adbrucker
/
lh-l4v
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
lh-l4v/proof/invariant-abstract
History
Matthew Brecknell b5158e31bc Isabelle2016-1: fix proofs involving UNION 
SUPREMUM changed from a definition to an abbreviation.

A number of proofs that previously used blast, fastforce or auto to
solve goals involving UNION, now either fail or loop. This commit
includes various ad-hoc workarounds.
 		2017-01-05 14:27:33 +11:00
..
ARM Isabelle2016-1: rename free variables to avoid capture 2017-01-05 14:24:36 +11:00
ADT_AI.thy AInvs: Updating generic theories for tcb_arch reserved_irq and arch_fault 2016-11-25 13:05:55 +11:00
AInvs.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
AInvsPre.thy SELFOUR-421: merge and fix up to ArmConfidentiality proof 2016-09-22 19:21:56 +10:00
Arch_AI.thy SELFOUR-444: AInvs proven for preemptible retype. 2016-11-02 11:19:08 +11:00
BCorres2_AI.thy AInvs: Updating generic theories for tcb_arch reserved_irq and arch_fault 2016-11-25 13:05:55 +11:00
BCorres_AI.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
Bits_AI.thy arch_split: change caps_of_state to be explicit projection f caps_of_state 2016-03-04 19:03:45 +11:00
CNodeInv_AI.thy Isabelle2016-1: replace 'unfolded' attr with 'simplified' where the former now loops 2017-01-05 14:27:04 +11:00
CSpaceInvPre_AI.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
CSpaceInv_AI.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
CSpacePre_AI.thy SELFOUR-421: merge and fix up to ArmConfidentiality proof 2016-09-22 19:21:56 +10:00
CSpace_AI.thy Isabelle2016-1: rename free variables to avoid capture 2017-01-05 14:24:36 +11:00
DetSchedAux_AI.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
DetSchedDomainTime_AI.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
DetSchedInvs_AI.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
DetSchedSchedule_AI.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
Deterministic_AI.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
Detype_AI.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
EmptyFail_AI.thy SELFOUR-553: rebase and fix styles and comments 2016-11-21 20:47:15 +11:00
Finalise_AI.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
Include_AI.thy SELFOUR-276: Finish proofs for maximum controlled priority (MCP) 2016-10-05 02:43:41 +11:00
InterruptAcc_AI.thy SELFOUR-421: merge and fix up to ArmConfidentiality proof 2016-09-22 19:21:56 +10:00
Interrupt_AI.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
InvariantsPre_AI.thy Simplify obj_bits to not check well_formed_cnode_n 2016-11-11 16:24:37 +11:00
Invariants_AI.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
IpcCancel_AI.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
Ipc_AI.thy Isabelle2016-1: rename free variables to avoid capture 2017-01-05 14:24:36 +11:00
KHeapPre_AI.thy arch_split: invariants: slightly more selective interpretation up to AInvs 2016-04-20 08:36:22 +10:00
KHeap_AI.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
KernelInitSepProofs_AI.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
KernelInitSep_AI.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
KernelInit_AI.thy SELFOUR-421: fix coding style 2016-09-22 19:23:28 +10:00
LevityCatch_AI.thy invariants: move bexEI to a generic theory 2016-12-13 22:10:31 +11:00
README.md misc: Proofing and formatting of README.md files. 2014-07-28 13:15:48 +10:00
Retype_AI.thy Isabelle2016-1: fix proofs involving UNION 2017-01-05 14:27:33 +11:00
Schedule_AI.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
SubMonad_AI.thy repairing AInvs: checks up to the middle of VSpace_AI 2016-01-12 18:10:36 +11:00
Syscall_AI.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
TcbAcc_AI.thy Isabelle2016-1: fix proofs involving UNION 2017-01-05 14:27:33 +11:00
Tcb_AI.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
Untyped_AI.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
VSpaceEntries_AI.thy arch_split: invariants: split Syscall_AI [VER-571] 2016-07-12 16:50:32 +10:00
VSpacePre_AI.thy Isabelle2016-1: update references to renamed constants and facts 2017-01-05 14:23:05 +11:00
VSpace_AI.thy SELFOUR-421: fix coding style 2016-09-22 19:23:28 +10:00

README.md

Abstract Spec Invariant Proof

This proof defines and proves the global invariants of seL4's abstract specification. The invariants are phrased and proved using a monadic Hoare logic described in a TPHOLS '08 paper.

Building

To build from the l4v/ directory, run:

./isabelle/bin/isabelle build -d . -v -b AInvs

Important Theories

The top-level theory where the invariants are proved over the kernel is Syscall_AI; the bottom-level theory where they are defined is Invariants_AI.