Merge branch 'master' into x64

.gitignore

@@ -45,6 +45,10 @@ umm_types.txt
 
 /tools/haskell-translator/caseconvs-useful
 
+/tools/c-parser/StrictC.grm.sig
+/tools/c-parser/StrictC.grm.sml
+/tools/c-parser/StrictC.lex.sml
+
 /camkes/adl-spec/camkes.ML
 
 /internal/

README.md

@@ -146,9 +146,7 @@ You can get away with avoiding a full cross compiler setup form the above,
 but you will need at least these:
 
     sudo apt-get install python-pip python-dev libxml2-utils
-    sudo pip install tempita
-    sudo pip install psutil
-    sudo pip install six
+    sudo pip install sel4-deps
 
 *On MacOS*: here it is harder to get a full cross-compiler setup going. For
 normal proof development, a full setup is not necessary, though. You mostly
@@ -159,7 +157,8 @@ need a gcc-compatible C pre-processor and python. Try the following steps:
     XCode installed, run `gcc --version` in a terminal window. If it reports a
     version, you're set. Otherwise it should pop up a window and prompt for
     installation of the command line tools.
-  * install `Tempita`, for instance using `sudo easy_install tempita`.
+  * install the seL4 Python dependencies, for instance using
+    `sudo easy_install sel4-deps`.
     `easy_install` is part of Python's [`setuptools`][9].
   * install the [`misc/scripts/cpp`](misc/scripts/cpp) wrapper for clang,
     by putting it in `~/bin`, or somewhere else in your `PATH`.

lib/Corres_Adjust_Preconds.thy

@@ -0,0 +1,193 @@
+(*
+ *
+ * Copyright 2017, Data61, CSIRO
+ *
+ * This software may be distributed and modified according to the terms of
+ * the BSD 2-Clause license. Note that NO WARRANTY is provided.
+ * See "LICENSE_BSD2.txt" for details.
+ *
+ * @TAG(DATA61_BSD)
+ *)
+
+theory Corres_Adjust_Preconds
+
+imports
+  "Corres_UL"
+
+begin
+
+text {*
+Gadget for adjusting preconditions in a corres rule or similar.
+
+Probably only useful for predicates with two or more related
+preconditions, such as corres.
+
+Used to do some_corres_rule[adj_corres some_intro_rule],
+given e.g. some_intro_rule: @{prop "(s, t) \<in> sr \<Longrightarrow> P s \<Longrightarrow> Q t"}
+Will apply this rule to solve @{prop "Q t"} components in either
+precondition or any sub-conjunct, and will then try to put the
+assumptions @{prop "P s"}, @{prop "(s, t) \<in> sr"} into the right
+places. The premises of the rule can be in any given order.
+
+Concrete example at the bottom.
+*}
+
+named_theorems corres_adjust_precond_structures
+
+locale corres_adjust_preconds begin
+
+text {* Worker predicates. Broadly speaking, a goal
+of the form "preconds ?A ?B ?C ?D ==> P" expects to
+establish P by instantiating ?A, or failing that ?B,
+etc.
+
+A goal of the form finalise_preconds A exists to
+make sure that schematic conjuncts of A are resolved
+to True. *}
+definition
+  preconds :: "bool \<Rightarrow> bool \<Rightarrow> bool \<Rightarrow> bool \<Rightarrow> bool"
+where
+  "preconds A B C D = (A \<and> B \<and> C \<and> D)"
+
+definition
+  finalise_preconds :: "bool \<Rightarrow> bool"
+where
+  "finalise_preconds A = True"
+
+text {* Use a precond directly to establish goal. *}
+lemma consume_preconds:
+  "preconds A True True True \<Longrightarrow> A"
+  "preconds True B True True \<Longrightarrow> B"
+  "preconds True True C True \<Longrightarrow> C"
+  "preconds True True True D \<Longrightarrow> D"
+  by (simp_all add: preconds_def)
+
+lemmas consume_preconds_True = consume_preconds(1)[where A=True]
+
+text {* For use as a drule, split a set of schematic preconds
+to give two sets that can be instantiated separately. *}
+lemma split_preconds_left:
+  "preconds (A \<and> A') (B \<and> B') (C \<and> C') (D \<and> D') \<Longrightarrow> preconds A B C D"
+  "preconds (A \<and> A') (B \<and> B') (C \<and> C') True \<Longrightarrow> preconds A B C True"
+  "preconds (A \<and> A') (B \<and> B') True True \<Longrightarrow> preconds A B True True"
+  "preconds (A \<and> A') True True True \<Longrightarrow> preconds A True True True"
+  by (simp_all add: preconds_def)
+
+lemma split_preconds_right:
+  "preconds (A \<and> A') (B \<and> B') (C \<and> C') (D \<and> D') \<Longrightarrow> preconds A' B' C' D'"
+  "preconds (A \<and> A') (B \<and> B') (C \<and> C') True \<Longrightarrow> preconds A' B' C' True"
+  "preconds (A \<and> A') (B \<and> B') True True \<Longrightarrow> preconds A' B' True True"
+  "preconds (A \<and> A') True True True \<Longrightarrow> preconds A' True True True"
+  by (simp_all add: preconds_def)
+
+text {* For use as an erule. Initiate the precond process,
+creating a finalise goal to be solved later. *}
+lemma preconds_goal_initiate:
+  "preconds A B C D \<Longrightarrow> (preconds A B C D \<Longrightarrow> Q)
+    \<Longrightarrow> finalise_preconds (A \<and> B \<and> C \<and> D) \<Longrightarrow> Q"
+  by simp
+
+text {* Finalise preconds, trying to replace conjuncts with
+True if they are not yet instantiated. *}
+lemma finalise_preconds:
+  "finalise_preconds True"
+  "finalise_preconds A \<Longrightarrow> finalise_preconds B \<Longrightarrow> finalise_preconds (A \<and> B)"
+  "finalise_preconds X"
+  by (simp_all add: finalise_preconds_def)
+
+text {* Shape of the whole process for application to regular corres goals. *}
+lemma corres_adjust_pre:
+  "corres_underlying R nf nf' rs P Q  f f'
+    \<Longrightarrow> (\<And>s s'. (s, s') \<in> R \<Longrightarrow> preconds (P1 s) (Q1 s') True True \<Longrightarrow> P s)
+    \<Longrightarrow> (\<And>s s'. (s, s') \<in> R \<Longrightarrow> preconds (Q2 s') (P2 s) True True \<Longrightarrow> Q s')
+    \<Longrightarrow> corres_underlying R nf nf' rs (\<lambda>s. P1 s \<and> P2 s) (\<lambda>s'. Q1 s' \<and> Q2 s') f f'"
+  apply (erule stronger_corres_guard_imp)
+   apply (simp add: preconds_def)+
+  done
+
+ML {*
+
+structure Corres_Adjust_Preconds = struct
+
+val def_intros = @{thms conjI pred_conj_app[THEN iffD2]
+    bipred_conj_app[THEN fun_cong, THEN iffD2]}
+
+(* apply an intro rule, splitting preconds assumptions to
+   provide unique assumptions for each goal. *)
+fun intro_split ctxt intros i =
+  ((resolve_tac ctxt intros
+        THEN_ALL_NEW (TRY o assume_tac ctxt))
+    THEN_ALL_NEW (fn j => (EVERY (replicate (j - i) (dresolve_tac ctxt @{thms split_preconds_left} j)))
+        THEN dresolve_tac ctxt @{thms split_preconds_right} j)) i
+
+fun handle_preconds ctxt intros =
+  TRY o (eresolve_tac ctxt [@{thm preconds_goal_initiate}]
+    THEN' REPEAT_ALL_NEW (eresolve_tac ctxt @{thms consume_preconds_True}
+        ORELSE' intro_split ctxt (intros @ def_intros)
+        ORELSE' eresolve_tac ctxt @{thms consume_preconds})
+    THEN' REPEAT_ALL_NEW (resolve_tac ctxt @{thms finalise_preconds})
+  )
+
+fun mk_adj_preconds ctxt intros rule = let
+    val xs = [rule] RL (Named_Theorems.get ctxt @{named_theorems corres_adjust_precond_structures})
+    val x = case xs of
+        [] => raise THM ("no unifier with corres_adjust_precond_structures", 1, [rule])
+      | xs => hd xs
+  in x
+    |> ALLGOALS (handle_preconds ctxt intros)
+    |> Seq.hd
+    |> Simplifier.simplify (clear_simpset ctxt addsimps @{thms conj_assoc simp_thms(21-22)})
+  end
+
+val setup =
+      Attrib.setup @{binding "adj_corres"}
+          ((Attrib.thms -- Args.context)
+              >> (fn (intros, ctxt) => Thm.rule_attribute [] (K (mk_adj_preconds ctxt intros))))
+          "use argument theorems to adjust a corres theorem."
+
+end
+
+*}
+
+end
+
+declare corres_adjust_preconds.corres_adjust_pre[corres_adjust_precond_structures]
+
+setup Corres_Adjust_Preconds.setup
+
+experiment begin
+
+definition
+  test_sr :: "(nat \<times> nat) set"
+where
+  "test_sr = {(x, y). y = 2 * x}"
+
+lemma test_corres:
+  "corres_underlying test_sr nf nf' dc (\<lambda>x. x < 40) (\<lambda>y. y < 30 \<and> y = 6)
+    (modify (\<lambda>x. x + 2)) (modify (\<lambda>y. 10))"
+  by (simp add: corres_underlying_def simpler_modify_def test_sr_def)
+
+lemma test_adj_precond:
+  "(x, y) \<in> test_sr \<Longrightarrow> x = 3 \<Longrightarrow> y = 6"
+  by (simp add: test_sr_def)
+
+ML {*
+Corres_Adjust_Preconds.mk_adj_preconds @{context} [@{thm test_adj_precond}] @{thm test_corres}
+*}
+
+lemma foo_adj_corres:
+  "corres_underlying test_sr nf nf' dc (\<lambda>s. s < 40 \<and> s = 3) (\<lambda>s'. s' < 30) (modify (\<lambda>x. x + 2))
+       (modify (\<lambda>y. 10))"
+  by (rule test_corres[adj_corres test_adj_precond])
+
+text {* A more general demo of what it does. *}
+lemma
+  assumes my_corres: "corres_underlying my_sr nf nf' rvrel P Q a c"
+  assumes my_adj: "\<And>s s'. (s,s') \<in> my_sr \<Longrightarrow> P s \<Longrightarrow> Q s'"
+  shows "corres_underlying my_sr nf nf' rvrel (\<lambda>s. P s \<and> P s) (\<lambda>s'. True) a c"
+  apply (rule my_corres[adj_corres my_adj])
+  done
+
+end
+
+end

proof/Makefile

@@ -47,7 +47,7 @@ HEAPS += SepTactics SepTacticsExamples
 
 CKernel CSpec: c-kernel
 SimplExportAndRefine: c-kernel
-BaseRefine Refine: design-spec
+BaseRefine Refine DBaseRefine DRefine: design-spec
 CBaseRefine CRefine: c-kernel design-spec
 
 # Preprocess the kernel's source code and bitfield theory files.

proof/ROOT

@@ -34,12 +34,14 @@ session Refine = BaseRefine +
   description {* Refinement between Haskell and Abstract spec. *}
   theories [condition = "REFINE_QUICK_AND_DIRTY", quick_and_dirty]
     "refine/$L4V_ARCH/Refine"
+  theories [condition = "SKIP_REFINE_PROOFS", quick_and_dirty, skip_proofs]
+    "refine/$L4V_ARCH/Refine"
   theories
     "refine/$L4V_ARCH/Refine"
 
 session BaseRefine2 = BaseRefine +
   description {* Intermediate point in refinement proof. Useful for machines with small RAM. *}
-  theories [condition = "SKIP_INVS_PROOFS", quick_and_dirty, skip_proofs]
+  theories [condition = "SKIP_AINVS_PROOFS", quick_and_dirty, skip_proofs]
     "refine/$L4V_ARCH/Untyped_R"
     "refine/$L4V_ARCH/Schedule_R"
   theories
@@ -52,8 +54,6 @@ session RefineQD = BaseRefine +
 
 session BaseRefine = AInvs +
   description {* Background theory and libraries for refinement proof. *}
-  theories [condition = "SKIP_INVS_PROOFS", quick_and_dirty, skip_proofs]
-    "refine/$L4V_ARCH/Include"
   theories
     "refine/$L4V_ARCH/Include"
 
@@ -62,16 +62,13 @@ session BaseRefineQD = AInvsQD +
     "refine/$L4V_ARCH/Include"
 
 session AInvs = ASpec +
-  theories [condition = "SKIP_INVS_PROOFS", quick_and_dirty, skip_proofs]
-    "invariant-abstract/AInvs"
+  theories [condition = "SKIP_AINVS_PROOFS", quick_and_dirty, skip_proofs]
     "invariant-abstract/KernelInit_AI"
-    "invariant-abstract/DetSchedSchedule_AI"
-  theories [condition = "INVS_QUICK_AND_DIRTY", quick_and_dirty]
-    "invariant-abstract/AInvs"
+    "invariant-abstract/$L4V_ARCH/ArchDetSchedSchedule_AI"
+  theories [condition = "AINVS_QUICK_AND_DIRTY", quick_and_dirty]
     "invariant-abstract/KernelInit_AI"
-    "invariant-abstract/DetSchedSchedule_AI"
+    "invariant-abstract/$L4V_ARCH/ArchDetSchedSchedule_AI"
   theories
-    "invariant-abstract/AInvs"
     "invariant-abstract/KernelInit_AI"
     "invariant-abstract/$L4V_ARCH/ArchDetSchedSchedule_AI"
 
@@ -104,7 +101,7 @@ session CRefine = CBaseRefine +
     "crefine/$L4V_ARCH/Refine_C"
 
 session CBaseRefine = CSpec +
-  theories [condition = "SKIP_REFINE_PROOFS", quick_and_dirty, skip_proofs]
+  theories [condition = "SKIP_DUPLICATED_PROOFS", quick_and_dirty, skip_proofs]
     "crefine/$L4V_ARCH/Include_C"
   theories
     "crefine/$L4V_ARCH/Include_C"
@@ -138,7 +135,6 @@ session Access in "access-control" = AInvs +
 session InfoFlow in "infoflow" = Access +
   theories
     "Noninterference"
-  theories
     "Noninterference_Base_Refinement"
     "PolicyExample"
     "PolicySystemSAC"
@@ -146,7 +142,7 @@ session InfoFlow in "infoflow" = Access +
     "Example_Valid_State"
 
 session InfoFlowCBase = CRefine +
-  theories [condition = "SKIP_REFINE_PROOFS", quick_and_dirty, skip_proofs]
+  theories [condition = "SKIP_DUPLICATED_PROOFS", quick_and_dirty, skip_proofs]
     "infoflow/Include_IF_C"
   theories
     "infoflow/Include_IF_C"

run_tests

@@ -1,7 +1,7 @@
-#!/bin/bash
+#!/usr/bin/env python
 #
 #
-# Copyright 2014, NICTA
+# Copyright 2017, CSIRO
 #
 # This software may be distributed and modified according to the terms of
 # the BSD 2-Clause license. Note that NO WARRANTY is provided.
@@ -10,113 +10,122 @@
 # @TAG(NICTA_BSD)
 #
 
+import os
+import sys
+
+# Settings
+L4V_ARCH_DEFAULT="ARM"
+L4V_ARCH_LIST=["ARM","ARM_HYP","X64"]
+
 # Fetch directory this script is stored in.
-DIR="$(cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd)"
+DIR=os.path.dirname(os.path.realpath(__file__))
 
 # Add repo version of Isabelle to our path.
-export PATH="${DIR}/isabelle/bin:$PATH"
+os.environ["PATH"] += os.pathsep + DIR
 
-# Export L4V_ARCH variable as X64
-export L4V_ARCH="${L4V_ARCH:-X64}"
-echo "Testing for L4V_ARCH=${L4V_ARCH}:"
+# Export L4V_ARCH variable as ARM (Default)
+if not os.environ.has_key("L4V_ARCH"):
+    os.environ["L4V_ARCH"] = L4V_ARCH_DEFAULT
+
+L4V_ARCH=os.environ["L4V_ARCH"]
+
+# Check we are using a known Architecture
+if L4V_ARCH not in L4V_ARCH_LIST:
+    sys.exit("Unknown architecture L4V_ARCH=%s" % L4V_ARCH)
+
+print "Testing for L4V_ARCH=%s:" % L4V_ARCH
 
 # Enable quick_and_dirty mode for various images
-if [ -n "${QUICK_AND_DIRTY}" ]
-   then
-       export INVS_QUICK_AND_DIRTY=1
-       export REFINE_QUICK_AND_DIRTY=1
-       export CREFINE_QUICK_AND_DIRTY=1
-       echo "Testing with QUICK_AND_DIRTY"
-fi
+if os.environ.has_key("QUICK_AND_DIRTY"):
+    os.environ["AINVS_QUICK_AND_DIRTY"]=1
+    os.environ["REFINE_QUICK_AND_DIRTY"]=1
+    os.environ["CREFINE_QUICK_AND_DIRTY"]=1
+    print "Testing with QUICK_AND_DIRTY"
 
-# Enable skip_proofs mode for various images
+# Lists of excluded tests for diferent archs
+EXCLUDE={}
+EXCLUDE["ARM_HYP"]=[
+    "CamkesAdlSpec",
+    "CamkesGlueSpec",
+    "SimpleSystem",
+    "RelyGuarantee",
+    "Sep_Algebra",
+    "tests-xml-correct",
+    "SepTactics",
+    "SepTacticsExamples",
+    "DBaseRefine",
+    "DRefine",
+    "Access",
+    "InfoFlow",
+    "ArmConfidentiality",
+    "DPolicy",
+    "CamkesCdlRefine",
+    "Bisim",
+    "DSpec",
+    "SepDSpec",
+    "DSpecProofs",
+    "TakeGrant",
+    "ASepSpec",
+    "HaskellKernel",
+    "SysInit",
+    "SysInitExamples",
+    "InfoFlowCBase",
+    "InfoFlowC",
+    "SimplExportAndRefine",
+    "CParserTest",
+    "CParserTestX64",
+    "CParserTools",
+    "AutoCorres",
+    "CamkesGlueProofs",
+    "CamkesDarpaReport",
+    "theory_imports",
+    "AutoCorresDoc",
+    "AutoCorresTest",
+    "AutoCorresSEL4"]
 
-if [ -n "${REFINE_PROOFS}" ]
-then
-    export SKIP_REFINE_PROOFS=1
-    export SKIP_INVS_PROOFS=1
-    echo "Testing with SKIP_PROOFS"
-fi
+EXCLUDE["ARM"]=[]
+
+EXCLUDE[X64]=[
+    "ASepSpec",
+    "Access",
+    "ArmConfidentiality",
+    "AutoCorresSEL4",
+    "Bisim",
+    "CamkesAdlSpec",
+    "CamkesCdlRefine",
+    "CamkesDarpaReport",
+    "CamkesGlueProofs",
+    "CamkesGlueSpec",
+    "DBaseRefine",
+    "DPolicy",
+    "DRefine",
+    "DSpec",
+    "DSpecProofs",
+    "InfoFlow",
+    "InfoFlowC",
+    "InfoFlowCBase",
+    "RelyGuarantee",
+    "SepDSpec",
+    "SepTactics",
+    "SepTacticsExamples",
+    "Sep_Algebra",
+    "SimplExportAndRefine",
+    "SimpleSystem",
+    "SysInit",
+    "SysInitExamples",
+    "TakeGrant"]
+
+# Check EXCLUDE is exhaustive over the available architectures
+if not set(L4V_ARCH_LIST) <= set(EXCLUDE.keys()):
+    sys.exit("[INTERNAL ERROR] exclusion lists are non-exhaustive")
 
 # Run the tests from the script directory.
-cd ${DIR}
+os.chdir(DIR)
 
-# Bitfield proofs aren't ready for X64 yet.
-export SORRY_BITFIELD_PROOFS=1
+# Arguments:
+args  = ['./misc/regression/run_tests.py']                 # Script name
+args += [r for t in EXCLUDE[L4V_ARCH] for r in ['-r', t]]  # Exclusion list
+args += sys.argv[1:]                                       # Other arguments
 
-# Default exclusions for ARM_HYP and X64
-
-declare -A EXCLUDE
-
-EXCLUDE[ARM_HYP]="
--r CamkesAdlSpec \
--r CamkesGlueSpec \
--r SimpleSystem \
--r RelyGuarantee \
--r Sep_Algebra \
--r tests-xml-correct \
--r SepTactics \
--r SepTacticsExamples \
--r DBaseRefine \
--r DRefine \
--r Access \
--r InfoFlow \
--r ArmConfidentiality \
--r DPolicy \
--r CamkesCdlRefine \
--r Bisim \
--r DSpec \
--r SepDSpec \
--r DSpecProofs \
--r TakeGrant \
--r ASepSpec \
--r HaskellKernel \
--r SysInit \
--r SysInitExamples \
--r InfoFlowCBase \
--r InfoFlowC \
--r SimplExportAndRefine \
--r CParserTest \
--r CParserTestX64 \
--r CParserTools \
--r AutoCorres \
--r CamkesGlueProofs \
--r CamkesDarpaReport \
--r theory_imports \
--r AutoCorresDoc \
--r AutoCorresTest \
--r AutoCorresSEL4 \
-"
-
-EXCLUDE[X64]="
--r Access \
--r ASepSpec \
--r AutoCorresSEL4 \
--r Bisim \
--r ArmConfidentiality \
--r CamkesAdlSpec \
--r CamkesCdlRefine \
--r CamkesDarpaReport \
--r CamkesGlueProofs \
--r CamkesGlueSpec \
--r DBaseRefine \
--r DPolicy \
--r DSpecProofs \
--r DRefine \
--r DSpec \
--r InfoFlow \
--r InfoFlowC \
--r InfoFlowCBase \
--r RelyGuarantee \
--r Sep_Algebra \
--r SepDSpec \
--r SepTactics \
--r SepTacticsExamples \
--r SimpleSystem \
--r SimplExportAndRefine \
--r SysInit \
--r SysInitExamples \
--r TakeGrant \
-"
-
-python ./misc/regression/run_tests.py ${EXCLUDE[${L4V_ARCH}]} $@
+# Run the thing!!
+os.execvp('./misc/regression/run_tests.py',args)

spec/Makefile

@@ -41,7 +41,7 @@ ExecSpec ASpec : design-spec
 #       depended on.
 
 # Preprocess the kernel's source code and bitfield theory files.
-c-kernel: .FORCE
+c-kernel: c-parser .FORCE
 	cd cspec/$(L4V_ARCH)/c && L4V_REPO_PATH=$(L4V_REPO_PATH) $(MAKE) cspec
 .PHONY: c-kernel
 
@@ -50,6 +50,12 @@ design-spec: .FORCE
 	cd design/ && L4V_REPO_PATH=$(L4V_REPO_PATH) $(MAKE) design
 .PHONY: design-spec
 
+
+# Sets up the c-parser grammar files
+c-parser: .FORCE
+	cd ../tools/c-parser && make c-parser-deps
+.PHONY: c-parser
+
 # Produce the input data for the binary verification problem at -O1
 binary-verification-input: c-kernel
 	$(ISABELLE_TOOL) build -d .. -v SimplExport

spec/design/Makefile

@@ -31,7 +31,6 @@ MACHINE_FILES += ${MACHINE_PATH}/ARM/MachineTypes.thy \
 design : version
 
 version : ${SKEL_FILES} ${MSKEL_FILES} ${HASKELL_FILES}
-	mkdir -p ${ARCH_DIRS}
 	${HASKELL_TRANS}
 
 clean :

tools/c-parser/IsaMakefile

@@ -54,6 +54,9 @@ GRAMMAR_PRODUCTS = l4c.lex.sml l4c.grm.sml l4c.grm.sig
 include $(CPARSER_PFX)/standalone-parser/Makefile
 include $(CPARSER_PFX)/Makefile
 
+# Generate lexer and parser files for CParser
+CParser: c-parser-deps
+
 # Regression targets.
 report-regression:
 	@echo CParser cparser_test cparser_tools

tools/c-parser/Makefile

@@ -32,6 +32,11 @@ RUN_MLYACC=$(TOOLRUN_PFX)$(MLYACC)
 %.grm.sml %.grm.sig: %.grm $(MLYACC)
 	$(RUN_MLYACC) $<
 
+GRAMMAR_PRODUCTS = StrictC.lex.sml StrictC.grm.sig StrictC.grm.sml
+
+c-parser-deps: $(GRAMMAR_PRODUCTS)
+
+.PHONY: c-parser-deps
 
 
 

tools/c-parser/StrictC.grm.sig

@@ -1,111 +0,0 @@
-signature StrictC_TOKENS =
-sig
-type ('a,'b) token
-type svalue
-val YREGISTER:  'a * 'a -> (svalue,'a) token
-val YASM:  'a * 'a -> (svalue,'a) token
-val GCC_ATTRIBUTE:  'a * 'a -> (svalue,'a) token
-val SPEC_BLOCKEND:  'a * 'a -> (svalue,'a) token
-val STRING_LITERAL: (string) *  'a * 'a -> (svalue,'a) token
-val DONT_TRANSLATE:  'a * 'a -> (svalue,'a) token
-val SPEC_END:  'a * 'a -> (svalue,'a) token
-val SPEC_BEGIN:  'a * 'a -> (svalue,'a) token
-val OWNED_BY:  'a * 'a -> (svalue,'a) token
-val CALLS:  'a * 'a -> (svalue,'a) token
-val MODIFIES:  'a * 'a -> (svalue,'a) token
-val GHOSTUPD:  'a * 'a -> (svalue,'a) token
-val AUXUPD:  'a * 'a -> (svalue,'a) token
-val RELSPEC:  'a * 'a -> (svalue,'a) token
-val FNSPEC:  'a * 'a -> (svalue,'a) token
-val AUTO:  'a * 'a -> (svalue,'a) token
-val THREAD_LOCAL:  'a * 'a -> (svalue,'a) token
-val NORETURN:  'a * 'a -> (svalue,'a) token
-val STATIC:  'a * 'a -> (svalue,'a) token
-val INLINE:  'a * 'a -> (svalue,'a) token
-val INVARIANT:  'a * 'a -> (svalue,'a) token
-val RESTRICT:  'a * 'a -> (svalue,'a) token
-val VOLATILE:  'a * 'a -> (svalue,'a) token
-val CONST:  'a * 'a -> (svalue,'a) token
-val EXTERN:  'a * 'a -> (svalue,'a) token
-val TYPEDEF:  'a * 'a -> (svalue,'a) token
-val UNION:  'a * 'a -> (svalue,'a) token
-val STRUCT:  'a * 'a -> (svalue,'a) token
-val NUMERIC_CONSTANT: (Absyn.numliteral_info) *  'a * 'a -> (svalue,'a) token
-val TYPEID: (string) *  'a * 'a -> (svalue,'a) token
-val ID: (string) *  'a * 'a -> (svalue,'a) token
-val ARROW:  'a * 'a -> (svalue,'a) token
-val VOID:  'a * 'a -> (svalue,'a) token
-val UNSIGNED:  'a * 'a -> (svalue,'a) token
-val SIGNED:  'a * 'a -> (svalue,'a) token
-val SHORT:  'a * 'a -> (svalue,'a) token
-val LONG:  'a * 'a -> (svalue,'a) token
-val CHAR:  'a * 'a -> (svalue,'a) token
-val BOOL:  'a * 'a -> (svalue,'a) token
-val INT:  'a * 'a -> (svalue,'a) token
-val RIGHTSHIFT:  'a * 'a -> (svalue,'a) token
-val LEFTSHIFT:  'a * 'a -> (svalue,'a) token
-val YGREATER:  'a * 'a -> (svalue,'a) token
-val YLESS:  'a * 'a -> (svalue,'a) token
-val YGE:  'a * 'a -> (svalue,'a) token
-val YLE:  'a * 'a -> (svalue,'a) token
-val NOTEQUALS:  'a * 'a -> (svalue,'a) token
-val EQUALS:  'a * 'a -> (svalue,'a) token
-val BITWISEXOR:  'a * 'a -> (svalue,'a) token
-val BITWISEOR:  'a * 'a -> (svalue,'a) token
-val LOGICALAND:  'a * 'a -> (svalue,'a) token
-val LOGICALOR:  'a * 'a -> (svalue,'a) token
-val YSIZEOF:  'a * 'a -> (svalue,'a) token
-val DEFAULT:  'a * 'a -> (svalue,'a) token
-val CASE:  'a * 'a -> (svalue,'a) token
-val SWITCH:  'a * 'a -> (svalue,'a) token
-val YFOR:  'a * 'a -> (svalue,'a) token
-val YCONTINUE:  'a * 'a -> (svalue,'a) token
-val YBREAK:  'a * 'a -> (svalue,'a) token
-val YRETURN:  'a * 'a -> (svalue,'a) token
-val YDO:  'a * 'a -> (svalue,'a) token
-val YWHILE:  'a * 'a -> (svalue,'a) token
-val YELSE:  'a * 'a -> (svalue,'a) token
-val YIF:  'a * 'a -> (svalue,'a) token
-val YENUM:  'a * 'a -> (svalue,'a) token
-val RSHIFTEQ:  'a * 'a -> (svalue,'a) token
-val LSHIFTEQ:  'a * 'a -> (svalue,'a) token
-val BXOREQ:  'a * 'a -> (svalue,'a) token
-val MODEQ:  'a * 'a -> (svalue,'a) token
-val DIVEQ:  'a * 'a -> (svalue,'a) token
-val MULEQ:  'a * 'a -> (svalue,'a) token
-val BOREQ:  'a * 'a -> (svalue,'a) token
-val BANDEQ:  'a * 'a -> (svalue,'a) token
-val MINUSEQ:  'a * 'a -> (svalue,'a) token
-val PLUSEQ:  'a * 'a -> (svalue,'a) token
-val MINUSMINUS:  'a * 'a -> (svalue,'a) token
-val PLUSPLUS:  'a * 'a -> (svalue,'a) token
-val YBITNOT:  'a * 'a -> (svalue,'a) token
-val YAMPERSAND:  'a * 'a -> (svalue,'a) token
-val YNOT:  'a * 'a -> (svalue,'a) token
-val YAND:  'a * 'a -> (svalue,'a) token
-val YMINUS:  'a * 'a -> (svalue,'a) token
-val YPLUS:  'a * 'a -> (svalue,'a) token
-val YDOT:  'a * 'a -> (svalue,'a) token
-val YEQ:  'a * 'a -> (svalue,'a) token
-val QMARK:  'a * 'a -> (svalue,'a) token
-val YCOLON:  'a * 'a -> (svalue,'a) token
-val YSEMI:  'a * 'a -> (svalue,'a) token
-val YCOMMA:  'a * 'a -> (svalue,'a) token
-val RBRACKET:  'a * 'a -> (svalue,'a) token
-val LBRACKET:  'a * 'a -> (svalue,'a) token
-val RCURLY:  'a * 'a -> (svalue,'a) token
-val LCURLY:  'a * 'a -> (svalue,'a) token
-val RPAREN:  'a * 'a -> (svalue,'a) token
-val LPAREN:  'a * 'a -> (svalue,'a) token
-val MOD:  'a * 'a -> (svalue,'a) token
-val SLASH:  'a * 'a -> (svalue,'a) token
-val YSTAR:  'a * 'a -> (svalue,'a) token
-val EOF:  'a * 'a -> (svalue,'a) token
-end
-signature StrictC_LRVALS=
-sig
-structure Tokens : StrictC_TOKENS
-structure ParserData:PARSER_DATA
-sharing type ParserData.Token.token = Tokens.token
-sharing type ParserData.svalue = Tokens.svalue
-end

tools/haskell-translator/make_spec.sh

@@ -82,9 +82,20 @@ ARCHES=("ARM" "X64" "ARM_HYP")
 #       If these are not in sync, expect the unexpected.
 #       spec_check.sh has a copy of these, which should be updated in tandem.
 #       FIXME: move to a common location in haskell-translator (D.R.Y.)
-declare -A cpp_opts
-cpp_opts[ARM]="-DPLATFORM=QEmu -DPLATFORM_QEmu -DTARGET=ARM -DTARGET_ARM"
-cpp_opts[ARM_HYP]="-DPLATFORM=TK1 -DPLATFORM_TK1 -DTARGET=ARM -DTARGET_ARM -DCONFIG_ARM_HYPERVISOR_SUPPORT"
+function cpp_opts () {
+    case ${1} in
+        ARM)
+            L4CPP="-DPLATFORM=QEmu -DPLATFORM_QEmu -DTARGET=ARM -DTARGET_ARM"
+            ;;
+        ARM_HYP)
+            L4CPP="-DPLATFORM=TK1 -DPLATFORM_TK1 -DTARGET=ARM -DTARGET_ARM -DCONFIG_ARM_HYPERVISOR_SUPPORT"
+            ;;
+        *)
+            echo "Warning: No CPP configuration for achitecture ${1}"
+            L4CPP=""
+    esac
+    export L4CPP
+}
 
 NAMES=`cd $SKEL; ls *.thy`
 
@@ -95,6 +106,7 @@ function send_filenames () {
     local arch=${1}
     local archnames=`cd $SKEL/${arch}; ls *.thy`
     local archmnames=`cd $MSKEL/${arch}; ls *.thy`
+    mkdir -p "$SPEC/${arch}"
     mkdir -p "$SPECNONARCH/${arch}"
 
     # Theory files common to all haskell specifications
@@ -120,8 +132,7 @@ function send_filenames () {
 for ARCH in ${ARCHES[@]}
 do
     send_filenames $ARCH > $TMPFILE
-    L4CPP=${cpp_opts[$ARCH]}
-    export L4CPP
+    cpp_opts $ARCH
     cd $TRANSLATOR
     python pars_skl.py $TMPFILE
 done