| #
2d8233bb |
|
04-Aug-2018 |
Gerwin Klein <gerwin.klein@data61.csiro.au> |
cparser: set sorry_modifies_proofs conditionally on env var
This includes replacing the non-thread-safe ref sorry_modifies_proofs with a
proper Config option.
|
| #
0102ef17 |
|
24-Aug-2017 |
Matthew Brecknell <Matthew.Brecknell@data61.csiro.au> |
Isabelle2017: remove String_Compare
This was a workaround for an Isabelle2016-1 performace regression, and
is no longer required.
|
| #
caeab888 |
|
10-Aug-2017 |
Matthew Brecknell <Matthew.Brecknell@data61.csiro.au> |
c-parser: refactor arch-specific array memory model
This places all arch-specific aspects of the array memory
model in ArchArraysmemInstance.thy.
|
| #
1edd007b |
|
22-Jun-2017 |
Matthew Brecknell <Matthew.Brecknell@data61.csiro.au> |
x64: add new modifies prover
Modifies proofs now include a preprocessing step which breaks programs
into parts before passing goals to the VCG. This means there are more
calls to the VCG, but the VCG only sees individual Basic and Spec
commands, and procedure calls.
This avoids performance issues in some pathological cases. In
particular, long sequences of updates to arrays via pointer-to-struct
previously seemed to be exponential in the number of updates.
|
| #
2f4b822d |
|
22-Jun-2017 |
Matthew Brecknell <Matthew.Brecknell@data61.csiro.au> |
x64: configure arch-specific array types
|
| #
db13ff19 |
|
22-Dec-2016 |
Matthew Brecknell <Matthew.Brecknell@data61.csiro.au> |
Isabelle2016-1: configure c-parser with faster string comparisons
|
| #
af1c7724 |
|
16-Aug-2016 |
Michael Norrish <Michael.Norrish@nicta.com.au> |
c-parser: fix list sorting to use Isabelle code
This makes the licensing situation clearer than with the code coming
from Moscow ML (which might conceivably be GPL).
|
| #
e321cae1 |
|
11-Aug-2016 |
Michael Norrish <Michael.Norrish@nicta.com.au> |
c-parser: sort munge output
|
| #
f0faa90f |
|
17-Apr-2016 |
Gerwin Klein <gerwin.klein@nicta.com.au> |
lib/spec/proof/tools: fix word change fallout
|
| #
27a12b87 |
|
18-Nov-2015 |
Michael Norrish <michael.norrish@nicta.com.au> |
Translate spec-only fns with new guarded_spec_body const
As per discussion in JIRA VER-464 issue.
Still to try to prove modifies theorems for such functions
automatically.
|
| #
7916a775 |
|
09-Nov-2015 |
Michael Norrish <michael.norrish@nicta.com.au> |
Define RelSpec bodies for DONT_TRANSLATE functions.
Work for JIRA VER-464
|
| #
b3dba842 |
|
02-May-2015 |
Gerwin Klein <gerwin.klein@nicta.com.au> |
C-Parser 2015 update
|
| #
279db9ac |
|
15-Oct-2014 |
David Greenaway <david.greenaway@nicta.com.au> |
c-parser: Add config option to avoid generating modifies proofs.
|
| #
20236ae3 |
|
15-Oct-2014 |
David Greenaway <david.greenaway@nicta.com.au> |
c-parser: Generate vcg rule for "cchaos" constant.
Allows vcg_tag ("apply vcg") to process functions with "cchaos" in them.
This was an attempt to solve the problem that the C parser's modifies
proofs currently fail for functions containing "cchaos".
The problem, however, actually seems to be that the C parser fails to
realise that incorrectly owned _read_ variables (which are updated using
"cchaos" before being read) need to be in the "modifies" set of
a function. Currently, the C parser misses these modifications, and the
proof of the incorrect modifies set (rightly) fails.
|
| #
8e427dcb |
|
22-Sep-2014 |
Thomas Sewell <Thomas.Sewell@nicta.com.au> |
Renovate StaticFun a bit.
The functor is gone, and instead StaticFun exports two more general
operators, one for defining a partial map by a tree, and one for
extracting the theorems from an existing partial map definition.
The extraction process uses simplification in a more conservative
manner than before, and is guaranteed to produce exactly the
expected theorems.
|
| #
2a03e81d |
|
14-Jul-2014 |
Gerwin Klein <gerwin.klein@nicta.com.au> |
Import release snapshot.
|