Fix up proofs after word lemma moves

Remove pure word lemmas from proof/*

Removes redundant lemmas after moving them up to Word_Lib.

Isabelle2018: new "op x" syntax; now is "(x)"

(result of "isabelle update_op -m <dir>")

Isabelle2018: new comment syntax

(result of "isabelle update_comments <dirs>")

globally use session-qualified imports; add Lib session

Session-qualified imports will be required for Isabelle2018 and help clarify
the structure of sessions in the build tree.

This commit mainly adds a new set of sessions for lib/, including a Lib
session that includes most theories in lib/ and a few separate sessions for
parts that have dependencies beyond CParser or are separate AFP sessions.
The group "lib" collects all lib/ sessions.

As a consequence, other theories should use lib/ theories by session name,
not by path, which in turns means spec and proof sessions should also refer
to each other by session name, not path, to avoid duplicate theory errors in
theory merges later.

x64 crefine: prove several lemmas in Retype_C

To prove that retyping a TCB establishes the state relation for TCBs,
it is necessary to prove that the C FPU null state is always equal to
the Haskell FPU null state. This commit therefore includes some
machinery for maintaining the state relation for the FPU null state,
and repairs many proofs.

x64: crefine: clear sorries for decode PT/PD/PDPT

x64: crefine: clear remaining sorry in Interrupt_C (VER-879)

x64: clear wordFromMessageInfo_spec sorry in VSpace_C

x64 crefine: Invoke_C sorry free

x64 crefine: remaining Invoke_C sorries are C bugs

x64 crefine: removed 5 sorries in Invoke_C

x64 CRefine: more update for C-parser change to avoid complex call lvals (JIRA VER-881)

Also completes some Ipc_C proofs that were blocked by the C-parser problem.

x64: clear some sorry proofs from CSpace_C

Also update some Haskell and abstract specs relating to IO ports.

x64 crefine: update or sorry broken proofs up to Syscall_C

x64: crefine: added Invoke_C