adbrucker
/
lh-l4v
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
757 Commits 7 Branches 0 Tags 86 MiB
Commit Graph

50 Commits

Author SHA1 Message Date
Miki Tanaka d11f24a3a1 Refine finished for RC1 2016-01-23 22:51:48 +11:00
Miki Tanaka 674d476d83 option name changed from RC0 2016-01-23 00:34:41 +11:00
Miki Tanaka b43f41abfd A few more changes. 
inj_on_image_set_diff: resolved the injection map lemma application issue in CSpace1_R.thy, CSpace_R.thy
Pair_fst_snd_eq chaged to prod_eq_iff in TcbAcc_R.thy, Schedule_R.thy, Retype_R.thy
TrueI removed in Schedule_R.thy
not_leE changed to not_le_imp_less in Retype_R.thy
 2016-01-22 15:10:42 +11:00
Miki Tanaka 83574af10e Invariants_H.thy: inductive definition needs explicit declaration to make xxx_def available 
CSpace_I.thy: locale qualifier default changed
 2016-01-22 15:10:42 +11:00
Daniel Matichuk a8b7ee4ffe repairing refine (simplified attribute now solves True) 2016-01-18 16:09:30 +11:00
Miki Tanaka b7376a56e2 Isabelle 2016 update: minor fixes 2016-01-15 16:03:30 +11:00
Thomas Sewell 043a69c81b Fix Orphanage from array changes, refactor. 
Some generalisation is done in finaliseSlot_invs'' to avoid
duplicating it in Orphanage and PageTableDuplicates.

Finally cleanup in haskell translation.
 2015-12-02 09:15:32 +11:00
Thomas Sewell 860f8f2225 Fixes for merge/rebase with mainline. 2015-12-02 09:15:26 +11:00
Thomas Sewell 375b526b0c Finally done with array assertions. 2015-12-02 09:08:27 +11:00
Thomas Sewell 7e40646c48 Proof up to Fastpath_C. 
The very last twist of this: the proof that resolveAddressBits can
be seen as functional needs to change, a lot, because it's now
sensitive to gsCNodes. Still working on that.
 2015-12-02 09:07:49 +11:00
Thomas Sewell 4fd43512bb WIP on handling array assertions. Up to Retype_C. 
This is quite a lot of work in the end. I've had to gut most of
Retype_C along the way. Nearly done there.
 2015-12-02 09:06:06 +11:00
Gerwin Klein 7bc4236077 remove accidentally committed file 2015-11-25 09:54:30 +13:00
Gerwin Klein ac632c5aaa Wait -> Recv: update proofs 2015-11-20 16:02:14 +11:00
Joel Beeren 457a55a831 add arch_tcb object to C, rename aep -> ntfn 2015-11-20 16:02:13 +11:00
Thomas Sewell 7c3a06a8d7 Minor adjustments caused by Strengthen changes. 2015-10-29 11:27:54 +11:00
Rafal Kolanski d51402a5a2 Merge remote-tracking branch 'verification/master' into priority-bitmap 
(seL4_NBWait)
 2015-10-21 16:23:01 +11:00
Joel Beeren e403eb8f0a poll: added non blocking sync wait 2015-10-21 14:24:49 +11:00
Joel Beeren d6f7579be7 poll: Added new syscall for polling async endpoints (non-blocking wait) 2015-10-21 14:24:49 +11:00
Rafal Kolanski 6f8cdae201 priority-bitmap: clean up Refine (i.e. "FIXME RAF") 2015-10-21 13:38:29 +11:00
Rafal Kolanski c1eb235105 Merge 'verification/master' into priority-bitmap 
Green build except for:
CParserTest (WTF Duplicate fact declaration "dc_20081211.dc_20081211.test_modifies")
AutoCorresSEL4 (waiting on result)

There is still a carefully managed sorry in Schedule_R, waiting on the C
parser FNSPEC+DONT_TRANSLATE fix.
 2015-10-21 06:19:20 +11:00
Rafal Kolanski 930a2ff179 priority-bitmap: Update Haskell->C refinement 
(modulo clz_spec locale problem)
 2015-10-20 23:52:07 +11:00
Rafal Kolanski 7860bd4351 priority-bitmap: move word_log2/clz to WordLemmaBucket 
Resolves some FIXMEs in Schedule_R.
 2015-10-20 23:50:37 +11:00
Rafal Kolanski 2a9d3022f2 priority-bitmap: Update abstract->Haskell refinement 
Added word_log2 and word_clz (inline for now, will migrate them out to
lib later).

Proved most important properties of word_log2 and some basic
count leading zeros properties (word_clz). The former were painful.

Thanks to Thomas, we have a nice tactic for dealing with complicated
obj_at' predicates in conclusion: normalise_obj_at'
 2015-10-20 23:40:44 +11:00
Joel Beeren 038891ac7b aep-binding: more cleanup 2015-10-07 14:57:55 +11:00
Joel Beeren f117c99903 aep-binding: updated AInvs, Access, Refine for new decodeBindAEP 2015-09-15 16:31:14 +10:00
Ramana Kumar 0fb88ea01c Merge branch 'master' into aep-merge 
This commit should at least remove merge conflict markers, and the idea
is that at least refine, crefine, drefine, and infoflow (with sorrys)
build. Subsequent commits may be required to fix build issues that I
have not picked up.
 2015-09-10 17:06:45 +10:00
Ramana Kumar d88a931ec7 history squashed patch for aep-binding 2015-09-02 15:43:39 +10:00
Joel Beeren 3372cd32a8 SELFOUR-220: When calling handleWait, only delete the 
TCB's ReplyCap when actually waiting on a synchronous
endpoint.
 2015-07-23 14:45:17 +10:00
Thomas Sewell b5f796184a Repair spec/refine, I think. 2015-07-15 17:25:47 +10:00
Thomas Sewell e9180d5cb5 Repair refine/crefine for WCET annotations. 2015-07-14 14:23:29 +10:00
Thomas Sewell ca4391881c WIP on WCET annotations. 2015-07-14 14:23:29 +10:00
Gerwin Klein cfec9ea0db Merge branch 'master' into 2015 2015-05-28 11:45:13 +10:00
Joel Beeren 002cf370bb Updated proof with new fastpath changes removing setCurrentASID and armv_contextSwitch_fp 2015-05-28 11:30:22 +10:00
Gerwin Klein 12fa86863a fewer warnings 2015-05-16 19:52:49 +10:00
Gerwin Klein 0c67e0bfa1 2015 update for Refine 2015-05-12 17:17:31 +02:00
Gerwin Klein 7e7d39c24e enable XN in abstract spec; update AInvs and Refine 2014-11-28 08:58:57 +11:00
Gerwin Klein dfa9c09892 abstract Haskell init parameters into constants 2014-11-06 18:48:36 +11:00
David Greenaway cf0d1abce6 Merge 'master' into 'isabelle-2014'. 
Conflicts:
	proof/crefine/Fastpath_C.thy
	proof/drefine/KHeap_DR.thy
	proof/infoflow/Noninterference.thy
	spec/design/version
	sys-init/DuplicateCaps_SI.thy
	sys-init/InitTCB_SI.thy
	sys-init/Proof_SI.thy
	tools/asmrefine/SimplExport.thy
	tools/autocorres/tests/examples/SchorrWaite.thy
 2014-09-17 14:21:13 +10:00
Joel Beeren b3e2eb1f9d ioapic: finished up to InfoFlowC 2014-08-28 15:56:26 +10:00
Thomas Sewell 9b01fada15 Refine working. 2014-08-11 18:51:04 +10:00
Thomas Sewell fc6e57716a Proof updates, working as far as AInvs. 2014-08-11 14:50:56 +10:00
Gerwin Klein ded3a4a86f option_map_def -> map_option_case for 2014-RC0 2014-08-09 21:09:37 +10:00
Gerwin Klein 1af1d2b67b some of the global Isabelle2014 renames 
option_case -> case_option
sum_case -> case_sum
prod_case -> case_prod
Option.set -> set_option
Option.map -> map_option
option_rel -> rel_option
list_all2_def -> list_all2_iff
map.simps -> list.map
tl.simps -> list.sel(2-3)
the.simps -> option.sel
 2014-08-09 15:39:20 +10:00
David Greenaway 0fb7a8084d misc: Proofing and formatting of README.md files. 
Attempt to improve readability of the files when viewed as plain ASCII;
proof-read and fix minor issues.
 2014-07-28 13:15:48 +10:00
Toby Murray 93375ba96d Initial README.md files for proof/ 2014-07-24 13:31:57 +10:00
Gerwin Klein 154da63715 remove old levity and taint-mode comments 2014-07-22 18:10:28 +02:00
Gerwin Klein 50dda7708c comment cleanup 2014-07-22 18:10:20 +02:00
Gerwin Klein 9d9a325032 Updates for getpaddr system call (by Joel Beeren) 2014-07-18 17:21:34 +02:00
Gerwin Klein 84595f4233 release cleanup 2014-07-17 18:22:50 +02:00
Gerwin Klein 2a03e81df4 Import release snapshot. 2014-07-14 21:32:44 +02:00