ba03caf644
SELFOUR-421: commit before change abstract again
2016-09-22 19:11:37 +10:00
7784e80940
SELFOUR-421: fix refine
2016-09-22 19:11:36 +10:00
c3be923ca0
SELFOUR-421: a defend version before wild changes
2016-09-22 19:11:36 +10:00
765d8aa88e
SELFOUR-421: fixed Refine after merge with master
2016-09-22 19:11:36 +10:00
9617e22ce6
SELFOUR-421: random uncommitted stuff before merge
2016-09-22 19:11:36 +10:00
df877769fc
SELFOUR-421: refine done
2016-09-22 19:11:36 +10:00
3c223b42fe
SELFOUR-421: AInvs done, no added invariants yet
2016-09-22 19:11:29 +10:00
6f6c58168c
SELFOUR-56: Remove diminish rights from IPC
2016-02-24 13:24:10 +11:00
4f7ac1a975
trivial: remove some comments and debug trace
2016-02-22 10:55:21 +11:00
84d2889d45
Isabelle2016: merge master into 2016
2016-02-19 16:17:26 +11:00
1aed16085f
l4v-sabre: move a few word lemmas to WordLemmaBucket and fix styles of some proofs
2016-02-17 11:18:03 +11:00
0d260252ff
l4v-sabre: rebase and fix proofs to infoflow
2016-02-17 11:18:02 +11:00
bc73b112bd
l4v-sabre: change type of irq to be 10 word
2016-02-17 11:18:02 +11:00
50fa257113
rebase and fix problems caused by new machine constants
2016-02-17 11:18:02 +11:00
c45f88745c
l4v-sabre: minor fix on dmo_ackInterrupt and foldME
2016-02-17 11:18:02 +11:00
bee4ba0052
l4v-sabre: fix refine
2016-02-17 11:18:02 +11:00
c65e290a8b
Isabelle2016: merge master into 2016
2016-02-16 12:52:24 +11:00
1d0366ac5e
msi: Restructure IOAPIC, MSI interrupts for x86, fix up ARM proofs for new API
2016-02-02 15:57:28 +11:00
d11f24a3a1
Refine finished for RC1
2016-01-23 22:51:48 +11:00
674d476d83
option name changed from RC0
2016-01-23 00:34:41 +11:00
b43f41abfd
A few more changes.
...
inj_on_image_set_diff: resolved the injection map lemma application issue in CSpace1_R.thy, CSpace_R.thy
Pair_fst_snd_eq chaged to prod_eq_iff in TcbAcc_R.thy, Schedule_R.thy, Retype_R.thy
TrueI removed in Schedule_R.thy
not_leE changed to not_le_imp_less in Retype_R.thy
2016-01-22 15:10:42 +11:00
83574af10e
Invariants_H.thy: inductive definition needs explicit declaration to make xxx_def available
...
CSpace_I.thy: locale qualifier default changed
2016-01-22 15:10:42 +11:00
c282969c54
Merge remote-tracking branch 'verification/master' into arch_split
2016-01-21 10:22:48 +11:00
a34de66b9f
arch_split: fix crefine up to Interrupt_C
2016-01-20 14:42:36 +11:00
a8b7ee4ffe
repairing refine (simplified attribute now solves True)
2016-01-18 16:09:30 +11:00
b7376a56e2
Isabelle 2016 update: minor fixes
2016-01-15 16:03:30 +11:00
efb4c61816
archirq: Remove redundant invocation, renamed
...
arch_decode_interrupt_control.
2016-01-14 17:50:33 +11:00
ca808130e6
repair ARM proofs up to Refine after factoring out architecture
2016-01-13 12:02:12 +11:00
043a69c81b
Fix Orphanage from array changes, refactor.
...
Some generalisation is done in finaliseSlot_invs'' to avoid
duplicating it in Orphanage and PageTableDuplicates.
Finally cleanup in haskell translation.
2015-12-02 09:15:32 +11:00
860f8f2225
Fixes for merge/rebase with mainline.
2015-12-02 09:15:26 +11:00
375b526b0c
Finally done with array assertions.
2015-12-02 09:08:27 +11:00
7e40646c48
Proof up to Fastpath_C.
...
The very last twist of this: the proof that resolveAddressBits can
be seen as functional needs to change, a lot, because it's now
sensitive to gsCNodes. Still working on that.
2015-12-02 09:07:49 +11:00
4fd43512bb
WIP on handling array assertions. Up to Retype_C.
...
This is quite a lot of work in the end. I've had to gut most of
Retype_C along the way. Nearly done there.
2015-12-02 09:06:06 +11:00
7bc4236077
remove accidentally committed file
2015-11-25 09:54:30 +13:00
ac632c5aaa
Wait -> Recv: update proofs
2015-11-20 16:02:14 +11:00
457a55a831
add arch_tcb object to C, rename aep -> ntfn
2015-11-20 16:02:13 +11:00
7c3a06a8d7
Minor adjustments caused by Strengthen changes.
2015-10-29 11:27:54 +11:00
d51402a5a2
Merge remote-tracking branch 'verification/master' into priority-bitmap
...
(seL4_NBWait)
2015-10-21 16:23:01 +11:00
e403eb8f0a
poll: added non blocking sync wait
2015-10-21 14:24:49 +11:00
d6f7579be7
poll: Added new syscall for polling async endpoints (non-blocking wait)
2015-10-21 14:24:49 +11:00
6f8cdae201
priority-bitmap: clean up Refine (i.e. "FIXME RAF")
2015-10-21 13:38:29 +11:00
c1eb235105
Merge 'verification/master' into priority-bitmap
...
Green build except for:
CParserTest (WTF Duplicate fact declaration "dc_20081211.dc_20081211.test_modifies")
AutoCorresSEL4 (waiting on result)
There is still a carefully managed sorry in Schedule_R, waiting on the C
parser FNSPEC+DONT_TRANSLATE fix.
2015-10-21 06:19:20 +11:00
930a2ff179
priority-bitmap: Update Haskell->C refinement
...
(modulo clz_spec locale problem)
2015-10-20 23:52:07 +11:00
7860bd4351
priority-bitmap: move word_log2/clz to WordLemmaBucket
...
Resolves some FIXMEs in Schedule_R.
2015-10-20 23:50:37 +11:00
2a9d3022f2
priority-bitmap: Update abstract->Haskell refinement
...
Added word_log2 and word_clz (inline for now, will migrate them out to
lib later).
Proved most important properties of word_log2 and some basic
count leading zeros properties (word_clz). The former were painful.
Thanks to Thomas, we have a nice tactic for dealing with complicated
obj_at' predicates in conclusion: normalise_obj_at'
2015-10-20 23:40:44 +11:00
038891ac7b
aep-binding: more cleanup
2015-10-07 14:57:55 +11:00
f117c99903
aep-binding: updated AInvs, Access, Refine for new decodeBindAEP
2015-09-15 16:31:14 +10:00
0fb88ea01c
Merge branch 'master' into aep-merge
...
This commit should at least remove merge conflict markers, and the idea
is that at least refine, crefine, drefine, and infoflow (with sorrys)
build. Subsequent commits may be required to fix build issues that I
have not picked up.
2015-09-10 17:06:45 +10:00
d88a931ec7
history squashed patch for aep-binding
2015-09-02 15:43:39 +10:00
3372cd32a8
SELFOUR-220: When calling handleWait, only delete the
...
TCB's ReplyCap when actually waiting on a synchronous
endpoint.
2015-07-23 14:45:17 +10:00
Xin,Gao
Joel Beeren
Miki Tanaka
Matthew Brecknell
Daniel Matichuk
Thomas Sewell
Gerwin Klein
Rafal Kolanski
Ramana Kumar