Thomas Sewell
63888fa98d
SELFOUR-444: AInvs proven for preemptible retype.
2016-11-02 11:19:08 +11:00
Xin,Gao
8d4a8eb238
SELFOUR-421: fix coding style
2016-09-22 19:23:28 +10:00
Xin,Gao
113315d9a6
SELFOUR-421: merge and fix up to ArmConfidentiality proof
2016-09-22 19:21:56 +10:00
Xin,Gao
252ce8df4c
SELFOUR-421: infoflow and infoflow_c builds
2016-09-22 19:11:37 +10:00
Xin,Gao
328846ee1a
SELFOUR-421: crefine builds
2016-09-22 19:11:37 +10:00
Xin,Gao
7784e80940
SELFOUR-421: fix refine
2016-09-22 19:11:36 +10:00
Joel Beeren
3c223b42fe
SELFOUR-421: AInvs done, no added invariants yet
2016-09-22 19:11:29 +10:00
Matthew Brecknell
6ef4c2d60f
arch_split: invariants: split InterruptAcc_AI [VER-606]
2016-07-09 11:04:22 +10:00
Alejandro Gomez-Londono
3d7660613a
arch_split: Finalise_AI [VER-568]
2016-06-26 15:26:50 +10:00
Daniel Matichuk
9f62622532
arch_split: skeleton arch files for AInvs
2016-05-31 15:05:24 +10:00
Japheth Lim
26a7907c95
Merge pull request #43 in SEL4/l4v from ~JALIM/l4v:autocorres-seL4 to master
...
* commit 'ecbb860532b4c576fc4726a805802f16bcf5302c': (29 commits)
autocorres-crefine: specialise corres_no_failI for compatibility with Refine
Add license tags for autocorres-crefine files
crefine: refactor AutoCorresTest a bit
autocorres-crefine: remove local debugging imports
Fix InfoFlowC to accommodate corres_underlying changes.
Fix DRefine to accommodate corres_underlying changes.
autocorres-crefine: experiment with manually translating a function (clzl).
autocorres-crefine: experiment with translating bitfield_gen specs.
autocorres-crefine: start a test case for function calls.
autocorres-crefine: update example proofs to work with no_c_termination, which does not require proving termination for the C spec.
autocorres: add user option "no_c_termination" for previous patch.
Making termination proof optional for AutoCorres.
WIP: autocorres: hacky proof of concept for incremental translation.
autocorres: add some missing WordAbstract rules.
autocorres-crefine: fix some comments in work theory.
autocorres-crefine: prove modifies and (simple) terminates specs.
autocorres-crefine: experiment with generating modifies proofs
autocorres-crefine: run autocorres in kernel_all_substitute locale
autocorres-crefine: update another corres_UL that snuck in before rebasing.
autocorres-crefine: working ccorres for handleYield (modulo some white lies).
...
2016-05-19 01:19:58 +00:00
Gerwin Klein
322f1023f5
word_lib: adjust theory dependencies
2016-05-16 21:11:40 +10:00
Japheth Lim
0f0f731ab7
Merge branch 'master' of ssh://bitbucket.keg.ertos.in.nicta.com.au:7999/SEL4/l4v into autocorres-seL4
...
This is to prepare for merging back into master.
Conflicts:
proof/crefine/Refine_C.thy
2016-05-11 15:08:22 +10:00
Daniel Matichuk
9ceed1eb12
arch_split: fix proofs after removing shadow and unqualify commands and adding fix for crunch. Checks up to DPolicy.
2016-05-04 15:14:41 +10:00
Daniel Matichuk
1d20b393c0
arch_split: replaced sublocale with global_naming
2016-04-27 14:32:38 +10:00
Matthew Brecknell
286c592a8e
arch_split: invariants: checking up to Arch_AI
2016-04-17 16:59:54 +10:00
Matthew Brecknell
4e6369f86d
arch_split: invariants: Finalise_AI checking
2016-04-15 15:11:32 +10:00
Matthew Brecknell
d683425e0d
arch_split: invariants: fixup CSpaceInv_AI, working on Finalise_AI
2016-04-14 19:01:20 +10:00
Daniel Matichuk
04362dba27
arch_split: some quick and dirty arch_splitting by selectively interpreting the ARM locale (with FIXMEs)
2016-04-07 17:05:14 +10:00
Japheth Lim
bb83b53b15
Merge branch 'master' into autocorres-seL4
...
This updates autocorres-seL4 to Isabelle2016.
Conflicts:
proof/crefine/Refine_C.thy
2016-03-29 14:07:54 +11:00
Matthew Brecknell
84d2889d45
Isabelle2016: merge master into 2016
2016-02-19 16:17:26 +11:00
Gao Xin
50fa257113
rebase and fix problems caused by new machine constants
2016-02-17 11:18:02 +11:00
Matthew Brecknell
c65e290a8b
Isabelle2016: merge master into 2016
2016-02-16 12:52:24 +11:00
Japheth Lim
1b14082291
autocorres-crefine: add pre-no-fail flag to corres. Updated AI+Refine.
2016-01-22 15:08:14 +11:00
Miki Tanaka
b7376a56e2
Isabelle 2016 update: minor fixes
2016-01-15 16:03:30 +11:00
Daniel Matichuk
ca808130e6
repair ARM proofs up to Refine after factoring out architecture
2016-01-13 12:02:12 +11:00
Daniel Matichuk
3be2eaa7b0
repairing AInvs: checks up to the middle of VSpace_AI
2016-01-12 18:10:36 +11:00
Joel Beeren
457a55a831
add arch_tcb object to C, rename aep -> ntfn
2015-11-20 16:02:13 +11:00
Thomas Sewell
bdd8819f50
More minor adjustments.
2015-10-30 12:22:55 +11:00
Thomas Sewell
7c3a06a8d7
Minor adjustments caused by Strengthen changes.
2015-10-29 11:27:54 +11:00
Ramana Kumar
0fb88ea01c
Merge branch 'master' into aep-merge
...
This commit should at least remove merge conflict markers, and the idea
is that at least refine, crefine, drefine, and infoflow (with sorrys)
build. Subsequent commits may be required to fix build issues that I
have not picked up.
2015-09-10 17:06:45 +10:00
Ramana Kumar
d88a931ec7
history squashed patch for aep-binding
2015-09-02 15:43:39 +10:00
Gerwin Klein
cfec9ea0db
Merge branch 'master' into 2015
2015-05-28 11:45:13 +10:00
Joel Beeren
002cf370bb
Updated proof with new fastpath changes removing setCurrentASID and armv_contextSwitch_fp
2015-05-28 11:30:22 +10:00
Gerwin Klein
a6f1ab41f8
ainvs: some more cleanup
2015-05-16 21:48:24 +10:00
Gerwin Klein
12fa86863a
fewer warnings
2015-05-16 19:52:49 +10:00
Gerwin Klein
17826f9b49
more Isabelle2015 update; AInvs up to (excluding) Syscall_AI
...
also includes some global replacements
2015-04-18 21:51:26 +01:00
Gerwin Klein
7e7d39c24e
enable XN in abstract spec; update AInvs and Refine
2014-11-28 08:58:57 +11:00
Thomas Sewell
fc6e57716a
Proof updates, working as far as AInvs.
2014-08-11 14:50:56 +10:00
Gerwin Klein
1af1d2b67b
some of the global Isabelle2014 renames
...
option_case -> case_option
sum_case -> case_sum
prod_case -> case_prod
Option.set -> set_option
Option.map -> map_option
option_rel -> rel_option
list_all2_def -> list_all2_iff
map.simps -> list.map
tl.simps -> list.sel(2-3)
the.simps -> option.sel
2014-08-09 15:39:20 +10:00
Gerwin Klein
154da63715
remove old levity and taint-mode comments
2014-07-22 18:10:28 +02:00
Gerwin Klein
50dda7708c
comment cleanup
2014-07-22 18:10:20 +02:00
Gerwin Klein
84595f4233
release cleanup
2014-07-17 18:22:50 +02:00
Gerwin Klein
2a03e81df4
Import release snapshot.
2014-07-14 21:32:44 +02:00