79eccd3c10
lib+spec+proofs: proof fixes for NonDetMonadLemmaBucket split
...
Very minor changes, but in many modules.
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
2023-01-19 17:01:34 +11:00
a424d55e3e
licenses: convert license tags to SPDX
2020-03-13 14:38:24 +08:00
c34840d09b
global: isabelle update_cartouches
2019-06-14 11:41:21 +10:00
3758df05df
dspec, drefine: fix for GrantReply (SELFOUR-6)
...
Nothing too exciting here, just duplicating the new GrantReply logic
from ASpec and repairing the proofs.
2018-12-10 20:01:38 +11:00
b2a2656c19
Isabelle2018: DSpec
2018-08-20 09:06:36 +10:00
4db4af2347
dspec: resolve old FIXMEs in capDL spec
2018-08-06 11:22:53 +10:00
4601f2a1ab
Genericise deletion actions that occur after empty_slot
...
This patch adds a generic "post_cap_deletion" step that is called by
finalise_slot. Previous to this, the only caps which had actions
required at this stage were IRQHandlerCaps -- it was required that the
IRQ bitmap be updated after the cap itself was removed (as the
invariants state that for any existing IRQHandlerCap, the corresponding
bit in the IRQ bitmap must be set).
By genericising this, we add the capacity for new, arch-specific post
cap deletion actions to occur in the future.
2018-02-23 09:12:55 +11:00
796887d9b1
Removes all trailing whitespaces
2017-07-12 15:13:51 +10:00
c957220996
capDL spec and DRefine for prepare_thread_delete
2017-02-20 09:23:56 +11:00
511c6b2d3a
Isabelle2016-1: rename free variables to avoid capture
2017-01-05 14:24:36 +11:00
2553371a14
SELFOUR-64: Remove general Recycle operation
...
This removes the RecycleCap CNodeInvocation, whilst
retaining recycle behaviour for Endpoints -- now renamed
CNodeCancelBadgedSends.
2016-11-18 14:11:12 +11:00
3b679b0ce3
SELFOUR-444: fix DSpecProofs and SysInit
2016-11-02 11:19:10 +11:00
113315d9a6
SELFOUR-421: merge and fix up to ArmConfidentiality proof
2016-09-22 19:21:56 +10:00
e00e4c4e64
SELFOUR-421: add device bit in UntypedCap and FrameCap in capdl
2016-09-22 19:11:37 +10:00
f0faa90f8a
lib/spec/proof/tools: fix word change fallout
2016-05-16 21:11:40 +10:00
671c5673bd
more fixes in DRefine: some changes in proofs involving uint / unat
2016-01-28 14:07:42 +11:00
457a55a831
add arch_tcb object to C, rename aep -> ntfn
2015-11-20 16:02:13 +11:00
0fb88ea01c
Merge branch 'master' into aep-merge
...
This commit should at least remove merge conflict markers, and the idea
is that at least refine, crefine, drefine, and infoflow (with sorrys)
build. Subsequent commits may be required to fix build issues that I
have not picked up.
2015-09-10 17:06:45 +10:00
d88a931ec7
history squashed patch for aep-binding
2015-09-02 15:43:39 +10:00
e4b54fea78
capDL spec: fewer warnings
2015-05-09 13:05:01 +02:00
17826f9b49
more Isabelle2015 update; AInvs up to (excluding) Syscall_AI
...
also includes some global replacements
2015-04-18 21:51:26 +01:00
0c004d2a93
Merge branch 'master' into 'isabelle-2014'.
...
Conflicts:
proof/drefine/Arch_DR.thy
proof/drefine/Finalise_DR.thy
proof/drefine/StateTranslation_D.thy
sys-init/DuplicateCaps_SI.thy
sys-init/Proof_SI.thy
tools/autocorres/tests/examples/SchorrWaite.thy
2014-09-23 14:31:33 +10:00
77dd554227
page_map_unmap_cancel : cdl spec changed and drefine fixed.
2014-09-05 14:48:22 +10:00
1af1d2b67b
some of the global Isabelle2014 renames
...
option_case -> case_option
sum_case -> case_sum
prod_case -> case_prod
Option.set -> set_option
Option.map -> map_option
option_rel -> rel_option
list_all2_def -> list_all2_iff
map.simps -> list.map
tl.simps -> list.sel(2-3)
the.simps -> option.sel
2014-08-09 15:39:20 +10:00
9d9a325032
Updates for getpaddr system call (by Joel Beeren)
2014-07-18 17:21:34 +02:00
84595f4233
release cleanup
2014-07-17 18:22:50 +02:00
2a03e81df4
Import release snapshot.
2014-07-14 21:32:44 +02:00
Gerwin Klein
Gerwin Klein
Japheth Lim
Joel Beeren
Alejandro Gomez-Londono
Miki Tanaka
Matthew Brecknell
Joel Beeren
Xin,Gao
Gerwin Klein
Ramana Kumar
David Greenaway
Gao Xin