History

Rafal Kolanski f9ea44ef89 arm-hyp: update spec+proofs for multi-VM support Highlights: - new reserved IRQ and associated handler: VPPIEvent - VPPI events are virtual interrupts we can forward to VMs; currently there is only one event: virtual timer interrupt - VGICMaintenance and VPPIEvent can both receive late interrupts from hardware, which are now discarded instead of being delivered to current thread - given only one possible VPPI event, simplifier tends to mop up more than it should, making some proofs fragile w.r.t. adding a new VPPI event - the order of some lemmas/specs needed shuffling, as now VCPU code needs some interrupt code, which uses VCPU code		2020-02-19 10:52:07 +11:00
..
asmrefine	refactored irq_t structure (VER-1159)	2020-02-05 17:58:45 +11:00
autocorres	lib: improve wp tracing	2020-01-29 09:26:18 +11:00
c-parser	c-parser: handle symbolic names in assembly	2019-12-19 17:05:10 +11:00
haskell-translator	arm-hyp: update spec+proofs for multi-VM support	2020-02-19 10:52:07 +11:00
proofcount	global: isabelle update_cartouches	2019-06-14 11:41:21 +10:00
README.md	Added new proofcount tool to "tools" and removed old one from "lib".	2015-02-11 17:46:34 +11:00
ROOTS	Isabelle2018: new AsmRefine session + test	2018-08-20 09:06:36 +10:00
tests.xml	Isabelle2018: new AsmRefine session + test	2018-08-20 09:06:36 +10:00

Proof Tools

This directory contains proof tools, most of which are used in one or more of the seL4 proofs. Each has its own directory:

asmrefine - Generic Isabelle/HOL part of the binary verification tool, for use in the seL4 Assembly Refinement Proof.
autocorres - Tool for easing manual proofs about C code, described in this PLDI '14 paper.
c-parser - Tool for translating C code into Isabelle/HOL, used to give seL4's C code its semantics in e.g. the seL4 C Refinement Proof.
haskell-translator - Tool for translating Haskell into Isabelle/HOL, used to generate the seL4 design specification.
proofcount - Tool for collecting metrics from finished proofs.