

@2028

8 years 
boender 
 bugfix to Assembly (forgotten sigma)
 added …



@2027

8 years 
mulligan 
Got the main lemma to apply in the proof of main theorem again and …



@2026

8 years 
mulligan 
Added a new file to house the main theorem as the type checking time …



@2025

8 years 
campbell 
Silly typo and old comment.



@2024

8 years 
mulligan 
Updated AssemblyProof? to fix mismatch in definition of lookup_labels …



@2023

8 years 
mulligan 
Closed main lemma modulo closing trivial subgoals about commutations …



@2022

8 years 
boender 
 corrected jump calculation algorithm



@2021

8 years 
sacerdot 
Proof skeleton in place. Several daemons to be closed adding invariants.



@2020

8 years 
mulligan 
CJNE case complete, DJNZ case almost complete



@2019

8 years 
campbell 
Split out special induction principle for Clight from soundness file. …



@2018

8 years 
mulligan 
CJNE case a complete mess.



@2017

8 years 
mulligan 
Large swathes of proof of main lemma added.



@2016

8 years 
garnier 
Slight change in simplification strategy to better match the semantics



@2015

8 years 
mulligan 
Changes following a conversation with Jaap: as it stands computation …



@2014

8 years 
mulligan 
Fixed problem in James' email message.



@2013

8 years 
Ian Stark 
Put in HiPEAC 2013



@2012

8 years 
Ian Stark 
Added proposed papers to D6.2



@2011

8 years 
garnier 
Minor cleanup.



@2010

8 years 
campbell 
Make globalenvs use proper maps.



@2009

8 years 
garnier 
Proof of simulation completed for singestep executions.



@2008

8 years 
boender 
 substantial closing of holes in proof



@2007

8 years 
Ian Stark 
Potential workshop invitees



@2006

8 years 
boender 
 added alias for bitvector zero
 changed extralib bounded …



@2005

8 years 
boender 
 minor changes to make things compile with a clean checkout



@2004

8 years 
campbell 
Minor edits from discussion.



@2003

8 years 
campbell 
Some discussion of correctness statements.



@2002

8 years 
Ian Stark 
Supplement to D6.2



@2001

8 years 
campbell 
Get the compiler to output more.



@2000

8 years 
campbell 
Fix g.e. glitch in label simulation.



@1999

8 years 
campbell 
Make backend use the main global envs.



@1998

8 years 
sacerdot 
Version number bumped.



@1997

8 years 
mulligan 
Changed titles of reports to match correct deliverable title



@1996

8 years 
campbell 
Work on correctness from yesterday.



@1995

8 years 
campbell 
Overall compiler definition; bits and pieces to
make everything happy(ish).



@1994

8 years 
campbell 
Remove redundant allocation definition in Globalenvs.



@1993

8 years 
campbell 
Make frontend memory model only depend on the general definitions by …



@1992

8 years 
mckinna 
Ayache?



@1991

8 years 
campbell 
Put the front end transformations together and make an example use it.



@1990

8 years 
mckinna 
the LUSTRE paper has not yet appeared
what about the Ayache/Frama?C …



@1989

8 years 
mckinna 
Notes of 20120524 of the UEdin/UniBo meeting to discuss publication …



@1988

8 years 
campbell 
Abstraction of the memory contents in the memory models is no longer …



@1987

8 years 
campbell 
Move BEValues to common to reflect their use in the memory model for …



@1986

8 years 
campbell 
Get rid of unused abstraction of Globalenvs.



@1985

8 years 
mulligan 
A single `false' case for unconditional jumps completed.



@1984

8 years 
mulligan 
Most proof obligations closed in main_lemma apart from those of the …



@1983

8 years 
mulligan 
Changes to simplify the simpler cases of the main_lemma.



@1982

8 years 
amadio 
add 2.1 Survey



@1981

8 years 
amadio 
update 5.1



@1980

8 years 
amadio 
update 5.1



@1979

8 years 
sacerdot 
Very very very tricky lemma closed. A dreadful mix of JM equality …



@1978

8 years 
sacerdot 
Two more cases completed.



@1977

8 years 
sacerdot 
Unblocked: let ... as hides two different terms, one that uses Leibniz …



@1976

8 years 
tranquil 
* monads: just changed some defs, which had to be propagated in some …



@1975

8 years 
mulligan 
Work from today on closing main_thm.



@1974

8 years 
garnier 
Progress on the cast simplification proof.



@1973

8 years 
boender 
 removed superfluous match
 displaced 'cases daemon'



@1972

8 years 
mulligan 
Simple lemma with strangely complex proof complete.



@1971

8 years 
sacerdot 
1. Interpret.ma:
we need to prove
\sigma (execute_preinstruction …



@1970

8 years 
garnier 
Workinprogress: correction proof for the cast removal on expressions.



@1969

8 years 
sacerdot 
Some more progress, but now we must prove something on a Russell …



@1968

8 years 
campbell 
Update D4.3's title, memory model details, and some typographical …



@1967

8 years 
sacerdot 
Mov case completed.



@1966

8 years 
mulligan 
Progress made on main_thm proof: trying to find a pattern to use …



@1965

8 years 
boender 
 further completed proof, changed jump_expansion' to reflect new type …



@1964

8 years 
tranquil 
introduced as_label_of_cost and adapted accordingly. Equality of cost …



@1963

8 years 
sacerdot 
More progress in restoring the original proof.



@1962

8 years 
sacerdot 
More examples are now indexed.



@1961

8 years 
sacerdot 
No more interaction required.



@1960

8 years 
campbell 
Update RTLabs structured traces to make minor changes in definitions.



@1959

8 years 
mulligan 
Commented out diverging application of demodulation and closed goals …



@1958

8 years 
mulligan 
Marked divergence in StatusProofs?.ma



@1957

8 years 
mulligan 
Stitching proofs back together after slight change in statement of …



@1956

8 years 
boender 
 finished proof of lemma (where auto does strange things again)



@1955

8 years 
mulligan 
Completed proof of snd_assembly_1_pseudoinstruction_ok, modulo some …



@1954

8 years 
campbell 
Initial state is in the labelling simulation
(modulo global envs results).



@1953

8 years 
mulligan 
Commit to avoid conflicts.



@1952

8 years 
sacerdot 
AssemblyProof? splitted.



@1951

8 years 
sacerdot 
Bug with overloaded names in the context.



@1950

8 years 
boender 
 advances in policy



@1949

8 years 
tranquil 
* lemma trace rel to eq flatten trace
* some more properties of …



@1948

8 years 
mulligan 
Weakened statements of ASM/Assembly.ma and ASM/AssemblyProof.ma, so …



@1947

8 years 
sacerdot 
Failure of automation/demod investigated a little bit.



@1946

8 years 
sacerdot 
\snd half_add => add everywhere



@1945

8 years 
sacerdot 
All proof statements repaired.



@1944

8 years 
sacerdot 
common/StructuredTraces no longer depends on ASM/AbstractStatus (again)



@1943

8 years 
boender 
 changed 'labels okay' part of create_label_cost_map



@1942

8 years 
mulligan 
Work on showing the equivalence of two methods of looking up from the maps.



@1941

8 years 
mulligan 
Changes to the AssemblyProof? with a few more (large) axioms closed.



@1940

8 years 
boender 
 committed new version of final invariant



@1939

8 years 
mulligan 
Changes to get things to compile and to avoid the dependency …



@1938

8 years 
sacerdot 
Definitions moved to the right places, now everything compiles again.



@1937

8 years 
boender 
 filled in some of the gaps in the proof of Policy
 reverted …



@1936

8 years 
mulligan 
Some holes filled in AssemblyProof?.ma.



@1935

8 years 
mulligan 
Generalized some lemma in ASM/CostsProof.ma to work on abstract …



@1934

8 years 
boender 
 various & sundry moves of lemmas to better places
 integrated …



@1933

8 years 
boender 
 slight revamp



@1932

8 years 
boender 
 added some more dependent types (we love 'em)



@1931

8 years 
boender 
 added latest bvt alias
 temporary "cases daemon" commit of new …



@1930

8 years 
campbell 
Tidy up labelling simulation stuff a bit.



@1929

8 years 
mulligan 
Simplified proof by removing most of the invariants on the statements …


