Skip to content

Commit

Permalink
Applies malloc flags across all CBMC proofs (#619)
Browse files Browse the repository at this point in the history
* Updated proofs harnesses for aws_cryptosdk_rsa_encrypt and decrypt (#603)

* Make c-common a submodule for verification, and update the CBMC makefile to point at it

* Update c-common to latest, and update the makefile to match

* fixed keyring_trace_add_record_buf and keyring_on_encrypt

* push c-common again, and fix makefile for aws_gcm_decypt

* Updated harneses with explicit non-NULL assumptions to handle may-fail-malloc flag

Added preconditions to source code

* Use new string allocators and add matching preconditions to harness

Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>

* Updates to aws_atomic_var_is_valid and aws_cryptosdk_keyring_base_init harness (#607)

* Make c-common a submodule for verification, and update the CBMC makefile to point at it

* Update c-common to latest, and update the makefile to match

* fixed keyring_trace_add_record_buf and keyring_on_encrypt

* push c-common again, and fix makefile for aws_gcm_decypt

* Added non-NULL assumptions to keyring_base_init harness for vtable name

modified aws_atomic_var_is_valid check

Fixed IMPLIES structure of assume

Fix comment structure in cmm_base_init harness

aws_atomic_var_is_valid divided into two functions, one for int and one for ptr, preconditions added to source code

Updated Makefile to include MAX_STRING_LEN

update to keyring_on_encrypt and keyring_on_decrypt proof harnesses

* Added the ensure_vtable_has_allocated_members function

* Use ensures function in the harness as well as bounded malloc

* removed unneeded assumption on refcount.value

* Removed stubs from Makefile

* use malloc and ensure_vtable_has_allocated_members

* Use new ensure_nondet_allocate_vtable_members function

* Made two vtable allocator functions, for keyring_trace and cmm

Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>

* Update harness for aws_cryptosdk_enc_ctx_clone (#611)

* Make c-common a submodule for verification, and update the CBMC makefile to point at it

* Update c-common to latest, and update the makefile to match

* fixed keyring_trace_add_record_buf and keyring_on_encrypt

* push c-common again, and fix makefile for aws_gcm_decypt

* Update enc_ctx_clone harness and Makefile, additional assumptions, needs new stubs from aws-c-common

* Updated harness to use malloc

* update time in Makefile and remove unneeded assumptions

Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>

* Update to aws_cryptosdk_enc_ctx_size proof (#608)

* Make c-common a submodule for verification, and update the CBMC makefile to point at it

* Update c-common to latest, and update the makefile to match

* fixed keyring_trace_add_record_buf and keyring_on_encrypt

* push c-common again, and fix makefile for aws_gcm_decypt

* Updated harness for enc_ctx_size and added non-NULL assumptions

* Malloc data structures and then assume non-NULL

* Use aws_string_is_valid and added preconditions to source code

* Updated conditions in the function to asserts

* include missing assert header

* size becomes *size

Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>

* Update CBMC harnesses for aws_cryptosdk_enc_ctx_serialize, aws_cryptosdk_sig_sign_start and aws_cryptosdk_sig_get_privkey (#606)

* Make c-common a submodule for verification, and update the CBMC makefile to point at it

* Update c-common to latest, and update the makefile to match

* fixed keyring_trace_add_record_buf and keyring_on_encrypt

* push c-common again, and fix makefile for aws_gcm_decypt

* Simple cleanup of sig_get_privkey harness

Added explicit non-NULL instructions to sig_sign_start harness

Added explicit non-NULL assumptions to the key and value fiends of each array_list_element in enc_ctx_serialize harness

Added corresponding preconditions to source code functions

* Added ensure_sig_ctx_has_allocated_members function and harness updates

* Updated preconditions in the source code

* Updated other harnesses to use the new ensure_sig_ctx_has_allocated_members function

* Use malloc

* rename of ensure_sig_ctx_has_allocated_members function

* change function name

* Update to aws_cryptosdk_dec_materials_destroy and enc_material_destroy harnesses

* fixes

* Added precondition to source code

* remove memory leak check from Makefile

remove memory clean up

moved assumptions about non-NULL elems

remove memory leak check from .yaml

Added comment about non-NULL assumption in hash_elems

* Removed too strong assumption about privkey

Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>

* Updates aws_cryptosdk_keyring_trace_copy_all proof  (#609)

* Make c-common a submodule for verification, and update the CBMC makefile to point at it

* Update c-common to latest, and update the makefile to match

* fixed keyring_trace_add_record_buf and keyring_on_encrypt

* push c-common again, and fix makefile for aws_gcm_decypt

* Updated harness for keyring_trace_copy_all to handle new malloc-may-fail flag

Added new ensure_trace_has_readable_records function

Updated Makefile with loop unwinding

Added preconditions to source code

update to new c-common

revert to old aws-c-common

* Use malloc instead of can-fail

* update to recent c common to see if proof will go through CI

* use the aws_cryptosdk_keyring_trace_is_valid function and update yaml

* remove extra function from make_common_datastructures

Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>

* Update aws_cryptodsk_sig_verify_start and aws_cryptodsk_sig_verify_finish harnesses (#602)

* Make c-common a submodule for verification, and update the CBMC makefile to point at it

* Updated assumptions in proof harnesses to handle malloc-may-fail

Updated preconditions in source code to match those in harness

* updates and use the ensure_sig_ctx_has_allocated_members function

* Added is_valid assumptions to source code

* update signature

* Simple cleanup of sig_get_privkey harness

Added explicit non-NULL instructions to sig_sign_start harness

Added explicit non-NULL assumptions to the key and value fiends of each array_list_element in enc_ctx_serialize harness

Added corresponding preconditions to source code functions

* Added ensure_sig_ctx_has_allocated_members function and harness updates

* Updated preconditions in the source code

* Remove un-needed assumptions

Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>

* Update harnesses for keyring_trace_add_record, keyring_trace_add_record_c_str and aws_cryptosdk_keyring_trace_record_init_clone (#604)

* Make c-common a submodule for verification, and update the CBMC makefile to point at it

* Update c-common to latest, and update the makefile to match

* fixed keyring_trace_add_record_buf and keyring_on_encrypt

* push c-common again, and fix makefile for aws_gcm_decypt

* Update harnesses with non-NULL assumptions on strings

Added non-NULL assumptions on strings to harness

* Updated harnesses to use is_valid assumptions, new c-common allocation functions and matched preconditions in the source code

* Use ensure_string_is_allocated_nondet_length for record_init_clone and assumption on length

* Fixed changes to ensure_record_has_allocated_members

* Fixed broken proofs due to changes in c-common not addressed in other PRs

* update harness for string_dup and compare_hash_elems_by_key_string

* Update to c-common

Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>

* Update harness for edk_list_copy_all (#610)

* Make c-common a submodule for verification, and update the CBMC makefile to point at it

* Update c-common to latest, and update the makefile to match

* fixed keyring_trace_add_record_buf and keyring_on_encrypt

* push c-common again, and fix makefile for aws_gcm_decypt

* Added the ensure_cryptosdk_edk_list_elements_are_readable function

Updated edk_list_copy_all harness with assumptions for the malloc-may-fail flag

Added to unwindset

Added preconditions to source code

* use malloc

* Update to use aws_cryptosdk_edk_list_elements_are_valid

Updated signature for clean up and init stubs

Updated signature for clean up and init stubs

add yaml

Update signature for clean_up and init_clone

* Update Makefile

* Update to new c-common and remove un-needed function

* set NUM_ELEMS to 1 just to test

* Stub out aws_array_list_push_back and aws_array_list_pop_back

* Updated time comment in Makefile

Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>

* Update Makefile.common with malloc-may-fail and malloc-fail-null (#618)

* Removes extra flags from coverage check (#617)

Signed-off-by: Felipe R. Monteiro <[email protected]>

* Improves coverage for the aws_cryptosdk_md_* proofs  (#616)

* Added READMEs documenting expected coverage for aws_cryptosdk_md_update and aws_cryptosdk_md_abort

* Added stubs for EVP_MD_CTX_free and evp_md_ctx_is_valid to be used when ctx->pkey is sure to be NULL

* Updated Makefile to use new stubs for EVP_MD_XTX_free and evp_md_ctx_is_valid to improve coverage

* Updated README.md files with new expected coverage

* Use AWS_FATAL_PRECONDITION instead of abort

* Updated Makefiles with stubs for aws_raise_error_private, EVP_MD_CTX_free and evp_md_ctx_is_valid

* Added README files specifying expected coverage behavior

* Empty commit to run tests

* Empty commit to run tests

* More descriptive names for stubs and added documentation to Makefile

* Added additional documentation to Makefile and updated stub names

* Added more information about unreached lines of code

* Moved struct definitions for evp_md_ctx_st and evp_pkey_st to evp.h

* Use AWS_FATAL_PRECONDITION instead of abort

* Updated Makefiles with stubs for aws_raise_error_private, EVP_MD_CTX_free and evp_md_ctx_is_valid

* Added README files specifying expected coverage behavior

* Added additional documentation to Makefile and updated stub names

* Added more information about unreached lines of code

* Re-ordered structs in evp.h and fixed comments

* remove extra line

* Removed unneeded includes and cleaned comments

* made pkey == NULL into an assert

* Remove unnecessary READMEs for proofs with full coverage

* Added comments about abstractions and removed REMOVE_FUNCTION_BODIES

* Use AWS_FATAL_PRECONDITION instead of abort

* Updated Makefiles with stubs for aws_raise_error_private, EVP_MD_CTX_free and evp_md_ctx_is_valid

* Added README files specifying expected coverage behavior

* Added additional documentation to Makefile and updated stub names

* Added more information about unreached lines of code

* Removed extra line in Makefiles

* Remove README for function with full coverage

* Removed redition of struct from stubs

* empty commit to rerun tests

* Simplified includes for stubs

* Trigger CI

* Trigger stuck CI

Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>
Co-authored-by: Felipe R. Monteiro <[email protected]>

* Make c-common a submodule for verification, and update the CBMC makefile to point at it

* Updated proofs harnesses for aws_cryptosdk_rsa_encrypt and decrypt (#603)

* Make c-common a submodule for verification, and update the CBMC makefile to point at it

* Update c-common to latest, and update the makefile to match

* fixed keyring_trace_add_record_buf and keyring_on_encrypt

* push c-common again, and fix makefile for aws_gcm_decypt

* Updated harneses with explicit non-NULL assumptions to handle may-fail-malloc flag

Added preconditions to source code

* Use new string allocators and add matching preconditions to harness

Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>

* Updates to aws_atomic_var_is_valid and aws_cryptosdk_keyring_base_init harness (#607)

* Make c-common a submodule for verification, and update the CBMC makefile to point at it

* Update c-common to latest, and update the makefile to match

* fixed keyring_trace_add_record_buf and keyring_on_encrypt

* push c-common again, and fix makefile for aws_gcm_decypt

* Added non-NULL assumptions to keyring_base_init harness for vtable name

modified aws_atomic_var_is_valid check

Fixed IMPLIES structure of assume

Fix comment structure in cmm_base_init harness

aws_atomic_var_is_valid divided into two functions, one for int and one for ptr, preconditions added to source code

Updated Makefile to include MAX_STRING_LEN

update to keyring_on_encrypt and keyring_on_decrypt proof harnesses

* Added the ensure_vtable_has_allocated_members function

* Use ensures function in the harness as well as bounded malloc

* removed unneeded assumption on refcount.value

* Removed stubs from Makefile

* use malloc and ensure_vtable_has_allocated_members

* Use new ensure_nondet_allocate_vtable_members function

* Made two vtable allocator functions, for keyring_trace and cmm

Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>

* Update harness for aws_cryptosdk_enc_ctx_clone (#611)

* Make c-common a submodule for verification, and update the CBMC makefile to point at it

* Update c-common to latest, and update the makefile to match

* fixed keyring_trace_add_record_buf and keyring_on_encrypt

* push c-common again, and fix makefile for aws_gcm_decypt

* Update enc_ctx_clone harness and Makefile, additional assumptions, needs new stubs from aws-c-common

* Updated harness to use malloc

* update time in Makefile and remove unneeded assumptions

Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>

* Update to aws_cryptosdk_enc_ctx_size proof (#608)

* Make c-common a submodule for verification, and update the CBMC makefile to point at it

* Update c-common to latest, and update the makefile to match

* fixed keyring_trace_add_record_buf and keyring_on_encrypt

* push c-common again, and fix makefile for aws_gcm_decypt

* Updated harness for enc_ctx_size and added non-NULL assumptions

* Malloc data structures and then assume non-NULL

* Use aws_string_is_valid and added preconditions to source code

* Updated conditions in the function to asserts

* include missing assert header

* size becomes *size

Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>

* Update CBMC harnesses for aws_cryptosdk_enc_ctx_serialize, aws_cryptosdk_sig_sign_start and aws_cryptosdk_sig_get_privkey (#606)

* Make c-common a submodule for verification, and update the CBMC makefile to point at it

* Update c-common to latest, and update the makefile to match

* fixed keyring_trace_add_record_buf and keyring_on_encrypt

* push c-common again, and fix makefile for aws_gcm_decypt

* Simple cleanup of sig_get_privkey harness

Added explicit non-NULL instructions to sig_sign_start harness

Added explicit non-NULL assumptions to the key and value fiends of each array_list_element in enc_ctx_serialize harness

Added corresponding preconditions to source code functions

* Added ensure_sig_ctx_has_allocated_members function and harness updates

* Updated preconditions in the source code

* Updated other harnesses to use the new ensure_sig_ctx_has_allocated_members function

* Use malloc

* rename of ensure_sig_ctx_has_allocated_members function

* change function name

* Update to aws_cryptosdk_dec_materials_destroy and enc_material_destroy harnesses

* fixes

* Added precondition to source code

* remove memory leak check from Makefile

remove memory clean up

moved assumptions about non-NULL elems

remove memory leak check from .yaml

Added comment about non-NULL assumption in hash_elems

* Removed too strong assumption about privkey

Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>

* Updates aws_cryptosdk_keyring_trace_copy_all proof  (#609)

* Make c-common a submodule for verification, and update the CBMC makefile to point at it

* Update c-common to latest, and update the makefile to match

* fixed keyring_trace_add_record_buf and keyring_on_encrypt

* push c-common again, and fix makefile for aws_gcm_decypt

* Updated harness for keyring_trace_copy_all to handle new malloc-may-fail flag

Added new ensure_trace_has_readable_records function

Updated Makefile with loop unwinding

Added preconditions to source code

update to new c-common

revert to old aws-c-common

* Use malloc instead of can-fail

* update to recent c common to see if proof will go through CI

* use the aws_cryptosdk_keyring_trace_is_valid function and update yaml

* remove extra function from make_common_datastructures

Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>

* Update aws_cryptodsk_sig_verify_start and aws_cryptodsk_sig_verify_finish harnesses (#602)

* Make c-common a submodule for verification, and update the CBMC makefile to point at it

* Updated assumptions in proof harnesses to handle malloc-may-fail

Updated preconditions in source code to match those in harness

* updates and use the ensure_sig_ctx_has_allocated_members function

* Added is_valid assumptions to source code

* update signature

* Simple cleanup of sig_get_privkey harness

Added explicit non-NULL instructions to sig_sign_start harness

Added explicit non-NULL assumptions to the key and value fiends of each array_list_element in enc_ctx_serialize harness

Added corresponding preconditions to source code functions

* Added ensure_sig_ctx_has_allocated_members function and harness updates

* Updated preconditions in the source code

* Remove un-needed assumptions

Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>

* Update Makefile.common with -malloc-may-fail and ---malloc-fail-null flags

* Update harnesses for keyring_trace_add_record, keyring_trace_add_record_c_str and aws_cryptosdk_keyring_trace_record_init_clone (#604)

* Make c-common a submodule for verification, and update the CBMC makefile to point at it

* Update c-common to latest, and update the makefile to match

* fixed keyring_trace_add_record_buf and keyring_on_encrypt

* push c-common again, and fix makefile for aws_gcm_decypt

* Update harnesses with non-NULL assumptions on strings

Added non-NULL assumptions on strings to harness

* Updated harnesses to use is_valid assumptions, new c-common allocation functions and matched preconditions in the source code

* Use ensure_string_is_allocated_nondet_length for record_init_clone and assumption on length

* Fixed changes to ensure_record_has_allocated_members

* Fixed broken proofs due to changes in c-common not addressed in other PRs

* update harness for string_dup and compare_hash_elems_by_key_string

* Update to c-common

Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>

* Update harness for edk_list_copy_all (#610)

* Make c-common a submodule for verification, and update the CBMC makefile to point at it

* Update c-common to latest, and update the makefile to match

* fixed keyring_trace_add_record_buf and keyring_on_encrypt

* push c-common again, and fix makefile for aws_gcm_decypt

* Added the ensure_cryptosdk_edk_list_elements_are_readable function

Updated edk_list_copy_all harness with assumptions for the malloc-may-fail flag

Added to unwindset

Added preconditions to source code

* use malloc

* Update to use aws_cryptosdk_edk_list_elements_are_valid

Updated signature for clean up and init stubs

Updated signature for clean up and init stubs

add yaml

Update signature for clean_up and init_clone

* Update Makefile

* Update to new c-common and remove un-needed function

* set NUM_ELEMS to 1 just to test

* Stub out aws_array_list_push_back and aws_array_list_pop_back

* Updated time comment in Makefile

Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>

* Pushing new yamls and updating Makefile

* Update Makefiles for enc_materials_new and dec_materials_new and harness for enc_ctx_deserialize

* update c-common

Co-authored-by: Felipe R. Monteiro <[email protected]>
Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>
Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>

Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>
Co-authored-by: Felipe R. Monteiro <[email protected]>
Co-authored-by: Daniel Schwartz-Narbonne <[email protected]>
  • Loading branch information
4 people authored and karkhaz committed Nov 12, 2020
1 parent 7b7a2fc commit 408edb6
Show file tree
Hide file tree
Showing 121 changed files with 450 additions and 325 deletions.
2 changes: 1 addition & 1 deletion .cbmc-batch/aws-c-common
Submodule aws-c-common updated 64 files
+2 −2 .gitmodules
+3 −1 README.md
+7 −10 include/aws/common/assert.h
+0 −1 source/byte_buf.c
+0 −1 verification/cbmc/aws-templates-for-cbmc-proofs
+1 −1 verification/cbmc/include/README.md
+10 −3 verification/cbmc/include/proof_helpers/make_common_data_structures.h
+1 −1 verification/cbmc/proofs/Makefile.common
+1 −1 verification/cbmc/proofs/README.md
+2 −2 verification/cbmc/proofs/aws_array_eq_c_str/aws_array_eq_c_str_harness.c
+2 −2 verification/cbmc/proofs/aws_array_eq_c_str_ignore_case/aws_array_eq_c_str_ignore_case_harness.c
+5 −2 verification/cbmc/proofs/aws_array_list_comparator_string/aws_array_list_comparator_string_harness.c
+1 −0 verification/cbmc/proofs/aws_array_list_init_static/aws_array_list_init_static_harness.c
+2 −1 verification/cbmc/proofs/aws_byte_buf_eq_c_str/aws_byte_buf_eq_c_str_harness.c
+2 −1 verification/cbmc/proofs/aws_byte_buf_eq_c_str_ignore_case/aws_byte_buf_eq_c_str_ignore_case_harness.c
+4 −1 verification/cbmc/proofs/aws_byte_buf_from_array/aws_byte_buf_from_array_harness.c
+1 −1 verification/cbmc/proofs/aws_byte_buf_from_c_str/aws_byte_buf_from_c_str_harness.c
+1 −1 verification/cbmc/proofs/aws_byte_buf_reserve/aws_byte_buf_reserve_harness.c
+1 −1 verification/cbmc/proofs/aws_byte_buf_reserve_relative/aws_byte_buf_reserve_relative_harness.c
+2 −1 verification/cbmc/proofs/aws_byte_buf_write/aws_byte_buf_write_harness.c
+1 −1 verification/cbmc/proofs/aws_byte_buf_write_from_whole_string/aws_byte_buf_write_from_whole_string_harness.c
+2 −1 verification/cbmc/proofs/aws_byte_cursor_eq_c_str/aws_byte_cursor_eq_c_str_harness.c
+2 −1 verification/cbmc/proofs/aws_byte_cursor_eq_c_str_ignore_case/aws_byte_cursor_eq_c_str_ignore_case_harness.c
+4 −1 verification/cbmc/proofs/aws_byte_cursor_from_array/aws_byte_cursor_from_array_harness.c
+1 −1 verification/cbmc/proofs/aws_byte_cursor_from_c_str/aws_byte_cursor_from_c_str_harness.c
+2 −1 verification/cbmc/proofs/aws_byte_cursor_from_string/aws_byte_cursor_from_string_harness.c
+3 −1 verification/cbmc/proofs/aws_hash_c_string/aws_hash_c_string_harness.c
+4 −0 verification/cbmc/proofs/aws_hash_callback_c_str_eq/aws_hash_callback_c_str_eq_harness.c
+4 −1 verification/cbmc/proofs/aws_hash_callback_string_destroy/aws_hash_callback_string_destroy_harness.c
+6 −2 verification/cbmc/proofs/aws_hash_callback_string_eq/aws_hash_callback_string_eq_harness.c
+3 −5 verification/cbmc/proofs/aws_hash_iter_delete/Makefile
+3 −1 verification/cbmc/proofs/aws_hash_iter_delete/aws_hash_iter_delete_harness.c
+0 −1 verification/cbmc/proofs/aws_hash_iter_done/aws_hash_iter_done_harness.c
+0 −1 verification/cbmc/proofs/aws_hash_iter_next/aws_hash_iter_next_harness.c
+7 −7 verification/cbmc/proofs/aws_hash_string/aws_hash_string_harness.c
+0 −1 verification/cbmc/proofs/aws_hash_table_clean_up/aws_hash_table_clean_up_harness.c
+0 −1 verification/cbmc/proofs/aws_hash_table_create/aws_hash_table_create_harness.c
+2 −3 verification/cbmc/proofs/aws_hash_table_remove/Makefile
+2 −1 verification/cbmc/proofs/aws_priority_queue_init_static/aws_priority_queue_init_static_harness.c
+1 −0 verification/cbmc/proofs/aws_string_bytes/aws_string_bytes_harness.c
+4 −2 verification/cbmc/proofs/aws_string_compare/aws_string_compare_harness.c
+2 −1 verification/cbmc/proofs/aws_string_destroy/aws_string_destroy_harness.c
+22 −11 verification/cbmc/proofs/aws_string_destroy_secure/aws_string_destroy_secure_harness.c
+4 −2 verification/cbmc/proofs/aws_string_eq/aws_string_eq_harness.c
+2 −1 verification/cbmc/proofs/aws_string_eq_byte_buf/aws_string_eq_byte_buf_harness.c
+2 −1 verification/cbmc/proofs/aws_string_eq_byte_buf_ignore_case/aws_string_eq_byte_buf_ignore_case_harness.c
+2 −1 verification/cbmc/proofs/aws_string_eq_byte_cursor/aws_string_eq_byte_cursor_harness.c
+2 −1 verification/cbmc/proofs/aws_string_eq_byte_cursor_ignore_case/aws_string_eq_byte_cursor_ignore_case_harness.c
+3 −2 verification/cbmc/proofs/aws_string_eq_c_str/aws_string_eq_c_str_harness.c
+3 −2 verification/cbmc/proofs/aws_string_eq_c_str_ignore_case/aws_string_eq_c_str_ignore_case_harness.c
+4 −3 verification/cbmc/proofs/aws_string_eq_ignore_case/aws_string_eq_ignore_case_harness.c
+4 −2 verification/cbmc/proofs/aws_string_new_from_array/aws_string_new_from_array_harness.c
+5 −1 verification/cbmc/proofs/aws_string_new_from_c_str/aws_string_new_from_c_str_harness.c
+1 −0 verification/cbmc/proofs/aws_string_new_from_string/aws_string_new_from_string_harness.c
+1 −1 verification/cbmc/proofs/prepare.py
+1 −1 verification/cbmc/sources/README.md
+31 −17 verification/cbmc/sources/make_common_data_structures.c
+4 −1 verification/cbmc/sources/proof_allocators.c
+1 −1 verification/cbmc/stubs/README.md
+10 −7 verification/cbmc/stubs/aws_hash_table_no_slots_override.c
+4 −4 verification/cbmc/stubs/aws_string_new_from_array_override.c
+8 −2 verification/cbmc/stubs/hash_table_generators.c
+32 −0 verification/cbmc/stubs/s_remove_entry_override.c
+1 −0 verification/cbmc/templates
6 changes: 5 additions & 1 deletion .cbmc-batch/include/make_common_data_structures.h
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ void ensure_alg_properties_attempt_allocation(struct aws_cryptosdk_alg_propertie
void ensure_md_context_has_allocated_members(struct aws_cryptosdk_md_context *ctx);

/* Allocates the members of the context and ensures that internal pointers are pointing to the correct objects. */
void ensure_sig_ctx_has_allocated_members(struct aws_cryptosdk_sig_ctx *ctx);
struct aws_cryptosdk_sig_ctx *ensure_nondet_sig_ctx_has_allocated_members();

bool aws_cryptosdk_edk_list_is_bounded(
const struct aws_array_list *const list, const size_t max_initial_item_allocation);
Expand All @@ -47,3 +47,7 @@ void ensure_trace_has_allocated_records(struct aws_array_list *trace, size_t max
/* Non-deterministically allocates a aws_cryptosdk_keyring structure */
void ensure_cryptosdk_keyring_has_allocated_members(
struct aws_cryptosdk_keyring *keyring, const struct aws_cryptosdk_keyring_vt *vtable);
/* Non-deterministically allocates a aws_cryptosdk_keyring_vt structure with a valid name*/
void ensure_nondet_allocate_keyring_vtable_members(struct aws_cryptosdk_keyring_vt *vtable, size_t max_len);
/* Non-deterministically allocates a aws_cryptosdk_cmm_vt structure with a valid name*/
void ensure_nondet_allocate_cmm_vtable_members(struct aws_cryptosdk_cmm_vt *vtable, size_t max_len);
4 changes: 3 additions & 1 deletion .cbmc-batch/jobs/Makefile.common
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,8 @@ CHECKFLAGS += --signed-overflow-check
CHECKFLAGS += --undefined-shift-check
CHECKFLAGS += --unsigned-overflow-check
CHECKFLAGS += --unwinding-assertions
CHECKFLAGS += --malloc-may-fail
CHECKFLAGS += --malloc-fail-null

CBMCFLAGS += $(CHECKFLAGS)

Expand Down Expand Up @@ -276,7 +278,7 @@ property.xml: $(ENTRY).goto
cbmc $(CBMCFLAGS) --show-properties --xml-ui $< 2>&1 > $@

coverage.xml: $(ENTRY).goto
cbmc $(filter-out $(CHECKFLAGS),$(CBMCFLAGS)) --cover location --xml-ui $< 2>&1 > $@
cbmc $(filter-out $(CHECKFLAGS),$(CBMCFLAGS)) --malloc-may-fail --malloc-fail-null --cover location --xml-ui $< 2>&1 > $@

cbmc: cbmc.log

Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
jobos: ubuntu16
cbmcflags: "--bounds-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwind;1;--unwinding-assertions;--unwindset;flush_openssl_errors.0:1;--object-bits;8"
goto: aws_cryptosdk_aes_gcm_decrypt_harness.goto
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--pointer-primitive-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwinding-assertions;--malloc-may-fail;--malloc-fail-null;--unwind;1;--unwindset;flush_openssl_errors.0:1;--object-bits;8"
expected: "SUCCESSFUL"
goto: aws_cryptosdk_aes_gcm_decrypt_harness.goto
jobos: ubuntu16
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
jobos: ubuntu16
cbmcflags: "--bounds-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwind;1;--unwinding-assertions;--unwindset;flush_openssl_errors.0:1;--object-bits;8"
goto: aws_cryptosdk_aes_gcm_encrypt_harness.goto
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--pointer-primitive-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwinding-assertions;--malloc-may-fail;--malloc-fail-null;--unwind;1;--unwindset;flush_openssl_errors.0:1;--object-bits;8"
expected: "SUCCESSFUL"
goto: aws_cryptosdk_aes_gcm_encrypt_harness.goto
jobos: ubuntu16
2 changes: 1 addition & 1 deletion .cbmc-batch/jobs/aws_cryptosdk_alg_props/cbmc-batch.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
cbmcflags: "--flush;--bounds-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwind;1;--unwinding-assertions;--object-bits;8"
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--pointer-primitive-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwinding-assertions;--malloc-may-fail;--malloc-fail-null;--object-bits;8"
expected: "SUCCESSFUL"
goto: aws_cryptosdk_alg_props_harness.goto
jobos: ubuntu16
Original file line number Diff line number Diff line change
Expand Up @@ -17,16 +17,23 @@
*/

#include <aws/cryptosdk/materials.h>
#include <proof_helpers/cryptosdk/make_common_data_structures.h>
#include <make_common_data_structures.h>
#include <proof_helpers/make_common_data_structures.h>
#include <proof_helpers/proof_allocators.h>
#include <proof_helpers/utils.h>

void aws_cryptosdk_cmm_base_init_harness() {
/* Nondet input */
struct aws_cryptosdk_cmm cmm;
const struct aws_cryptosdk_cmm_vt vtable;
*(char **)(&vtable.name) = ensure_c_str_is_allocated(SIZE_MAX);

/* Assumptions */
ensure_nondet_allocate_cmm_vtable_members(&vtable, SIZE_MAX);
__CPROVER_assume(aws_cryptosdk_cmm_vtable_is_valid(&vtable));

/* Operation under verification */
aws_cryptosdk_cmm_base_init(&cmm, &vtable);

/* Post-conditions */
assert(aws_cryptosdk_cmm_base_is_valid(&cmm));
}
6 changes: 3 additions & 3 deletions .cbmc-batch/jobs/aws_cryptosdk_cmm_base_init/cbmc-batch.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
jobos: ubuntu16
cbmcflags: "--bounds-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwind;1;--unwinding-assertions;--object-bits;8"
goto: aws_cryptosdk_cmm_base_init_harness.goto
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--pointer-primitive-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwinding-assertions;--malloc-may-fail;--malloc-fail-null;--object-bits;8"
expected: "SUCCESSFUL"
goto: aws_cryptosdk_cmm_base_init_harness.goto
jobos: ubuntu16
Original file line number Diff line number Diff line change
Expand Up @@ -77,11 +77,8 @@ int decrypt_materials(
__CPROVER_assume(aws_cryptosdk_keyring_trace_is_valid(&materials->keyring_trace));

// Set up the signctx
materials->signctx = can_fail_malloc(sizeof(*materials->signctx));
if (materials->signctx) {
ensure_sig_ctx_has_allocated_members(materials->signctx);
__CPROVER_assume(aws_cryptosdk_sig_ctx_is_valid_cbmc(materials->signctx));
}
materials->signctx = ensure_nondet_sig_ctx_has_allocated_members();
__CPROVER_assume(aws_cryptosdk_sig_ctx_is_valid_cbmc(materials->signctx));

*output = materials;
return AWS_OP_SUCCESS;
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--pointer-primitive-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwind;1;--unwinding-assertions;--unwindset;aws_cryptosdk_edk_list_clear.0:2,aws_cryptosdk_edk_list_elements_are_bounded.0:2,aws_cryptosdk_edk_list_elements_are_valid.0:2,aws_cryptosdk_edk_list_is_bounded.0:2,aws_cryptosdk_edk_list_is_valid.0:2,aws_cryptosdk_keyring_trace_clear.0:2,aws_cryptosdk_keyring_trace_is_valid.0:2,ensure_cryptosdk_edk_list_has_allocated_list_elements.0:2,ensure_cryptosdk_edk_list_has_allocated_members.0:2,ensure_trace_has_allocated_records.0:2;--object-bits;8"
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--pointer-primitive-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwinding-assertions;--malloc-may-fail;--malloc-fail-null;--unwind;1;--unwindset;aws_cryptosdk_edk_list_clear.0:2,aws_cryptosdk_edk_list_elements_are_bounded.0:2,aws_cryptosdk_edk_list_elements_are_valid.0:2,aws_cryptosdk_edk_list_is_bounded.0:2,aws_cryptosdk_edk_list_is_valid.0:2,aws_cryptosdk_keyring_trace_clear.0:2,aws_cryptosdk_keyring_trace_is_valid.0:2,ensure_cryptosdk_edk_list_has_allocated_list_elements.0:2,ensure_cryptosdk_edk_list_has_allocated_members.0:2,ensure_trace_has_allocated_records.0:2;--object-bits;8"
expected: "SUCCESSFUL"
goto: aws_cryptosdk_cmm_decrypt_materials_harness.goto
jobos: ubuntu16
Original file line number Diff line number Diff line change
Expand Up @@ -63,11 +63,8 @@ int generate_enc_materials(
__CPROVER_assume(aws_allocator_is_valid(materials->alloc));

// Set up the signctx
materials->signctx = can_fail_malloc(sizeof(*materials->signctx));
if (materials->signctx) {
ensure_sig_ctx_has_allocated_members(materials->signctx);
__CPROVER_assume(aws_cryptosdk_sig_ctx_is_valid_cbmc(materials->signctx));
}
materials->signctx = ensure_nondet_sig_ctx_has_allocated_members();
__CPROVER_assume(aws_cryptosdk_sig_ctx_is_valid_cbmc(materials->signctx));

// Set up the unencrypted_data_key
__CPROVER_assume(aws_byte_buf_is_bounded(&materials->unencrypted_data_key, MAX_NUM_ITEMS));
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--pointer-primitive-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwind;1;--unwinding-assertions;--unwindset;aws_cryptosdk_edk_list_clear.0:2,aws_cryptosdk_edk_list_elements_are_bounded.0:2,aws_cryptosdk_edk_list_elements_are_valid.0:2,aws_cryptosdk_edk_list_is_bounded.0:2,aws_cryptosdk_edk_list_is_valid.0:2,aws_cryptosdk_keyring_trace_clear.0:2,aws_cryptosdk_keyring_trace_is_valid.0:2,ensure_cryptosdk_edk_list_has_allocated_list_elements.0:2,ensure_cryptosdk_edk_list_has_allocated_members.0:2,ensure_trace_has_allocated_records.0:2;--object-bits;8"
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--pointer-primitive-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwinding-assertions;--malloc-may-fail;--malloc-fail-null;--unwind;1;--unwindset;aws_cryptosdk_edk_list_clear.0:2,aws_cryptosdk_edk_list_elements_are_bounded.0:2,aws_cryptosdk_edk_list_elements_are_valid.0:2,aws_cryptosdk_edk_list_is_bounded.0:2,aws_cryptosdk_edk_list_is_valid.0:2,aws_cryptosdk_keyring_trace_clear.0:2,aws_cryptosdk_keyring_trace_is_valid.0:2,ensure_cryptosdk_edk_list_has_allocated_list_elements.0:2,ensure_cryptosdk_edk_list_has_allocated_members.0:2,ensure_trace_has_allocated_records.0:2;--object-bits;8"
expected: "SUCCESSFUL"
goto: aws_cryptosdk_cmm_generate_enc_materials_harness.goto
jobos: ubuntu16
2 changes: 1 addition & 1 deletion .cbmc-batch/jobs/aws_cryptosdk_cmm_release/cbmc-batch.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
cbmcflags: "--bounds-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwind;1;--unwinding-assertions;--object-bits;8"
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--pointer-primitive-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwinding-assertions;--malloc-may-fail;--malloc-fail-null;--object-bits;8"
expected: "SUCCESSFUL"
goto: aws_cryptosdk_cmm_release_harness.goto
jobos: ubuntu16
6 changes: 3 additions & 3 deletions .cbmc-batch/jobs/aws_cryptosdk_cmm_retain/cbmc-batch.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
jobos: ubuntu16
cbmcflags: "--bounds-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwind;1;--unwinding-assertions;--object-bits;8"
goto: aws_cryptosdk_cmm_retain_harness.goto
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--pointer-primitive-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwinding-assertions;--malloc-may-fail;--malloc-fail-null;--object-bits;8"
expected: "SUCCESSFUL"
goto: aws_cryptosdk_cmm_retain_harness.goto
jobos: ubuntu16
Original file line number Diff line number Diff line change
Expand Up @@ -19,11 +19,13 @@
#include <proof_helpers/utils.h>

struct aws_hash_element *nondet_hash_string_element_allocation(size_t max_size) {
struct aws_hash_element *elem = can_fail_malloc(sizeof(*elem));
struct aws_hash_element *elem = malloc(sizeof(*elem));
if (elem != NULL) {
if (nondet_bool()) {
elem->key = ensure_string_is_allocated_bounded_length(max_size);
__CPROVER_assume(aws_string_is_valid(elem->key));
struct aws_string *key = ensure_string_is_allocated_nondet_length();
__CPROVER_assume(aws_string_is_valid(key));
__CPROVER_assume(key->len <= max_size);
elem->key = key;
} else {
elem->key = NULL;
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwind;1;--unwinding-assertions;--unwindset;memcmp.0:17;--object-bits;8"
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--pointer-primitive-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwinding-assertions;--malloc-may-fail;--malloc-fail-null;--unwindset;memcmp.0:17;--object-bits;8"
expected: "SUCCESSFUL"
goto: aws_cryptosdk_compare_hash_elems_by_key_string_harness.goto
jobos: ubuntu16
Original file line number Diff line number Diff line change
Expand Up @@ -33,11 +33,8 @@ void aws_cryptosdk_dec_materials_destroy_harness() {
__CPROVER_assume(aws_allocator_is_valid(materials->alloc));

// Set up the signctx
materials->signctx = can_fail_malloc(sizeof(*materials->signctx));
if (materials->signctx) {
ensure_sig_ctx_has_allocated_members(materials->signctx);
__CPROVER_assume(aws_cryptosdk_sig_ctx_is_valid_cbmc(materials->signctx));
}
materials->signctx = ensure_nondet_sig_ctx_has_allocated_members();
__CPROVER_assume(aws_cryptosdk_sig_ctx_is_valid_cbmc(materials->signctx));

// Set up the unencrypted_data_key
__CPROVER_assume(aws_byte_buf_is_bounded(&materials->unencrypted_data_key, MAX_NUM_ITEMS));
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--pointer-primitive-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwind;1;--unwinding-assertions;--unwindset;aws_cryptosdk_keyring_trace_is_valid.0:2,ensure_trace_has_allocated_records.0:2,aws_cryptosdk_keyring_trace_clear.0:2;--object-bits;8"
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--pointer-primitive-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwinding-assertions;--malloc-may-fail;--malloc-fail-null;--unwind;1;--unwindset;aws_cryptosdk_keyring_trace_is_valid.0:2,ensure_trace_has_allocated_records.0:2,aws_cryptosdk_keyring_trace_clear.0:2;--object-bits;8"
expected: "SUCCESSFUL"
goto: aws_cryptosdk_dec_materials_destroy_harness.goto
jobos: ubuntu16
2 changes: 2 additions & 0 deletions .cbmc-batch/jobs/aws_cryptosdk_dec_materials_new/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ include ../Makefile.string
#########
# Local vars
# Expected runtime 2min
KEYRING_TRACE_SIZE = 10 # Value is hardcoded in aws_cryptosdk_keyring_trace_init

#########
ABSTRACTIONS += $(SRCDIR)/c-common-helper-stubs/error.c
Expand Down Expand Up @@ -50,5 +51,6 @@ DEPENDENCIES += $(SRCDIR)/c-common-helper-uninline/atomics.c

ENTRY = aws_cryptosdk_dec_materials_new_harness

UNWINDSET += aws_cryptosdk_keyring_trace_is_valid.0:$(shell echo $$(($(KEYRING_TRACE_SIZE) + 1)))
###########
include ../Makefile.common
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--pointer-primitive-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwind;1;--unwinding-assertions;--object-bits;8"
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--pointer-primitive-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwinding-assertions;--malloc-may-fail;--malloc-fail-null;--unwind;1;--unwindset;aws_cryptosdk_keyring_trace_is_valid.0:11;--object-bits;8"
expected: "SUCCESSFUL"
goto: aws_cryptosdk_dec_materials_new_harness.goto
jobos: ubuntu16
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--pointer-primitive-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwind;1;--unwinding-assertions;--unwindset;aws_cryptosdk_decrypt_body.0:5,strlen.0:37;--object-bits;8"
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--pointer-primitive-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwinding-assertions;--malloc-may-fail;--malloc-fail-null;--unwind;1;--unwindset;aws_cryptosdk_decrypt_body.0:5,strlen.0:37;--object-bits;8"
expected: "SUCCESSFUL"
goto: aws_cryptosdk_decrypt_body_harness.goto
jobos: ubuntu16
2 changes: 1 addition & 1 deletion .cbmc-batch/jobs/aws_cryptosdk_derive_key/cbmc-batch.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
cbmcflags: "--flush;--bounds-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwind;1;--unwinding-assertions;--object-bits;8"
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--pointer-primitive-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwinding-assertions;--malloc-may-fail;--malloc-fail-null;--object-bits;8"
expected: "SUCCESSFUL"
goto: aws_cryptosdk_derive_key_harness.goto
jobos: ubuntu16
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
jobos: ubuntu16
cbmcflags: "--bounds-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwind;1;--unwinding-assertions;--object-bits;8"
goto: aws_cryptosdk_deserialize_frame_harness.goto
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--pointer-primitive-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwinding-assertions;--malloc-may-fail;--malloc-fail-null;--object-bits;8"
expected: "SUCCESSFUL"
goto: aws_cryptosdk_deserialize_frame_harness.goto
jobos: ubuntu16
6 changes: 3 additions & 3 deletions .cbmc-batch/jobs/aws_cryptosdk_edk_clean_up/cbmc-batch.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
jobos: ubuntu16
cbmcflags: "--bounds-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwind;1;--unwinding-assertions;--object-bits;8"
goto: aws_cryptosdk_edk_clean_up_harness.goto
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--pointer-primitive-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwinding-assertions;--malloc-may-fail;--malloc-fail-null;--object-bits;8"
expected: "SUCCESSFUL"
goto: aws_cryptosdk_edk_clean_up_harness.goto
jobos: ubuntu16
6 changes: 3 additions & 3 deletions .cbmc-batch/jobs/aws_cryptosdk_edk_eq/cbmc-batch.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
jobos: ubuntu16
cbmcflags: "--bounds-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwind;1;--unwinding-assertions;--object-bits;8"
goto: aws_cryptosdk_edk_eq_harness.goto
cbmcflags: "--flush;--bounds-check;--conversion-check;--div-by-zero-check;--float-overflow-check;--nan-check;--pointer-check;--pointer-overflow-check;--pointer-primitive-check;--signed-overflow-check;--undefined-shift-check;--unsigned-overflow-check;--unwinding-assertions;--malloc-may-fail;--malloc-fail-null;--object-bits;8"
expected: "SUCCESSFUL"
goto: aws_cryptosdk_edk_eq_harness.goto
jobos: ubuntu16
Loading

0 comments on commit 408edb6

Please sign in to comment.