adbrucker
/
lh-l4v
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,398 Commits 7 Branches 0 Tags 86 MiB
Commit Graph

1398 Commits

Author SHA1 Message Date
Joel Beeren b07d971a08 x64: machine: move word_size_bits definition to MachineTypes. 
Furthermore, create generic library of word lemmas that require
the Arch context to prove, but can be proven with the same proof in
all architectures. These lemmas can then be used safely in generic
theory files. This library is in spec/machine/WordExports.thy
 2016-11-25 15:30:36 +11:00
Joel Beeren 4337e32483 l4v: add jEdit autosave files to .gitignore 2016-11-25 14:58:46 +11:00
Joel Beeren 8fd44d5f0a Word_Lib: Add Suc_unat_mask_div to Word_Lemmas_64 2016-11-25 14:39:17 +11:00
Matthew Brecknell d659794237 update references to word32_plus_mono_right_split 
This is now called machine_word_plus_mono_right_split, since it now
works at the current architecture's machine word size.
 2016-11-24 16:46:19 +11:00
Joel Beeren a66a77ba2c generic-ainvs: remove references to word32 in Retype_AI 2016-11-23 18:22:11 +11:00
Matthew Brecknell cdb313c02d x64: fix sorry proofs in ArchAcc_AI 2016-11-18 15:59:30 +11:00
Matthew Brecknell c94b1dd0ec Word_Lib: lemmas about high bits w.r.t. mask operations 2016-11-18 15:39:26 +11:00
Matthew Brecknell 0f98cbb1b4 x64: refactor some vspace-related word proofs 2016-11-18 14:23:53 +11:00
Matthew Brecknell 82e6aa8131 x64: prove ArchCSpaceInvPre_AI set_cap_valid_arch_caps 2016-11-18 14:23:52 +11:00
Matthew Brecknell 01c4c56347 x64: remove resolved FIXME for valid_global_objs 2016-11-18 14:23:52 +11:00
Joel Beeren 390364f49d x64: progress in ArchVSpace_AI. 
Also contains proofs about new, defined machine functions
 2016-10-26 16:43:20 +11:00
Joel Beeren 1a6e362598 x64: added more machine definitions 2016-10-26 16:42:50 +11:00
Joel Beeren 3d6cef279d x64: progress in ArchVSpace_AI 2016-10-19 10:53:16 +11:00
Joel Beeren b8048726a6 X64: added dummy VMPML4E to vm_page_entry. 
needs to be reviewed
 2016-10-19 10:52:46 +11:00
Joel Beeren dc3cf6b9b8 x64: s/ARM/X64/g on invariant proofs, progress in ArchVSpace_AI 2016-10-14 16:46:13 +11:00
Joel Beeren 0b4372e98b x64: Removed unnecessary ASID from PageMap invocation 2016-10-14 16:44:42 +11:00
Joel Beeren 3ff1029376 c-parser: Added X64 CParserTest to regression 2016-10-11 14:08:55 +11:00
Joel Beeren 33262e9bef c-parser: fixed testfiles to support multiple architectures 2016-10-11 12:20:04 +11:00
Joel Beeren 0dbaf71636 c-parser: Adjusted X64 TargetNumbers file for experimentation. 2016-10-10 15:16:56 +11:00
Matthew Brecknell 991dd30173 x64: port device-untyped from ARM 2016-10-10 13:26:40 +11:00
Matthew Brecknell aafe4b92ce x64: port MCP from ARM 2016-10-10 13:24:08 +11:00
Matthew Brecknell de9fda8c72 x64: port crunch inprovements from ARM 2016-10-10 13:23:38 +11:00
Matthew Brecknell 256e241770 merge master into x64 2016-10-06 19:57:55 +11:00
Matthew Brecknell 7989fa4ff1 x64: more progress in ArchVSpace_AI 2016-10-05 18:04:47 +11:00
Thomas Sewell 4b7965505f Fixes to WPC for multiple resolution. 
WPC was written somewhat conservatively to raise exceptions if
something surprising happens. One surprising thing is multiple
higher-order resolution candidates, caused by such things as
a previous precondition of the form "?P x y None None". This isn't
really a problem, so a slight tweak should suppress the exception.
 2016-10-05 12:11:43 +11:00
Joel Beeren 77694437bb x64: progress in ArchVSpace_AI 2016-10-05 12:04:22 +11:00
Joel Beeren 1edc9ced5f x64: commented out some IOSpace stuff, added machine op definitions. 2016-10-05 12:02:46 +11:00
Matthew Brecknell a3714e8190 SELFOUR-276: Finish proofs for maximum controlled priority (MCP) 
To finish the proof of refinement to C, the specification for checkPrio
needed strengthening: the checkPrio spec now takes a machine word
argument. In the spec, priorities are still stored as 8-bit quantities,
however. Once the spec was strenthened, it was possible to remove some
redundant checks and mask operations from the C code.

A thread's maximum controlled priority (MCP) determines the maximum
thread priority or MCP it can assign to another thread (or itself).
 2016-10-05 02:43:41 +11:00
Joel Beeren b352769016 SELFOUR-276: Prove refinement to Haskell for MCP 
Also includes fixes to specs and invariants, and initial progress
towards C refinement.

A thread's maximum controlled priority (MCP) determines the maximum
thread priority or MCP it can assign to another thread (or itself).
 2016-10-05 02:43:41 +11:00
Sophie Taylor 20539620f9 SELFOUR-276: Add MCP to specs and invariants 
A thread's maximum controlled priority (MCP) determines the maximum
thread priority or MCP it can assign to another thread (or itself).
 2016-10-05 02:43:41 +11:00
Matthew Brecknell 31f47e477e clib: ccorres_rewrite rules for trivial guards and conditionals 2016-10-05 02:43:41 +11:00
Matthew Brecknell 92148ce8e7 Word_Lib: lemmas comparing different word sizes 2016-10-05 02:43:41 +11:00
Matthew Brecknell 569cd2822e thydeps: support Perl version 5.24 
Perl version 5.24 no longer allows use of $_ as a lexical variable.
 2016-10-04 12:04:36 +11:00
Xin Gao 00f64879de Merge pull request #110 in SEL4/l4v from SELFOUR-421-rebased to master 
* commit '8d4a8eb238090999b4b41f588d5fa63453d58ae8':
  SELFOUR-421: fix coding style
  SELFOUR-421: fix drefine
  SELFOUR-421: add device bit in UntypedCap and FrameCap in capdl
  SELFOUR-421: infoflow and infoflow_c builds
  SELFOUR-421: crefine builds
  SELFOUR-421: commit before change abstract again
  SELFOUR-421: fix refine
  SELFOUR-421: a defend version before wild changes
  SELFOUR-421: new haskell spec after UserDataDevice changes
  SELFOUR-421: broken crefine after conversation with gerwin
  SELFOUR-421: up to VSpace_C done
  SELFOUR-421: temp work in CSpace_C
  SELFOUR-421: fixed Refine after merge with master
  SELFOUR-421: retranslate haskell after merge with master
  SELFOUR-421: random uncommitted stuff before merge
  SELFOUR-421: retranslate haskell for fixed range check
  SELFOUR-421: refine done
  SELFOUR-421: added check to decoding asid control invocations and stole an asid bit from the high bits not the low ones
  SELFOUR-421: AInvs done, no added invariants yet
  SELFOUR-421: first attempt at abstract spec
 2016-09-23 04:17:09 +00:00
Xin,Gao 8d4a8eb238 SELFOUR-421: fix coding style 2016-09-22 19:23:28 +10:00
Xin,Gao 8f3a4dee31 SELFOUR-421: merge with master, fix wholesystem proofs 2016-09-22 19:23:19 +10:00
Xin,Gao 113315d9a6 SELFOUR-421: merge and fix up to ArmConfidentiality proof 2016-09-22 19:21:56 +10:00
Xin,Gao 56dff5a787 SELFOUR-421: fix drefine 2016-09-22 19:11:37 +10:00
Xin,Gao e00e4c4e64 SELFOUR-421: add device bit in UntypedCap and FrameCap in capdl 2016-09-22 19:11:37 +10:00
Xin,Gao 252ce8df4c SELFOUR-421: infoflow and infoflow_c builds 2016-09-22 19:11:37 +10:00
Xin,Gao 328846ee1a SELFOUR-421: crefine builds 2016-09-22 19:11:37 +10:00
Xin,Gao ba03caf644 SELFOUR-421: commit before change abstract again 2016-09-22 19:11:37 +10:00
Xin,Gao 7784e80940 SELFOUR-421: fix refine 2016-09-22 19:11:36 +10:00
Xin,Gao c3be923ca0 SELFOUR-421: a defend version before wild changes 2016-09-22 19:11:36 +10:00
Joel Beeren ec57875566 SELFOUR-421: new haskell spec after UserDataDevice changes 2016-09-22 19:11:36 +10:00
Joel Beeren 99a4c5380c SELFOUR-421: broken crefine after conversation with gerwin 2016-09-22 19:11:36 +10:00
Joel Beeren 5cac23733b SELFOUR-421: up to VSpace_C done 2016-09-22 19:11:36 +10:00
Joel Beeren 1ef5bdf681 SELFOUR-421: temp work in CSpace_C 2016-09-22 19:11:36 +10:00
Joel Beeren 765d8aa88e SELFOUR-421: fixed Refine after merge with master 2016-09-22 19:11:36 +10:00
Joel Beeren 78bd770240 SELFOUR-421: retranslate haskell after merge with master 2016-09-22 19:11:36 +10:00