len0rd/FreeRTOS-Kernel
1
0
Fork 0
mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git synced 2025-10-15 09:17:44 -04:00
Code Issues Projects Releases Packages Wiki Activity
FreeRTOS-Kernel/FreeRTOS/Test/VeriFast/queue
History
Nathan Chong 4f87f485d5
Update VeriFast proofs (#836) 
* Undo syntax changes preventing VeriFast parsing

* Update proofs inline with source changes

Outstanding:
  - xQueueGenericReset return code
  - Not using prvIncrementQueueTxLock or prvIncrementQueueRxLock macros

* Remove git hash check

* Document new changes between proven code and implementation

* Update copyright header

* VeriFast proofs: turn off uncrustify checks

Uncrustify requires formatting of comments that is at odds with VeriFast's
proof annotations, which are contained within comments.

* Update ci.yml

Co-authored-by: Joseph Julicher <jjulicher@mac.com>
Co-authored-by: Aniruddha Kanhere <60444055+AniruddhaKanhere@users.noreply.github.com>
2022-10-27 14:54:38 -07:00
..
create.c Update VeriFast proofs (#836) 2022-10-27 14:54:38 -07:00
prvCopyDataFromQueue.c Update VeriFast proofs (#836) 2022-10-27 14:54:38 -07:00
prvCopyDataToQueue.c Update VeriFast proofs (#836) 2022-10-27 14:54:38 -07:00
prvIsQueueEmpty.c Update VeriFast proofs (#836) 2022-10-27 14:54:38 -07:00
prvIsQueueFull.c Update VeriFast proofs (#836) 2022-10-27 14:54:38 -07:00
prvLockQueue.c Update VeriFast proofs (#836) 2022-10-27 14:54:38 -07:00
prvUnlockQueue.c Update VeriFast proofs (#836) 2022-10-27 14:54:38 -07:00
README.md Prove buffer lemmas (#124) 2020-07-21 09:51:20 -07:00
uxQueueMessagesWaiting.c Update VeriFast proofs (#836) 2022-10-27 14:54:38 -07:00
uxQueueSpacesAvailable.c Update VeriFast proofs (#836) 2022-10-27 14:54:38 -07:00
vQueueDelete.c Update VeriFast proofs (#836) 2022-10-27 14:54:38 -07:00
xQueueGenericSend.c Update VeriFast proofs (#836) 2022-10-27 14:54:38 -07:00
xQueueGenericSendFromISR.c Update VeriFast proofs (#836) 2022-10-27 14:54:38 -07:00
xQueueIsQueueEmptyFromISR.c Update VeriFast proofs (#836) 2022-10-27 14:54:38 -07:00
xQueueIsQueueFullFromISR.c Update VeriFast proofs (#836) 2022-10-27 14:54:38 -07:00
xQueuePeek.c Update VeriFast proofs (#836) 2022-10-27 14:54:38 -07:00
xQueuePeekFromISR.c Update VeriFast proofs (#836) 2022-10-27 14:54:38 -07:00
xQueueReceive.c Update VeriFast proofs (#836) 2022-10-27 14:54:38 -07:00
xQueueReceiveFromISR.c Update VeriFast proofs (#836) 2022-10-27 14:54:38 -07:00

README.md

FreeRTOS queue proofs

In the queue predicates and proofs we use the following variable names.

  • Storage : The concrete queue storage of N*M bytes. The buffer predicate, defined in include/proof/queue.h allows us to treat the storage as a list contents of N items, each of which is M bytes.
  • N : queue length (i.e., the maximum number of items the queue can store)
  • M : size in bytes of each element
  • W : logical index of the write pointer, necessarily between 0..(N-1) such that the write pointer pcWriteTo == Storage + W * M.
  • R : logical index of the read pointer, necessarily between 0..(N-1) such that the read pointer pcReadFrom == Storage + R * M.
  • K : number of items currently in the queue corresponding to uxMessagesWaiting

The queue predicate, defined in include/proof/queue.h, relates the concrete queue storage to an abstract list abs of K items. More precisely, the key queue invariant is:

abs == take(K, rotate_left((R+1)%N, contents)) &*&
W == (R + 1 + K) % N

where (R+1)%N is the front of the queue, W is the back of the queue, rotate_left allows for the wraparound of queue storage, and take gives the first K elements.