

@1970

8 years 
garnier 
Workinprogress: correction proof for the cast removal on expressions.



@1969

8 years 
sacerdot 
Some more progress, but now we must prove something on a Russell …



@1968

8 years 
campbell 
Update D4.3's title, memory model details, and some typographical …



@1967

8 years 
sacerdot 
Mov case completed.



@1966

8 years 
mulligan 
Progress made on main_thm proof: trying to find a pattern to use …



@1965

8 years 
boender 
 further completed proof, changed jump_expansion' to reflect new type …



@1964

8 years 
tranquil 
introduced as_label_of_cost and adapted accordingly. Equality of cost …



@1963

8 years 
sacerdot 
More progress in restoring the original proof.



@1962

8 years 
sacerdot 
More examples are now indexed.



@1961

8 years 
sacerdot 
No more interaction required.



@1960

8 years 
campbell 
Update RTLabs structured traces to make minor changes in definitions.



@1959

8 years 
mulligan 
Commented out diverging application of demodulation and closed goals …



@1958

8 years 
mulligan 
Marked divergence in StatusProofs?.ma



@1957

8 years 
mulligan 
Stitching proofs back together after slight change in statement of …



@1956

8 years 
boender 
 finished proof of lemma (where auto does strange things again)



@1955

8 years 
mulligan 
Completed proof of snd_assembly_1_pseudoinstruction_ok, modulo some …



@1954

8 years 
campbell 
Initial state is in the labelling simulation
(modulo global envs results).



@1953

8 years 
mulligan 
Commit to avoid conflicts.



@1952

8 years 
sacerdot 
AssemblyProof? splitted.



@1951

8 years 
sacerdot 
Bug with overloaded names in the context.



@1950

8 years 
boender 
 advances in policy



@1949

8 years 
tranquil 
* lemma trace rel to eq flatten trace
* some more properties of …



@1948

8 years 
mulligan 
Weakened statements of ASM/Assembly.ma and ASM/AssemblyProof.ma, so …



@1947

8 years 
sacerdot 
Failure of automation/demod investigated a little bit.



@1946

8 years 
sacerdot 
\snd half_add => add everywhere



@1945

8 years 
sacerdot 
All proof statements repaired.



@1944

8 years 
sacerdot 
common/StructuredTraces no longer depends on ASM/AbstractStatus (again)



@1943

8 years 
boender 
 changed 'labels okay' part of create_label_cost_map



@1942

8 years 
mulligan 
Work on showing the equivalence of two methods of looking up from the maps.



@1941

8 years 
mulligan 
Changes to the AssemblyProof? with a few more (large) axioms closed.



@1940

8 years 
boender 
 committed new version of final invariant



@1939

8 years 
mulligan 
Changes to get things to compile and to avoid the dependency …



@1938

8 years 
sacerdot 
Definitions moved to the right places, now everything compiles again.



@1937

8 years 
boender 
 filled in some of the gaps in the proof of Policy
 reverted …



@1936

8 years 
mulligan 
Some holes filled in AssemblyProof?.ma.



@1935

8 years 
mulligan 
Generalized some lemma in ASM/CostsProof.ma to work on abstract …



@1934

8 years 
boender 
 various & sundry moves of lemmas to better places
 integrated …



@1933

8 years 
boender 
 slight revamp



@1932

8 years 
boender 
 added some more dependent types (we love 'em)



@1931

8 years 
boender 
 added latest bvt alias
 temporary "cases daemon" commit of new …



@1930

8 years 
campbell 
Tidy up labelling simulation stuff a bit.



@1929

8 years 
mulligan 
Simplified proof by removing most of the invariants on the statements …



@1928

8 years 
mulligan 
Moved code from in ASM/ASMCosts*.ma and ASM/CostsProof.ma that should …



@1927

8 years 
mulligan 
Reduced complexity of good_program predicate, ported to new notion of …



@1926

8 years 
tranquil 
* added as_label to abstract status, with as_costed defined with it. …



@1925

8 years 
boender 
 readded jump_lenggh



@1924

8 years 
mulligan 
Added comment



@1923

8 years 
mulligan 
Small change, closing daemon that went under the RADAR



@1922

8 years 
campbell 
Main labelling simulation proof complete.



@1921

8 years 
mulligan 
Horror proof mostly finished (compiles all way until end of CostsProof?.ma).



@1920

8 years 
campbell 
Most of the labelling simulation. Still need to sort out switch …



@1919

8 years 
mulligan 
Fixes to get everything compiling again



@1918

8 years 
tranquil 
using listb.ma now



@1917

8 years 
tranquil 
predicate for unrepeating traces, fused final_abstract_status with …



@1916

8 years 
mulligan 
Closed remaining daemons in block_cost'. Rest of file now typechecks …



@1915

8 years 
garnier 
Correction of a typo in switchRemoval.



@1914

8 years 
campbell 
Fix bug in Clight semantics that misses gotolabels inside a cost …



@1913

8 years 
mulligan 
Got the rest of the file to typecheck as before.



@1912

8 years 
mulligan 
Patches to get block_cost' and dependencies working again after change …



@1911

8 years 
mulligan 
Changed statement of block_cost' to start on new termination argument



@1910

8 years 
mulligan 
Finished proof modulo termination argument



@1909

8 years 
mulligan 
Ported new statements to remainder of Interpret.ma file.



@1908

8 years 
fguidi 
notation fixup following last commit of matita
we shifted the levels …



@1907

8 years 
mulligan 
Fixes to get file to compile



@1906

8 years 
mulligan 
Statements simplified in block_cost and dependencies



@1905

8 years 
boender 
 plugging gap in assembly proof



@1904

8 years 
mulligan 
Problem with proof fixed by noting that problem is actually irrelevant



@1903

8 years 
mulligan 
Small changes prior to experiment



@1902

8 years 
mulligan 
Reverted needless changes to StructuredTraces?



@1901

8 years 
mulligan 
Slight changes to StructuredTraces?: should not change too much



@1900

9 years 
mulligan 
CostProof? complete, modulo some daemons and axioms in earlier files



@1899

9 years 
mulligan 
Changes to statements of theorems



@1898

9 years 
mulligan 
Ported changes from ASMCosts.ma into CostsProof?.ma and got everything …



@1897

9 years 
mulligan 
Changes to proof, and pushed through those changes to rest of the file.



@1896

9 years 
mulligan 
Finished horror proof



@1895

9 years 
mulligan 
Split the ASMCosts files while working on traverse_code_internal. A …



@1894

9 years 
mulligan 
Closed a hole in the proof by deriving a contradiction using even_p …



@1893

9 years 
campbell 
Show stronger result about labelling of expressions.



@1892

9 years 
mulligan 
Lots of work from today



@1891

9 years 
mulligan 
Nightmarish proofs on bitvectors. Trying to find some way of making …



@1890

9 years 
boender 
 added comment about bitvector translation



@1889

9 years 
boender 
 some pages of article



@1888

9 years 
campbell 
Show that labelling of expressions works ...
after fixing it to match …



@1887

9 years 
boender 
 added SEFM2012 directory
 some progress in assembly



@1886

9 years 
boender 
 improvements for disambiguation and quick(er) typing



@1885

9 years 
boender 
 updated assembler with new definition of occurs_exactly_once



@1884

9 years 
campbell 
Syntax changes to fit Paolo's commit.



@1883

9 years 
campbell 
Ilias' switch removal code, plus a test.



@1882

9 years 
tranquil 
big update, alas incomplete:
joint changed a bit, and all BE languages …



@1881

9 years 
campbell 
Resurrect version of exec_up_to which shows the final state.



@1880

9 years 
campbell 
Show that RTLabs flat traces are determined by their starting state, …



@1879

9 years 
boender 
 Policy compiles until the end, still some (fairly trivial) cases …



@1878

9 years 
campbell 
Enforce typing of constants in frontend, plus binops for RTLabs.



@1877

9 years 
campbell 
Update RTLabs structured traces for typed binops and new memory model.



@1876

9 years 
campbell 
Update Cexec soundness proof.
Change finishes_with predicate to …



@1875

9 years 
campbell 
Update brief memory model test.



@1874

9 years 
campbell 
First cut at using backend memory model throughout.
Note the …



@1873

9 years 
campbell 
Fix up earlier frontend value conversion work.



@1872

9 years 
campbell 
Make binary operations in Cminor/RTLabs properly typed.
A few extra …



@1871

9 years 
campbell 
Change Clight to Cminor compilation to use gotos rather than loops, …


