adbrucker
/
lh-l4v
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
lh-l4v/proof/invariant-abstract
History
Michael Sproul 045683cd9c ainvs: Rights_AI theory with facts about VM rights 
SysInit requires some facts about VM rights that are shared with AInvs, so this
commit introduces a new theory to contain the shared lemmas.
 		2019-02-19 14:24:41 +11:00
..
ARM ainvs: Rights_AI theory with facts about VM rights 2019-02-19 14:24:41 +11:00
ARM_HYP ainvs: Rights_AI theory with facts about VM rights 2019-02-19 14:24:41 +11:00
X64 ainvs: Rights_AI theory with facts about VM rights 2019-02-19 14:24:41 +11:00
ADT_AI.thy aspec/ainvs: move TLS/ipc buffer FIXME to appropriate position in ADT_AI 2018-08-06 11:22:49 +10:00
AInvs.thy x64 ainvs: proof update for user_context refactor 2018-03-08 18:41:28 +11:00
AInvsPre.thy x64: merge master 2017-07-21 11:27:12 +10:00
Arch_AI.thy Isabelle2018: new "op x" syntax; now is "(x)" 2018-08-20 09:06:35 +10:00
BCorres2_AI.thy Base ASpec + machine on OptionMonad_ND; fix proof fallout 2018-10-25 12:54:02 +11:00
BCorres_AI.thy Base ASpec + machine on OptionMonad_ND; fix proof fallout 2018-10-25 12:54:02 +11:00
Bits_AI.thy Isabelle2017: update AInvs for RC0 2017-10-30 12:23:26 +11:00
CNodeInv_AI.thy arm ainvs: Cleanup 2018-12-10 20:01:37 +11:00
CSpaceInvPre_AI.thy Isabelle2018: new "op x" syntax; now is "(x)" 2018-08-20 09:06:35 +10:00
CSpaceInv_AI.thy aspec + arm ainvs: Update mask_rights to mask master reply caps 2018-12-10 20:01:37 +11:00
CSpacePre_AI.thy arm ainvs: Cleanup 2018-12-10 20:01:37 +11:00
CSpace_AI.thy arm ainvs: Cleanup 2018-12-10 20:01:37 +11:00
DetSchedAux_AI.thy Proof update for crunch changes 2018-04-04 14:13:55 +10:00
DetSchedDomainTime_AI.thy Proof update for crunch changes 2018-04-04 14:13:55 +10:00
DetSchedInvs_AI.thy refactor einvs from Refine and Access into AInvs 2018-11-20 16:34:29 +11:00
DetSchedSchedule_AI.thy arm ainvs: Cleanup 2018-12-10 20:01:37 +11:00
Deterministic_AI.thy Isabelle2018: new "op x" syntax; now is "(x)" 2018-08-20 09:06:35 +10:00
Detype_AI.thy arm ainvs: Update for GrantReply (SELFOUR-6) 2018-12-10 20:01:37 +11:00
EmptyFail_AI.thy Base ASpec + machine on OptionMonad_ND; fix proof fallout 2018-10-25 12:54:02 +11:00
Finalise_AI.thy arm ainvs: Update for GrantReply (SELFOUR-6) 2018-12-10 20:01:37 +11:00
Include_AI.thy ainvs: Rights_AI theory with facts about VM rights 2019-02-19 14:24:41 +11:00
InterruptAcc_AI.thy x64: Add IOPortControlCaps to control IO port allocation 2018-04-19 05:27:06 +10:00
Interrupt_AI.thy Isabelle2018: new "op x" syntax; now is "(x)" 2018-08-20 09:06:35 +10:00
InvariantsPre_AI.thy access: Fix for GrantReply (SELFOUR-6) 2018-12-10 20:01:38 +11:00
Invariants_AI.thy aspec + arm ainvs: Update mask_rights to mask master reply caps 2018-12-10 20:01:37 +11:00
IpcCancel_AI.thy arm ainvs: Cleanup 2018-12-10 20:01:37 +11:00
Ipc_AI.thy arm ainvs: Cleanup 2018-12-10 20:01:37 +11:00
KHeapPre_AI.thy reduce DRefine dependencies from Refine to AInvs 2018-10-22 13:21:11 +11:00
KHeap_AI.thy Remove pure word lemmas from proof/* 2018-10-10 14:15:00 +11:00
KernelInitSepProofs_AI.thy Isabelle2018: new comment syntax 2018-08-20 09:06:35 +10:00
KernelInitSep_AI.thy Isabelle2018: new "op x" syntax; now is "(x)" 2018-08-20 09:06:35 +10:00
KernelInit_AI.thy SELFOUR-421: fix coding style 2016-09-22 19:23:28 +10:00
LevityCatch_AI.thy Removes all trailing whitespaces 2017-07-12 15:13:51 +10:00
README.md misc: Proofing and formatting of README.md files. 2014-07-28 13:15:48 +10:00
Retype_AI.thy arm ainvs: Update for GrantReply (SELFOUR-6) 2018-12-10 20:01:37 +11:00
Rights_AI.thy ainvs: Rights_AI theory with facts about VM rights 2019-02-19 14:24:41 +11:00
Schedule_AI.thy arm: revise scheduler / fastpath / scheduler bitmaps (SELFOUR-242) 2017-11-27 22:05:34 +11:00
SubMonad_AI.thy repairing AInvs: checks up to the middle of VSpace_AI 2016-01-12 18:10:36 +11:00
Syscall_AI.thy arm ainvs: Update for GrantReply (SELFOUR-6) 2018-12-10 20:01:37 +11:00
TcbAcc_AI.thy aspec + arm ainvs: Update mask_rights to mask master reply caps 2018-12-10 20:01:37 +11:00
Tcb_AI.thy arm ainvs: Update for GrantReply (SELFOUR-6) 2018-12-10 20:01:37 +11:00
Untyped_AI.thy arm ainvs: Add is_valid_vtable_root as vtable_slot invariant 2018-12-10 20:01:37 +11:00
VSpaceEntries_AI.thy Isabelle2017: update AInvs for RC0 2017-10-30 12:23:26 +11:00
VSpacePre_AI.thy arm ainvs: Add is_valid_vtable_root as vtable_slot invariant 2018-12-10 20:01:37 +11:00
VSpace_AI.thy x64: merge master 2017-07-21 11:27:12 +10:00

README.md

Abstract Spec Invariant Proof

This proof defines and proves the global invariants of seL4's abstract specification. The invariants are phrased and proved using a monadic Hoare logic described in a TPHOLS '08 paper.

Building

To build from the l4v/ directory, run:

./isabelle/bin/isabelle build -d . -v -b AInvs

Important Theories

The top-level theory where the invariants are proved over the kernel is Syscall_AI; the bottom-level theory where they are defined is Invariants_AI.