Adds a 'debug' configuration type to the main ProveSimplToGraphGoals
functions. Configuration lets the user control which functions will be
tested, and logs which functions fail testing.
Adds a 'single step' debug tactic for use in TestGraphRefine, and
demonstrates a few useful initial ML tactic for e.g. narrowing down
which subgoals are failing, and how to inspect a successful subgoal.
unat_ucast_8_64 states that upcasting an 8 word to a 64 word does not
changes its value. We have a generic lemma for this which can be
specialised to this lemma: unat_ucast_up_simp[where 'a=8 and 'b=64,
simplified].
The main one is that crunch now uses wpsimp when determining whether a goal
can already be solved, instead of just wp. Crunch can also now use wps
when proving a goal and will now always ignore a constant if told to, even
if it is the top-level constant being crunched.
The main visible change is from wp_trace', 'wp_once' and 'wp_once_trace' to
'wp (trace)', 'wp (once)' and 'wp (once, trace)'. The option for printing a
warning for unused supplied wp rules has also been removed.
Prior to this commit the kernel would always trigger a full reschedule
on setPriority. This change allows the kernel to attempt a direct
switch, avoiding invoking the scheduler.
Each CAmkES assembly gets an extra field `policy_extra` to specify
extra policy edges. These are added to the default policy graph from
`policy_of`.
This feature is intended to support endpoint merging in the
`global-endpoint` CAmkES template, which could add communication
edges that were not present in the ADL.
The new field `group_labels` specifies a mapping from ADL component
names to integrity policy labels. This will be used to support the
`group` keyword in CAmkES that allows components to share an address
space. See Jira VER-1109.
When extracting files for C parser and AutoCorres standalone releases,
we don't want Isabelle to fail a build when files referred to in
`@{file}` antiquotations no longer exist. Using `@{path}` avoids this
problem.
The CAmkES toolchain allows some interfaces to be declared optional.
We add such a flag to the ADL datatype and remove the requirement for
such interfaces to be connected.
This allows connectors to also grant access rights between the
from-ends themselves (and similarly the to-ends).
It was previously thought that production CAmkES systems would not
need these rights. However, some connectors (e.g. VirtQueue) don't
follow the standard ADL semantics and we need these rights to
express their behaviour. Limitations of the Access model also cause
`policy_wellformed` systems to have more rights than necessary; see
Jira VER-1108.
Edward Pierzchalski
Victor Phan
Corey Lewis
MiladKetabi
Japheth Lim
Gerwin Klein