Skip to content

Commit 827bf88

Browse files
priyasiddharthpriyasiddharth
committed
virtio-queue: add doc for unit proof verify_2_7_7_2
Signed-off-by: Siddharth Priya <[email protected]>
1 parent cf1b9c4 commit 827bf88

File tree

1 file changed

+13
-10
lines changed

1 file changed

+13
-10
lines changed

virtio-queue/src/queue/verification.rs

Lines changed: 13 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -458,19 +458,22 @@ impl kani::Arbitrary for ProofContext {
458458
}
459459
}
460460

461+
/// # Specification (VirtIO 1.3, Section 2.7.7.2: "Device-to-driver notification suppression")
462+
///
463+
/// Section 2.7.7.2 deals with device-to-driver notification suppression. It
464+
/// describes a mechanism by which the driver can tell the device that it does
465+
/// not want notifications (IRQs) about the device finishing processing
466+
/// individual buffers (descriptor chain heads) from the avail ring until a
467+
/// specific number of descriptors has been processed. This is done by the
468+
/// driver defining a "used_event" index, which tells the device "please do not
469+
/// notify me until used.ring[used_event] has been written to by you".
461470
#[kani::proof]
462-
// There are no loops anywhere, but kani really enjoys getting stuck in std::ptr::drop_in_place.
463-
// This is a compiler intrinsic that has a "dummy" implementation in stdlib that just
464-
// recursively calls itself. Kani will generally unwind this recursion infinitely.
471+
// There are no loops anywhere, but kani really enjoys getting stuck in
472+
// std::ptr::drop_in_place. This is a compiler intrinsic that has a "dummy"
473+
// implementation in stdlib that just recursively calls itself. Kani will
474+
// generally unwind this recursion infinitely.
465475
#[kani::unwind(0)]
466476
fn verify_spec_2_7_7_2() {
467-
// Section 2.7.7.2 deals with device-to-driver notification suppression.
468-
// It describes a mechanism by which the driver can tell the device that it does not
469-
// want notifications (IRQs) about the device finishing processing individual buffers
470-
// (descriptor chain heads) from the avail ring until a specific number of descriptors
471-
// has been processed. This is done by the driver
472-
// defining a "used_event" index, which tells the device "please do not notify me until
473-
// used.ring[used_event] has been written to by you".
474477
let ProofContext {
475478
mut queue,
476479
memory: mem,

0 commit comments

Comments
 (0)