Fix up proofs after word lemma moves

Isabelle2018: new "op x" syntax; now is "(x)"

(result of "isabelle update_op -m <dir>")

Isabelle2018: new comment syntax

(result of "isabelle update_comments <dirs>")

x64: crefine: add SetTLSBase invocation to x64 CRefine

x64 crefine: prove several lemmas in Retype_C

To prove that retyping a TCB establishes the state relation for TCBs,
it is necessary to prove that the C FPU null state is always equal to
the Haskell FPU null state. This commit therefore includes some
machinery for maintaining the state relation for the FPU null state,
and repairs many proofs.

x64 crefine: FPU updates

x64: crefine: update for C-parser change to avoid complex call lvals (JIRA VER-881)

x64: crefine: fix confused deputy problem when setting priorities

x64: update proofs for new ccorres_rewrite

x64: crefine: move lemma from Tcb_C to SR_lemmas_C, and more canonical_address lemmas to SR_Lemmas

x64: clear some sorry proofs from CSpace_C

Also update some Haskell and abstract specs relating to IO ports.

x64: crefine: move pspace_canonical' lemmas to refine

x64: crefine: cleared sorries in Tcb_C

x64: crefine: cleared non sign extend sorries in Tcb_C

x64 crefine: update or sorry broken proofs up to Syscall_C

x64 crefine: update scheduler bitmap lemmas

Applied the changes from invert-fastpath on ARM_HYP to available X64
files, updated relevant proofs to 64-bit, reduced IpcCancel sorries to
sign_extend only, reduced Schedule to one sorry.

x64: crefine: cleared sorry in checkCapAt_ccorres

x64: crefine: added Tcb_C