adbrucker
/
lh-l4v
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,361 Commits 7 Branches 0 Tags 86 MiB
Commit Graph

39 Commits

Author SHA1 Message Date
Thomas Sewell dcd7fd8c17 SELFOUR-444: Refine proof with ghost invariant. 2016-11-02 11:19:09 +11:00
Thomas Sewell 74adb7a283 SELFOUR-444: Avoid unnecessary cache clears. 
Adjust both specs and propagate the changes.
 2016-11-02 11:19:09 +11:00
Thomas Sewell 411af12ee9 SELFOUR-444: Logic generalised; Access finished. 
Tweak AInvs proof for Untyped to be more reusable, finish integrity
proofs.
 2016-11-02 11:19:08 +11:00
Thomas Sewell d765a64b81 SELFOUR-444: Haskell implementation, begin refine. 
First attempt at a haskell implementation of preemptible retyping
and the refinement proof to abstract.
 2016-11-02 11:19:08 +11:00
Thomas Sewell 63888fa98d SELFOUR-444: AInvs proven for preemptible retype. 2016-11-02 11:19:08 +11:00
Xin,Gao 8d4a8eb238 SELFOUR-421: fix coding style 2016-09-22 19:23:28 +10:00
Xin,Gao 113315d9a6 SELFOUR-421: merge and fix up to ArmConfidentiality proof 2016-09-22 19:21:56 +10:00
Xin,Gao 252ce8df4c SELFOUR-421: infoflow and infoflow_c builds 2016-09-22 19:11:37 +10:00
Xin,Gao 328846ee1a SELFOUR-421: crefine builds 2016-09-22 19:11:37 +10:00
Xin,Gao c3be923ca0 SELFOUR-421: a defend version before wild changes 2016-09-22 19:11:36 +10:00
Joel Beeren 3c223b42fe SELFOUR-421: AInvs done, no added invariants yet 2016-09-22 19:11:29 +10:00
Matthew Brecknell 1013e959c1 arch_split: give some vspace concepts more generic names 
In particular rename "pd" to "vspace", when the pd represents
an address space.
 2016-08-03 14:46:48 +10:00
Miki Tanaka 820cf2d366 Arch-split: Untyped.thy done [VER-566] 2016-06-23 12:00:59 +10:00
Matthew Brecknell b9313f6d11 arch_split: invariants: tidied 2016-06-15 10:15:26 +10:00
Daniel Matichuk 9f62622532 arch_split: skeleton arch files for AInvs 2016-05-31 15:05:24 +10:00
Gerwin Klein d162d8d01f word_lib: normalise negative signed words as well. 2016-05-16 21:11:40 +10:00
Gerwin Klein 0ced46820b manual levity into Word_Lemmas 2016-05-16 21:11:40 +10:00
Gerwin Klein 322f1023f5 word_lib: adjust theory dependencies 2016-05-16 21:11:40 +10:00
Gerwin Klein 445efb7c29 lib: closure for Word_Lib and own session 2016-05-16 21:11:40 +10:00
Gerwin Klein f0faa90f8a lib/spec/proof/tools: fix word change fallout 2016-05-16 21:11:40 +10:00
Daniel Matichuk 9ceed1eb12 arch_split: fix proofs after removing shadow and unqualify commands and adding fix for crunch. Checks up to DPolicy. 2016-05-04 15:14:41 +10:00
Daniel Matichuk 1d20b393c0 arch_split: replaced sublocale with global_naming 2016-04-27 14:32:38 +10:00
Matthew Brecknell aa632d4822 arch_split: invariants: up to Schedule_AI 2016-04-13 13:21:11 +10:00
Daniel Matichuk 2de08b7ec1 arch_split: differentiate "context ARM begin" vs "context begin interpretation ARM ." 2016-04-08 15:05:09 +10:00
Daniel Matichuk 04362dba27 arch_split: some quick and dirty arch_splitting by selectively interpreting the ARM locale (with FIXMEs) 2016-04-07 17:05:14 +10:00
Matthew Brecknell 69d7b50dae arch_split: CSpaceInv_AI work-in-progress 2016-04-04 10:49:18 +10:00
Daniel Matichuk ca808130e6 repair ARM proofs up to Refine after factoring out architecture 2016-01-13 12:02:12 +11:00
Thomas Sewell 7c3a06a8d7 Minor adjustments caused by Strengthen changes. 2015-10-29 11:27:54 +11:00
Rafal Kolanski c1eb235105 Merge 'verification/master' into priority-bitmap 
Green build except for:
CParserTest (WTF Duplicate fact declaration "dc_20081211.dc_20081211.test_modifies")
AutoCorresSEL4 (waiting on result)

There is still a carefully managed sorry in Schedule_R, waiting on the C
parser FNSPEC+DONT_TRANSLATE fix.
 2015-10-21 06:19:20 +11:00
Rafal Kolanski 2a9d3022f2 priority-bitmap: Update abstract->Haskell refinement 
Added word_log2 and word_clz (inline for now, will migrate them out to
lib later).

Proved most important properties of word_log2 and some basic
count leading zeros properties (word_clz). The former were painful.

Thanks to Thomas, we have a nice tactic for dealing with complicated
obj_at' predicates in conclusion: normalise_obj_at'
 2015-10-20 23:40:44 +11:00
Ramana Kumar 0fb88ea01c Merge branch 'master' into aep-merge 
This commit should at least remove merge conflict markers, and the idea
is that at least refine, crefine, drefine, and infoflow (with sorrys)
build. Subsequent commits may be required to fix build issues that I
have not picked up.
 2015-09-10 17:06:45 +10:00
Ramana Kumar d88a931ec7 history squashed patch for aep-binding 2015-09-02 15:43:39 +10:00
Gerwin Klein 12fa86863a fewer warnings 2015-05-16 19:52:49 +10:00
Gerwin Klein 17826f9b49 more Isabelle2015 update; AInvs up to (excluding) Syscall_AI 
also includes some global replacements
 2015-04-18 21:51:26 +01:00
Gerwin Klein 7e7d39c24e enable XN in abstract spec; update AInvs and Refine 2014-11-28 08:58:57 +11:00
Thomas Sewell fc6e57716a Proof updates, working as far as AInvs. 2014-08-11 14:50:56 +10:00
Gerwin Klein 50dda7708c comment cleanup 2014-07-22 18:10:20 +02:00
Gerwin Klein 84595f4233 release cleanup 2014-07-17 18:22:50 +02:00
Gerwin Klein 2a03e81df4 Import release snapshot. 2014-07-14 21:32:44 +02:00