adbrucker
/
lh-l4v
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5,347 Commits 7 Branches 0 Tags 86 MiB
Commit Graph

11 Commits

Author SHA1 Message Date
Corey Lewis 02116815be proof+autocorres: update for select_wp and alternative_wp 
Signed-off-by: Corey Lewis <corey.lewis@proofcraft.systems>
 2023-08-09 16:42:01 +10:00
Corey Lewis 2c8f9eeff1 lib+spec+proof+autocorres: consistent Nondet filename prefix 
Signed-off-by: Corey Lewis <corey.lewis@proofcraft.systems>
 2023-08-09 12:07:06 +10:00
Corey Lewis 7514d9ee69
arm access+infoflow: physBase abstraction 
The example valid state is changed to correctly use both the virtual
and physical address of the shared page, instead of just the virtual
address.

Signed-off-by: Corey Lewis <corey.lewis@proofcraft.systems>
 2023-03-29 11:05:26 +11:00
Rafal Kolanski d5fa6043cb proof: update (non-x64) for physBase-dependent defs 
Co-authored-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
Signed-off-by: Rafal Kolanski <rafal.kolanski@proofcraft.systems>
 2023-03-20 09:34:42 +11:00
Gerwin Klein 9c3a7faefd
lib+proofs: s/non_fail_/no_fail/ 
Some of the no_fail lemmas had he wrong name (non_fail instead of
no_fail).

Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
 2023-01-19 17:02:10 +11:00
Corey Lewis 59529d4522 infoflow: update for changed corres split rules 
Signed-off-by: Corey Lewis <corey.lewis@proofcraft.systems>
 2022-10-20 08:59:52 +11:00
Corey Lewis f4e9295424 proof: change simple corres_split_deprecated cases 
perl -0777 -pi -e 's/corres_split_deprecated *\[ *OF +_ +([^_].*)\)\n\s*prefer 2/corres_split[OF \1\)/g' **/*.thy
perl -0777 -pi -e 's/corres_split_deprecated *\[ *OF +_ +(?!_)/corres_split[OF /g' **/*.thy
perl -0777 -pi -e 's/corres_split_deprecated *\[ *OF +([^_]\w+) +([^_]\w+) +(.*)\)\n\s*prefer +2/corres_split[OF \2 \1 \3\)/g' **/*.thy
perl -0777 -pi -e 's/corres_split_deprecated *\[ *OF +([^_]\w+) +([^_]\w+)/corres_split[OF \2 \1/g' **/*.thy
perl -0777 -pi -e 's/corres_split_deprecated *(.*)\)\n\s*prefer +2/corres_split\1\)/g' **/*.thy

Signed-off-by: Corey Lewis <corey.lewis@proofcraft.systems>
 2022-10-20 08:59:52 +11:00
Gerwin Klein 8d6dbafbea isabelle2021-1: InfoFlowC 
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
 2022-03-29 08:38:25 +11:00
Gerwin Klein 24c0c5c390 spec+proof: use generated config constants 
This includes replacing previous ASpec names for such constants with
the names used in Haskell/ExecSpec to avoid duplication. This also
makes some of the proofs slightly more generic.

Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
 2021-12-23 14:54:13 +11:00
Rafal Kolanski 73911da72d infoflow refine: make proofs independent of number of domains 
The InfoFlow proof itself does not care about the number of domains, and
that assumption was removed in another commit.
The specific example in the information flow refinement requires two
domains (one "high" and one "low") to be of any interest. Since it
cannot be instantiated with only one domain, the example theorems in
Example_Valid_StateH now assume that `1 <= maxDomain`.

Signed-off-by: Rafal Kolanski <rafal.kolanski@proofcraft.systems>
 2021-12-22 23:50:22 +11:00
Ryan Barry 8124b326b4 infoflow+crefine: refine arch split 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-10-05 08:46:11 +11:00