At version 4.1.0, the Python psutil package changed the way it reports
CPU times for processes. This commit ensures that regression tests are
compatible with both old and new psutil APIs.
Adding optional tracing makes the bug clear; the subgoals of the
rules are attacked in the opposite order, so congruence-style rules
which introduce extra assumptions would have the (schematic)
assumptions unified out of order. Fixed.
WPC was written somewhat conservatively to raise exceptions if
something surprising happens. One surprising thing is multiple
higher-order resolution candidates, caused by such things as
a previous precondition of the form "?P x y None None". This isn't
really a problem, so a slight tweak should suppress the exception.
To finish the proof of refinement to C, the specification for checkPrio
needed strengthening: the checkPrio spec now takes a machine word
argument. In the spec, priorities are still stored as 8-bit quantities,
however. Once the spec was strenthened, it was possible to remove some
redundant checks and mask operations from the C code.
A thread's maximum controlled priority (MCP) determines the maximum
thread priority or MCP it can assign to another thread (or itself).
Also includes fixes to specs and invariants, and initial progress
towards C refinement.
A thread's maximum controlled priority (MCP) determines the maximum
thread priority or MCP it can assign to another thread (or itself).
* commit '8d4a8eb238090999b4b41f588d5fa63453d58ae8':
SELFOUR-421: fix coding style
SELFOUR-421: fix drefine
SELFOUR-421: add device bit in UntypedCap and FrameCap in capdl
SELFOUR-421: infoflow and infoflow_c builds
SELFOUR-421: crefine builds
SELFOUR-421: commit before change abstract again
SELFOUR-421: fix refine
SELFOUR-421: a defend version before wild changes
SELFOUR-421: new haskell spec after UserDataDevice changes
SELFOUR-421: broken crefine after conversation with gerwin
SELFOUR-421: up to VSpace_C done
SELFOUR-421: temp work in CSpace_C
SELFOUR-421: fixed Refine after merge with master
SELFOUR-421: retranslate haskell after merge with master
SELFOUR-421: random uncommitted stuff before merge
SELFOUR-421: retranslate haskell for fixed range check
SELFOUR-421: refine done
SELFOUR-421: added check to decoding asid control invocations and stole an asid bit from the high bits not the low ones
SELFOUR-421: AInvs done, no added invariants yet
SELFOUR-421: first attempt at abstract spec
This is a know issue that was naively solved using `infixl ">>_"`
which effectively does nothing since "_" has an special meaning.
`infixl ">>'_"` was introduced to fix the issue. has a special meaning
tags: [VER-520]
Architecture names follow L4V_ARCH-style naming conventions ('ARM', 'FAKE64').
However, the standalone parser does not make use of the L4V_ARCH environment
variable.
The standalone-parser Makefile builds all architectures at once, producing
binaries at 'ARM/c-parser', 'FAKE64/c-parser', and similarly for the tokenizer.
There are also wrapper scripts 'c-parser' and 'tokenizer' in the
standalone-parser directory, which take an architecture on the command line.
The make_munge.sh script calls the appropriate binary parser directly.
This is apparently valid C:
enum {
One,
Two = One + 1,
};
It's easy to support this by using the partially modified enum
environment in evaluation of the following right hand sides.
The run_tests.py script already searches the directory for all
test.xml files. It will now also note any files named extra_tests,
and also search any directories which appear as lines of those
files.
(Following symlinks would been more obvious but create other issues.)
A skeleton line of the form
\#INCLUDE_SETTINGS keep_constructor=asidpool
now ensures that the asidpool type constructor is actually created in
subsequent #INCLUDE_HASKELL declarations. It turns out this feature was already
available, and already used for asidpools, this change just makes it externally
adjustable.
Substantial adjustments to crunch. Main user changes are:
- 'lift' and 'unfold' mechanisms replaced by more general 'rule'.
- some more 'ignores' standardised.
- crunch has a more principled overall design:
+ discover crunch rule
* provided or by definition extraction
+ recurse according to rule
+ prove goal based on rule, recursive discoveries, standard tactic
* wp/simp adjustments tweak tactic
It is sometimes desirable to overwrite the default set of tests that are
being run in a per execution basis (ex: to allow wrapper scripts to have
a custom default) RUN_TESTS_DEFAULT is an space separated list of tests
that will be run if no specific tests are given.
tags: [NO_PROOF]
Rafal Kolanski
Matthew Brecknell
Thomas Sewell
Joel Beeren
Sophie Taylor
Xin Gao
Gerwin Klein
Michael Norrish
Alejandro Gomez-Londono