adbrucker
/
lh-l4v
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,361 Commits 7 Branches 0 Tags 86 MiB
Commit Graph

24 Commits

Author SHA1 Message Date
Matthew Brecknell a3714e8190 SELFOUR-276: Finish proofs for maximum controlled priority (MCP) 
To finish the proof of refinement to C, the specification for checkPrio
needed strengthening: the checkPrio spec now takes a machine word
argument. In the spec, priorities are still stored as 8-bit quantities,
however. Once the spec was strenthened, it was possible to remove some
redundant checks and mask operations from the C code.

A thread's maximum controlled priority (MCP) determines the maximum
thread priority or MCP it can assign to another thread (or itself).
 2016-10-05 02:43:41 +11:00
Sophie Taylor 20539620f9 SELFOUR-276: Add MCP to specs and invariants 
A thread's maximum controlled priority (MCP) determines the maximum
thread priority or MCP it can assign to another thread (or itself).
 2016-10-05 02:43:41 +11:00
Matthew Brecknell 6b93e4bc81 arch_split: invariants: split BCorres2_AI [VER-577] 2016-07-12 16:50:32 +10:00
Matthew Brecknell ae3644affc arch_split: invariants: split EmptyFail_AI [VER-576] 2016-07-10 11:33:02 +10:00
Gerwin Klein 91bd8aebb8 inv-abstract: fewer warnings 2016-05-16 21:11:40 +10:00
Daniel Matichuk 9ceed1eb12 arch_split: fix proofs after removing shadow and unqualify commands and adding fix for crunch. Checks up to DPolicy. 2016-05-04 15:14:41 +10:00
Daniel Matichuk 1d20b393c0 arch_split: replaced sublocale with global_naming 2016-04-27 14:32:38 +10:00
Matthew Brecknell fd8926d3a8 arch_split: invariants: slightly more selective interpretation up to AInvs 2016-04-20 08:36:22 +10:00
Daniel Matichuk 3f4c8cb188 arch_split: AInvs checking? 2016-04-19 14:27:21 +10:00
Matthew Brecknell 84d2889d45 Isabelle2016: merge master into 2016 2016-02-19 16:17:26 +11:00
Gao Xin bee4ba0052 l4v-sabre: fix refine 2016-02-17 11:18:02 +11:00
Matthew Brecknell c65e290a8b Isabelle2016: merge master into 2016 2016-02-16 12:52:24 +11:00
Joel Beeren 1d0366ac5e msi: Restructure IOAPIC, MSI interrupts for x86, fix up ARM proofs for new API 2016-02-02 15:57:28 +11:00
Daniel Matichuk c282969c54 Merge remote-tracking branch 'verification/master' into arch_split 2016-01-21 10:22:48 +11:00
Miki Tanaka b7376a56e2 Isabelle 2016 update: minor fixes 2016-01-15 16:03:30 +11:00
Joel Beeren efb4c61816 archirq: Remove redundant invocation, renamed 
arch_decode_interrupt_control.
 2016-01-14 17:50:33 +11:00
Daniel Matichuk ca808130e6 repair ARM proofs up to Refine after factoring out architecture 2016-01-13 12:02:12 +11:00
Joel Beeren 457a55a831 add arch_tcb object to C, rename aep -> ntfn 2015-11-20 16:02:13 +11:00
Ramana Kumar 0fb88ea01c Merge branch 'master' into aep-merge 
This commit should at least remove merge conflict markers, and the idea
is that at least refine, crefine, drefine, and infoflow (with sorrys)
build. Subsequent commits may be required to fix build issues that I
have not picked up.
 2015-09-10 17:06:45 +10:00
Ramana Kumar d88a931ec7 history squashed patch for aep-binding 2015-09-02 15:43:39 +10:00
Joel Beeren 002cf370bb Updated proof with new fastpath changes removing setCurrentASID and armv_contextSwitch_fp 2015-05-28 11:30:22 +10:00
Joel Beeren b3e2eb1f9d ioapic: finished up to InfoFlowC 2014-08-28 15:56:26 +10:00
Gerwin Klein 9d9a325032 Updates for getpaddr system call (by Joel Beeren) 2014-07-18 17:21:34 +02:00
Gerwin Klein 2a03e81df4 Import release snapshot. 2014-07-14 21:32:44 +02:00