Tobias Reinhard
|
00bb9d4a17
|
Verified runtime assertion that running task is either scheduled or yielding.
|
2022-12-04 11:54:07 -05:00 |
|
Tobias Reinhard
|
fbf4ba981f
|
Added lemmas to update read permissions for unscheduled tasks after new task has been started.
|
2022-12-04 10:19:48 -05:00 |
|
Tobias Reinhard
|
6a0b2116fe
|
Added lemmas to define updated state lists and reason locally about results. Local reasoning necessary to avoid auto-lemma application loops.
|
2022-12-04 09:17:13 -05:00 |
|
Tobias Reinhard
|
e403e8bc74
|
Added lemma to update the read permissions for unscheduled tasks after a task has been stopped.
|
2022-12-03 18:05:15 -05:00 |
|
Tobias Reinhard
|
0df45b465e
|
Added lemmas that allow updating the lock invariant after a state update.
|
2022-12-03 14:54:26 -05:00 |
|
Tobias Reinhard
|
dda2dbda6f
|
Added states list to lock invariant.
|
2022-12-03 10:04:04 -05:00 |
|
Tobias Reinhard
|
e4db1f8aba
|
Refined lock invariant to only give read permission to all tasks and write permission to locally scheduled task
|
2022-12-03 08:58:19 -05:00 |
|
Tobias Reinhard
|
1919f8142f
|
Deleted deprecated lemmas and predicates.
|
2022-12-02 15:07:43 -05:00 |
|
Tobias Reinhard
|
3be9d76d82
|
Made sharedSeg_TCB_p precise to allow merging of fractions without opening and closing
|
2022-12-02 15:06:25 -05:00 |
|
Tobias Reinhard
|
b44eb855d9
|
Deleted deprecated predicate and lemmas.
|
2022-12-02 15:05:20 -05:00 |
|
Tobias Reinhard
|
df780a1823
|
Introduced list of flat list of tasks in lock invariant. Simplifies access to sharedSeg_TCB_p chunks.
|
2022-12-02 14:59:06 -05:00 |
|
Tobias Reinhard
|
eb1cfa53d3
|
Exposed running state macros to VF.
|
2022-12-02 11:54:12 -05:00 |
|
Tobias Reinhard
|
cd3fa4e577
|
Added adaptation of Aalok's and Nathan's single-core proof for uxListRemove
|
2022-12-01 11:47:52 -05:00 |
|
Tobias Reinhard
|
6f782b494a
|
VF start script takes font size as 2nd param
|
2022-12-01 08:01:05 -05:00 |
|
Tobias Reinhard
|
fe5612cf4f
|
Extended lock invariants to justify safe access to ready tasks as well as scheduled task.
|
2022-11-30 15:52:00 -05:00 |
|
Tobias Reinhard
|
78de786d89
|
Expanded lock invariant to give us access to shared segments of all ready TCBs.
|
2022-11-30 11:05:06 -05:00 |
|
Tobias Reinhard
|
e800ebd293
|
Exposed node owners in all predicates related to nodes. Adapted proofs to new predicates.
Changed predicates:
- `xLIST_ITEM`
- `DLS`
- `xLIST`
- `readyLists_p`
- `List_array_p`
|
2022-11-30 09:44:25 -05:00 |
|
Tobias Reinhard
|
70f1041778
|
Added documentation.
|
2022-11-29 15:55:27 -05:00 |
|
Tobias Reinhard
|
22dc5c1287
|
Added proof idea and TODOs. Need to refactor single-core list predicates.
|
2022-11-29 13:53:53 -05:00 |
|
Tobias Reinhard
|
e8b8234416
|
Renamed predicates to comply with naming conventions
|
2022-11-29 09:47:50 -05:00 |
|
Tobias Reinhard
|
014acb9a00
|
Refactored lock predicates to improve readability.
|
2022-11-29 09:37:23 -05:00 |
|
Tobias Reinhard
|
b310efa029
|
Added ready list lemmas.
|
2022-11-29 08:32:32 -05:00 |
|
Tobias Reinhard
|
2048fb85da
|
Commented old opening and closing lemmas out and switched back from Z3 to VF standard SMT solver
|
2022-11-28 12:20:30 -05:00 |
|
Tobias Reinhard
|
bb00bee690
|
Finished proof of DLS_close_2.
|
2022-11-28 09:16:08 -05:00 |
|
Tobias Reinhard
|
1393ae3c34
|
Set up lemma DLS_close_2 in accordance to DLS_open_2. Proved cases relating to empty prefix.
|
2022-11-28 08:44:58 -05:00 |
|
Tobias Reinhard
|
28fb658a59
|
Proved last case in lemma DLS_open_2. Will need to revisit once the lemma's postcondition has been strengtened.
|
2022-11-27 09:29:17 -05:00 |
|
Tobias Reinhard
|
53189c46d4
|
Added new version of DLS opening lemma that reduces case splits in DLS proofs. Proved 3/4 of it.
|
2022-11-26 12:15:34 -05:00 |
|
Tobias Reinhard
|
49af8fd30f
|
Finished verification of iteration updates in prvSelectHighestPriorityTask.
|
2022-11-23 15:18:11 -05:00 |
|
Tobias Reinhard
|
9d1b47c5e5
|
Added lemmas to simplify opening and closing DLS for cases of the form pxTask->pxNext
|
2022-11-23 13:53:10 -05:00 |
|
Tobias Reinhard
|
be9de4d570
|
Added lemma DLS_nonEndItem_next_close to help closing DLS opened with DLS_nonEndItem_next_open.
|
2022-11-23 11:28:27 -05:00 |
|
Tobias Reinhard
|
9e3ea9016e
|
Added lemma DLS_end_next_close to help closing DLS opened with DLS_end_next_open
|
2022-11-23 08:31:07 -05:00 |
|
Tobias Reinhard
|
5e2f51caa8
|
Reformatted lemma proofs to improve readability.
|
2022-11-22 13:26:26 -05:00 |
|
Tobias Reinhard
|
397cb12abb
|
Added lemmas to reason about updates to pointers in the ready list of the form pxTaskItem = pxTaskItem->pxNext
|
2022-11-22 13:08:22 -05:00 |
|
Tobias Reinhard
|
f7e537a19f
|
Restructured proof.
New proof opens the DLS predicate to justify accesses to `pxTaskItem->next` and proves that `pxTaskItem->next` points to a valid list item.
|
2022-11-22 10:10:41 -05:00 |
|
Tobias Reinhard
|
2fd6bcc2d7
|
Updated predicate xLIST_ITEM to jeep up with breaking VF change.
VeriFast now ensures that no uninitialised values are read. `x |-> _` is interpreted as "uninitialised", `x |-> ?v` is interpreted as "initialised".
|
2022-11-22 07:14:21 -05:00 |
|
Tobias Reinhard
|
3fee2ec01f
|
Added more DLS lemmas.
|
2022-11-21 08:16:28 -05:00 |
|
Tobias Reinhard
|
5cf8b4ed1c
|
Added shared global variable xSchedulerRunning to task-isr lock invariant.
|
2022-11-21 08:06:19 -05:00 |
|
Tobias Reinhard
|
81355bc42f
|
Added DLS lemmas related tosplit.
|
2022-11-21 08:05:32 -05:00 |
|
Tobias Reinhard
|
5b6a92f023
|
Added TODO
|
2022-11-18 16:47:47 -05:00 |
|
Tobias Reinhard
|
cf65065a0c
|
Used single-core list predicate xLIST to express access permissions to ready lists in readyLists_p.
|
2022-11-18 16:27:38 -05:00 |
|
Tobias Reinhard
|
b1fc658413
|
Added single-core list predicates and proofs. Most proofs are commented out for the moment.
|
2022-11-18 15:38:32 -05:00 |
|
Tobias Reinhard
|
f5c0a64f86
|
Made isr lock predicate abstract.
|
2022-11-18 14:31:37 -05:00 |
|
Tobias Reinhard
|
02e019fe45
|
Highlighted that reused list proofs assume single-core setting.
|
2022-11-18 13:46:43 -05:00 |
|
Tobias Reinhard
|
c9e61fce49
|
Introduced initial formulation of predicate to capture shared ready lists.
|
2022-11-18 09:22:31 -05:00 |
|
Tobias Reinhard
|
6dcaef48d6
|
Added loop invariant to main search loop in prvSelectHighestPriorityTask.
|
2022-11-17 14:24:44 -05:00 |
|
Tobias Reinhard
|
fb01980b63
|
Verified new contract for xTaskGetCurrentTaskHandle.
|
2022-11-17 12:08:38 -05:00 |
|
Tobias Reinhard
|
d3bda01f16
|
Verified macro taskCHECK_FOR_STACK_OVERFLOW.
|
2022-11-17 09:20:21 -05:00 |
|
Tobias Reinhard
|
c3c350f8dc
|
vTaskSwitchContext now has access to the current task's stack.
|
2022-11-16 15:31:49 -05:00 |
|
Tobias Reinhard
|
383a055872
|
taskCHECK_FOR_STACK_OVERFLOW assumes minimal stack size. Updated stack predicate accordingly.
|
2022-11-16 15:30:40 -05:00 |
|
Tobias Reinhard
|
4eb2fa573e
|
Wrote contracts for lock release operations.
|
2022-11-16 14:18:03 -05:00 |
|