adbrucker/lh-l4v
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
297fbebfef
lh-l4v/proof/invariant-abstract
History
Gerwin Klein a6f1ab41f8 ainvs: some more cleanup
2015-05-16 21:48:24 +10:00
..
ADT_AI.thy more Isabelle2015 update; AInvs up to (excluding) Syscall_AI 2015-04-18 21:51:26 +01:00
AInvs.thy Isabelle2015 update: AInvs 2015-04-19 10:25:21 +01:00
Arch_AI.thy fewer warnings 2015-05-16 19:52:49 +10:00
ArchAcc_AI.thy more Isabelle2015 update; AInvs up to (excluding) Syscall_AI 2015-04-18 21:51:26 +01:00
BCorres2_AI.thy Proof updates, working as far as AInvs. 2014-08-11 14:50:56 +10:00
BCorres_AI.thy Import release snapshot. 2014-07-14 21:32:44 +02:00
Bits_AI.thy Import release snapshot. 2014-07-14 21:32:44 +02:00
CNodeInv_AI.thy fewer warnings 2015-05-16 19:52:49 +10:00
CSpace_AI.thy fewer warnings 2015-05-16 19:52:49 +10:00
CSpaceInv_AI.thy fewer warnings 2015-05-16 19:52:49 +10:00
Deterministic_AI.thy Isabelle2015 update: AInvs 2015-04-19 10:25:21 +01:00
DetSchedAux_AI.thy Import release snapshot. 2014-07-14 21:32:44 +02:00
DetSchedInvs_AI.thy Refine working. 2014-08-11 18:51:04 +10:00
DetSchedSchedule_AI.thy Isabelle2015 update: AInvs 2015-04-19 10:25:21 +01:00
Detype_AI.thy more Isabelle2015 update; AInvs up to (excluding) Syscall_AI 2015-04-18 21:51:26 +01:00
EmptyFail_AI.thy ioapic: finished up to InfoFlowC 2014-08-28 15:56:26 +10:00
Finalise_AI.thy ainvs: some more cleanup 2015-05-16 21:48:24 +10:00
Include_AI.thy Import release snapshot. 2014-07-14 21:32:44 +02:00
Interrupt_AI.thy more Isabelle2015 update; AInvs up to (excluding) Syscall_AI 2015-04-18 21:51:26 +01:00
InterruptAcc_AI.thy enable XN in abstract spec; update AInvs and Refine 2014-11-28 08:58:57 +11:00
Invariants_AI.thy fewer warnings 2015-05-16 19:52:49 +10:00
Ipc_AI.thy fewer warnings 2015-05-16 19:52:49 +10:00
IpcCancel_AI.thy fewer warnings 2015-05-16 19:52:49 +10:00
KernelInit_AI.thy enable XN in abstract spec; update AInvs and Refine 2014-11-28 08:58:57 +11:00
KernelInitSep_AI.thy Proof updates, working as far as AInvs. 2014-08-11 14:50:56 +10:00
KernelInitSepProofs_AI.thy Import release snapshot. 2014-07-14 21:32:44 +02:00
KHeap_AI.thy ainvs: some more cleanup 2015-05-16 21:48:24 +10:00
LevityCatch_AI.thy fewer warnings 2015-05-16 19:52:49 +10:00
Machine_AI.thy Import release snapshot. 2014-07-14 21:32:44 +02:00
PDPTEntries_AI.thy fewer warnings 2015-05-16 19:52:49 +10:00
README.md misc: Proofing and formatting of README.md files. 2014-07-28 13:15:48 +10:00
Retype_AI.thy fewer warnings 2015-05-16 19:52:49 +10:00
Schedule_AI.thy Proof updates, working as far as AInvs. 2014-08-11 14:50:56 +10:00
SubMonad_AI.thy Import release snapshot. 2014-07-14 21:32:44 +02:00
Syscall_AI.thy fewer warnings 2015-05-16 19:52:49 +10:00
Tcb_AI.thy more Isabelle2015 update; AInvs up to (excluding) Syscall_AI 2015-04-18 21:51:26 +01:00
TcbAcc_AI.thy Proof updates, working as far as AInvs. 2014-08-11 14:50:56 +10:00
Untyped_AI.thy fewer warnings 2015-05-16 19:52:49 +10:00
VSpace_AI.thy fewer warnings 2015-05-16 19:52:49 +10:00

README.md

Abstract Spec Invariant Proof

This proof defines and proves the global invariants of seL4's abstract specification. The invariants are phrased and proved using a monadic Hoare logic described in a TPHOLS '08 paper.

Building

To build from the l4v/ directory, run:

./isabelle/bin/isabelle build -d . -v -b AInvs

Important Theories

The top-level theory where the invariants are proved over the kernel is Syscall_AI; the bottom-level theory where they are defined is Invariants_AI.