-static uint8_t * prvSkipNameField( uint8_t *pucByte,
+uint8_t * prvSkipNameField( uint8_t *pucByte,
size_t uxSourceLen );
/*
@@ -124,7 +124,7 @@ static uint8_t * prvSkipNameField( uint8_t *pucByte,
* The parameter 'xExpected' indicates whether the identifier in the reply
* was expected, and thus if the DNS cache may be updated with the reply.
*/
-static uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
+uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
size_t uxBufferLength,
BaseType_t xExpected );
@@ -152,7 +152,7 @@ static uint32_t prvGetHostByName( const char *pcHostName,
#if( ipconfigUSE_DNS_CACHE == 1 ) || ( ipconfigDNS_USE_CALLBACKS == 1 )
- static uint8_t * prvReadNameField( uint8_t *pucByte,
+ uint8_t * prvReadNameField( uint8_t *pucByte,
size_t uxSourceLen,
char *pcName,
size_t uxLen );
@@ -765,7 +765,7 @@ static const DNSMessage_t xDefaultPartDNSHeader =
#if( ipconfigUSE_DNS_CACHE == 1 ) || ( ipconfigDNS_USE_CALLBACKS == 1 )
- static uint8_t * prvReadNameField( uint8_t *pucByte,
+ uint8_t * prvReadNameField( uint8_t *pucByte,
size_t uxSourceLen,
char *pcName,
size_t uxDestLen )
@@ -843,7 +843,7 @@ static const DNSMessage_t xDefaultPartDNSHeader =
#endif /* ipconfigUSE_DNS_CACHE || ipconfigDNS_USE_CALLBACKS */
/*-----------------------------------------------------------*/
-static uint8_t * prvSkipNameField( uint8_t *pucByte,
+uint8_t * prvSkipNameField( uint8_t *pucByte,
size_t uxSourceLen )
{
size_t uxChunkLength;
@@ -949,7 +949,7 @@ DNSMessage_t *pxDNSMessageHeader;
#endif /* ipconfigUSE_NBNS */
/*-----------------------------------------------------------*/
-static uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
+uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
size_t uxBufferLength,
BaseType_t xExpected )
{
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c
index 1f5a845fa..1a69807c0 100644
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c
@@ -206,7 +206,7 @@ extern void vListInsertGeneric( List_t * const pxList, ListItem_t * const pxNewL
/* List of free TCP segments. */
#if( ipconfigUSE_TCP_WIN == 1 )
- static List_t xSegmentList;
+ List_t xSegmentList;
#endif
/* Logging verbosity level. */
--
2.20.1 (Apple Git-117)

68
FreeRTOS/Test/CBMC/patches/0008-Remove-static-attributes-from-functions-implementing.patch
View file

@ -1,68 +0,0 @@
From 18ca738652bd0ce0a1345cb3dcd7ffacbc196bfa Mon Sep 17 00:00:00 2001
From: "Mark R. Tuttle" <mrtuttle@amazon.com>
Date: Wed, 30 Oct 2019 09:38:56 -0400
Subject: [PATCH] Remove static attributes from functions implementing
prvCheckOptions for CBMC proofs.
---
.../freertos_plus_tcp/source/FreeRTOS_TCP_IP.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c
index 4378e28de..2cd072d24 100644
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c
@@ -225,20 +225,20 @@ static BaseType_t prvTCPPrepareConnect( FreeRTOS_Socket_t *pxSocket );
/*
* Parse the TCP option(s) received, if present.
*/
-static void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, NetworkBufferDescriptor_t *pxNetworkBuffer );
+void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, NetworkBufferDescriptor_t *pxNetworkBuffer );
/*
* Identify and deal with a single TCP header option, advancing the pointer to
* the header. This function returns pdTRUE or pdFALSE depending on whether the
* caller should continue to parse more header options or break the loop.
*/
-static BaseType_t prvSingleStepTCPHeaderOptions( const unsigned char ** const ppucPtr, const unsigned char ** const ppucLast, FreeRTOS_Socket_t ** const ppxSocket, TCPWindow_t ** const ppxTCPWindow);
+BaseType_t prvSingleStepTCPHeaderOptions( const unsigned char ** const ppucPtr, const unsigned char ** const ppucLast, FreeRTOS_Socket_t ** const ppxSocket, TCPWindow_t ** const ppxTCPWindow);
/*
* Skip past TCP header options when doing Selective ACK, until there are no
* more options left.
*/
-static void prvSkipPastRemainingOptions( const unsigned char ** const ppucPtr, FreeRTOS_Socket_t ** const ppxSocket, unsigned char * const ppucLen );
+void prvSkipPastRemainingOptions( const unsigned char ** const ppucPtr, FreeRTOS_Socket_t ** const ppxSocket, unsigned char * const ppucLen );
/*
* Set the initial properties in the options fields, like the preferred
@@ -1157,7 +1157,7 @@ uint32_t ulInitialSequenceNumber = 0;
* that: ((pxTCPHeader->ucTCPOffset & 0xf0) > 0x50), meaning that the TP header
* is longer than the usual 20 (5 x 4) bytes.
*/
-static void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, NetworkBufferDescriptor_t *pxNetworkBuffer )
+void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, NetworkBufferDescriptor_t *pxNetworkBuffer )
{
TCPPacket_t * pxTCPPacket;
TCPHeader_t * pxTCPHeader;
@@ -1191,7 +1191,7 @@ BaseType_t xShouldContinueLoop;
/*-----------------------------------------------------------*/
-static BaseType_t prvSingleStepTCPHeaderOptions( const unsigned char ** const ppucPtr, const unsigned char ** const ppucLast, FreeRTOS_Socket_t ** const ppxSocket, TCPWindow_t ** const ppxTCPWindow)
+BaseType_t prvSingleStepTCPHeaderOptions( const unsigned char ** const ppucPtr, const unsigned char ** const ppucLast, FreeRTOS_Socket_t ** const ppxSocket, TCPWindow_t ** const ppxTCPWindow)
{
UBaseType_t uxNewMSS;
UBaseType_t xRemainingOptionsBytes = ( *ppucLast ) - ( *ppucPtr );
@@ -1319,7 +1319,7 @@ static BaseType_t prvSingleStepTCPHeaderOptions( const unsigned char ** const pp
/*-----------------------------------------------------------*/
-static void prvSkipPastRemainingOptions( const unsigned char ** const ppucPtr, FreeRTOS_Socket_t ** const ppxSocket, unsigned char * const pucLen )
+void prvSkipPastRemainingOptions( const unsigned char ** const ppucPtr, FreeRTOS_Socket_t ** const ppxSocket, unsigned char * const pucLen )
{
uint32_t ulFirst = ulChar2u32( ( *ppucPtr ) );
uint32_t ulLast = ulChar2u32( ( *ppucPtr ) + 4 );
--
2.20.1 (Apple Git-117)

64
FreeRTOS/Test/CBMC/patches/remove-static-in-freertos-dhcp.patch Normal file
View file

@ -0,0 +1,64 @@
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c
index 04b0487..d6e74a9 100644
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c
@@ -156,7 +156,11 @@ struct xDHCPMessage_IPv4
typedef struct xDHCPMessage_IPv4 DHCPMessage_IPv4_t;
/* The UDP socket used for all incoming and outgoing DHCP traffic. */
+#ifdef CBMC
+Socket_t xDHCPSocket;
+#else
static Socket_t xDHCPSocket;
+#endif
#if( ipconfigDHCP_FALL_BACK_AUTO_IP != 0 )
/* Define the Link Layer IP address: 169.254.x.x */
@@ -179,7 +183,11 @@ static void prvSendDHCPDiscover( void );
/*
* Interpret message received on the DHCP socket.
*/
+#ifdef CBMC
+BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType );
+#else
static BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType );
+#endif
/*
* Generate a DHCP request packet, and send it on the DHCP socket.
@@ -204,7 +212,11 @@ static uint8_t *prvCreatePartDHCPMessage( struct freertos_sockaddr *pxAddress,
/*
* Create the DHCP socket, if it has not been created already.
*/
+#ifdef CBMC
+void prvCreateDHCPSocket( void );
+#else
static void prvCreateDHCPSocket( void );
+#endif
/*
* Close the DHCP socket.
@@ -223,7 +235,11 @@ static void prvCloseDHCPSocket( void );
/*-----------------------------------------------------------*/
/* Hold information in between steps in the DHCP state machine. */
+#ifdef CBMC
+DHCPData_t xDHCPData;
+#else
static DHCPData_t xDHCPData;
+#endif
/*-----------------------------------------------------------*/
@@ -623,7 +639,11 @@ static void prvInitialiseDHCP( void )
}
/*-----------------------------------------------------------*/
+#ifdef CBMC
+BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType )
+#else
static BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType )
+#endif
{
uint8_t *pucUDPPayload;
int32_t lBytes;

100
FreeRTOS/Test/CBMC/patches/remove-static-in-freertos-dns.patch Normal file
View file

@ -0,0 +1,100 @@
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c
index 480d50b..5557253 100644
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c
@@ -114,7 +114,11 @@ static Socket_t prvCreateDNSSocket( void );
/*
* Create the DNS message in the zero copy buffer passed in the first parameter.
*/
+#ifdef CBMC
+size_t prvCreateDNSMessage( uint8_t *pucUDPPayloadBuffer,
+#else
static size_t prvCreateDNSMessage( uint8_t *pucUDPPayloadBuffer,
+#endif
const char *pcHostName,
TickType_t uxIdentifier );
@@ -122,7 +126,11 @@ static size_t prvCreateDNSMessage( uint8_t *pucUDPPayloadBuffer,
* Simple routine that jumps over the NAME field of a resource record.
* It returns the number of bytes read.
*/
+#ifdef CBMC
+size_t prvSkipNameField( const uint8_t *pucByte,
+#else
static size_t prvSkipNameField( const uint8_t *pucByte,
+#endif
size_t uxLength );
/*
@@ -130,7 +138,11 @@ static size_t prvSkipNameField( const uint8_t *pucByte,
* The parameter 'xExpected' indicates whether the identifier in the reply
* was expected, and thus if the DNS cache may be updated with the reply.
*/
+#ifdef CBMC
+uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
+#else
static uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
+#endif
size_t uxBufferLength,
BaseType_t xExpected );
@@ -184,7 +196,11 @@ static uint32_t prvGetHostByName( const char *pcHostName,
#if( ipconfigUSE_DNS_CACHE == 1 ) || ( ipconfigDNS_USE_CALLBACKS == 1 )
+#ifdef CBMC
+ size_t prvReadNameField( const uint8_t *pucByte,
+#else
static size_t prvReadNameField( const uint8_t *pucByte,
+#endif
size_t uxRemainingBytes,
char *pcName,
size_t uxDestLen );
@@ -758,7 +774,11 @@ TickType_t uxWriteTimeOut_ticks = ipconfigDNS_SEND_BLOCK_TIME_TICKS;
}
/*-----------------------------------------------------------*/
+#ifdef CBMC
+size_t prvCreateDNSMessage( uint8_t *pucUDPPayloadBuffer,
+#else
static size_t prvCreateDNSMessage( uint8_t *pucUDPPayloadBuffer,
+#endif
const char *pcHostName,
TickType_t uxIdentifier )
{
@@ -838,7 +858,11 @@ static const DNSMessage_t xDefaultPartDNSHeader =
#if( ipconfigUSE_DNS_CACHE == 1 ) || ( ipconfigDNS_USE_CALLBACKS == 1 )
+#ifdef CBMC
+ size_t prvReadNameField( const uint8_t *pucByte,
+#else
static size_t prvReadNameField( const uint8_t *pucByte,
+#endif
size_t uxRemainingBytes,
char *pcName,
size_t uxDestLen )
@@ -932,7 +956,11 @@ static const DNSMessage_t xDefaultPartDNSHeader =
#endif /* ipconfigUSE_DNS_CACHE || ipconfigDNS_USE_CALLBACKS */
/*-----------------------------------------------------------*/
+#ifdef CBMC
+size_t prvSkipNameField( const uint8_t *pucByte,
+#else
static size_t prvSkipNameField( const uint8_t *pucByte,
+#endif
size_t uxLength )
{
size_t uxChunkLength;
@@ -1050,7 +1078,11 @@ size_t uxPayloadSize;
#endif /* ipconfigUSE_NBNS */
/*-----------------------------------------------------------*/
+#ifdef CBMC
+uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
+#else
static uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
+#endif
size_t uxBufferLength,
BaseType_t xExpected )
{

87
FreeRTOS/Test/CBMC/patches/remove-static-in-freertos-tcp-ip.patch Normal file
View file

@ -0,0 +1,87 @@
From afc01793c4531cfbe9f92e7ca2ce9364983d987e Mon Sep 17 00:00:00 2001
From: Mark R Tuttle <mrtuttle@amazon.com>
Date: Tue, 12 May 2020 15:57:56 +0000
Subject: [PATCH] modified lib
---
.../freertos_plus_tcp/source/FreeRTOS_TCP_IP.c | 24 ++++++++++++++++++++++
1 file changed, 24 insertions(+)
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c
index dc58621..963b576 100644
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c
@@ -198,14 +198,22 @@ static BaseType_t prvTCPPrepareConnect( FreeRTOS_Socket_t *pxSocket );
/*
* Parse the TCP option(s) received, if present.
*/
+#ifdef CBMC
+void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, const NetworkBufferDescriptor_t *pxNetworkBuffer );
+#else
static void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, const NetworkBufferDescriptor_t *pxNetworkBuffer );
+#endif
/*
* Identify and deal with a single TCP header option, advancing the pointer to
* the header. This function returns pdTRUE or pdFALSE depending on whether the
* caller should continue to parse more header options or break the loop.
*/
+#ifdef CBMC
+size_t prvSingleStepTCPHeaderOptions( const uint8_t * const pucPtr,
+#else
static size_t prvSingleStepTCPHeaderOptions( const uint8_t * const pucPtr,
+#endif
size_t uxTotalLength,
FreeRTOS_Socket_t * const pxSocket,
BaseType_t xHasSYNFlag );
@@ -214,7 +222,11 @@ static size_t prvSingleStepTCPHeaderOptions( const uint8_t * const pucPtr,
* Skip past TCP header options when doing Selective ACK, until there are no
* more options left.
*/
+#ifdef CBMC
+void prvReadSackOption( const uint8_t * const pucPtr,
+#else
static void prvReadSackOption( const uint8_t * const pucPtr,
+#endif
size_t uxIndex,
FreeRTOS_Socket_t * const pxSocket );
@@ -1137,7 +1149,11 @@ uint32_t ulInitialSequenceNumber = 0;
* that: ((pxTCPHeader->ucTCPOffset & 0xf0) > 0x50), meaning that the TP header
* is longer than the usual 20 (5 x 4) bytes.
*/
+#ifdef CBMC
+void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, const NetworkBufferDescriptor_t *pxNetworkBuffer )
+#else
static void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, const NetworkBufferDescriptor_t *pxNetworkBuffer )
+#endif
{
size_t uxTCPHeaderOffset = ipSIZE_OF_ETH_HEADER + xIPHeaderSize( pxNetworkBuffer );
const ProtocolHeaders_t *pxProtocolHeaders = ipPOINTER_CAST( ProtocolHeaders_t *,
@@ -1201,7 +1217,11 @@ uint8_t ucLength;
}
/*-----------------------------------------------------------*/
+#ifdef CBMC
+size_t prvSingleStepTCPHeaderOptions( const uint8_t * const pucPtr,
+#else
static size_t prvSingleStepTCPHeaderOptions( const uint8_t * const pucPtr,
+#endif
size_t uxTotalLength,
FreeRTOS_Socket_t * const pxSocket,
BaseType_t xHasSYNFlag )
@@ -1346,7 +1366,11 @@ TCPWindow_t *pxTCPWindow = &( pxSocket->u.xTCP.xTCPWindow );
}
/*-----------------------------------------------------------*/
+#ifdef CBMC
+void prvReadSackOption( const uint8_t * const pucPtr,
+#else
static void prvReadSackOption( const uint8_t * const pucPtr,
+#endif
size_t uxIndex,
FreeRTOS_Socket_t * const pxSocket )
{
--
2.7.4

17
FreeRTOS/Test/CBMC/patches/remove-static-in-freertos-tcp-win.patch Normal file
View file

@ -0,0 +1,17 @@
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c
index 0078ab313..b0cccbad8 100644
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c
@@ -192,8 +192,12 @@ extern void vListInsertGeneric( List_t * const pxList, ListItem_t * const pxNewL
/* List of free TCP segments. */
#if( ipconfigUSE_TCP_WIN == 1 )
+#ifdef CBMC
+ List_t xSegmentList;
+#else
static List_t xSegmentList;
#endif
+#endif
/* Logging verbosity level. */
BaseType_t xTCPWindowLoggingLevel = 0;

7
FreeRTOS/Test/CBMC/proofs/Makefile.template
View file

@ -117,11 +117,10 @@ cbmc.txt: $(ENTRY).goto
- cbmc $(CBMCFLAGS) --unwinding-assertions --trace @RULE_INPUT@ > $@ 2>&1
property.xml: $(ENTRY).goto
cbmc $(CBMCFLAGS) --unwinding-assertions --show-properties --xml-ui @RULE_INPUT@ \
2>&1 > $@
cbmc $(CBMCFLAGS) --unwinding-assertions --show-properties --xml-ui @RULE_INPUT@ > $@ 2>&1
coverage.xml: $(ENTRY).goto
cbmc $(CBMCFLAGS) --cover location --xml-ui @RULE_INPUT@ 2>&1 > $@
cbmc $(CBMCFLAGS) --cover location --xml-ui @RULE_INPUT@ > $@ 2>&1
cbmc: cbmc.txt
@ -148,7 +147,7 @@ report: cbmc.txt property.xml coverage.xml
clean:
@RM@ $(OBJS) $(ENTRY).goto
@RM@ $(ENTRY)[0-9].goto $(ENTRY)[0-9].txt
@RM@ cbmc.txt property.xml coverage.xml TAGS
@RM@ cbmc.txt property.xml coverage.xml TAGS TAGS-*
@RM@ *~ \#*
@RM@ queue_datastructure.h

20
FreeRTOS/Test/CBMC/proofs/MakefileCommon.json
View file

@ -10,20 +10,22 @@
"WINVER=0x400",
"_CRT_SECURE_NO_WARNINGS",
"__PRETTY_FUNCTION__=__FUNCTION__",
"CBMC",
"'configASSERT(X)=__CPROVER_assert(X,\"Assertion Error\")'",
"'configPRECONDITION(X)=__CPROVER_assume(X)'"
],
"INC ": [
"$(FREERTOS)/Source/include",
"$(FREERTOS)/Source/portable/MSVC-MingW",
"$(FREERTOS)/../FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/include",
"$(FREERTOS)/../FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/portable/BufferManagement",
"$(FREERTOS)/../FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/portable/Compiler/MSVC",
"$(FREERTOS)/../FreeRTOS-Plus/Demo/FreeRTOS_Plus_TCP_Minimal_Windows_Simulator/WinPCap",
"$(FREERTOS)/Demo/Common/include",
"$(FREERTOS)/Test/CBMC/include",
"$(FREERTOS)/Test/CBMC/patches"
"$(FREERTOS)/Source/include",
"$(FREERTOS)/Source/portable/MSVC-MingW",
"$(FREERTOS)/../FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/include",
"$(FREERTOS)/../FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/portable/Compiler/MSVC",
"$(FREERTOS)/../FreeRTOS-Plus/Demo/FreeRTOS_Plus_TCP_Minimal_Windows_Simulator/WinPCap",
"$(FREERTOS)/Demo/Common/include",
"$(FREERTOS)/Test/CBMC/include",
"$(FREERTOS)/Test/CBMC/patches",
"$(FREERTOS)/../FreeRTOS-Plus/Test/CBMC/windows",
"$(FREERTOS)/../FreeRTOS-Plus/Test/CBMC/windows2"
],
"CBMCFLAGS ": [