

@2366

8 years 
sacerdot 
…



@2365

8 years 
mulligan 
More minor tweaks.



@2364

8 years 
mulligan 
Some minor changes to Claudio's additions and reinstatement of some …



@2363

8 years 
sacerdot 
New 3.3. Maybe worse than the previous one.



@2362

8 years 
mulligan 
16 pages at last due to all sorts of fiddling. Any more additions …



@2361

8 years 
mulligan 
Just half of a page left to find.



@2360

8 years 
mulligan 
Back to 17 pages after Claudio's additions.



@2359

8 years 
sacerdot 
…



@2358

8 years 
mulligan 
Down to 17 pages now.



@2357

8 years 
mulligan 
Begun editing down to reclaim space. Fixed some embarrassing typos …



@2356

8 years 
mulligan 
Consistency changes.



@2355

8 years 
sacerdot 
"Total correctness" => correctness



@2354

8 years 
sacerdot 
3.1 and 3.2 rewritten because now the reader has more information …



@2353

8 years 
campbell 
Put the postloop cost label into the Clight while statement to get …



@2352

8 years 
mulligan 
Removed repeated references as suggested by the referee



@2351

8 years 
mulligan 
Small consistency changes.



@2350

8 years 
mulligan 
Got to the conclusions.



@2349

8 years 
mulligan 
Up to section 3.5.



@2348

8 years 
mulligan 
Edited up to Sec. 3.3



@2347

8 years 
mulligan 
MCS51 not MCS8051



@2346

8 years 
mulligan 
Minor changes to Claudio's new text



@2345

8 years 
sacerdot 
…



@2344

8 years 
mulligan 
Fixed "C statements" rather than "blocks of instructions"



@2343

8 years 
mulligan 
Fixed Claudio's horrifying use of American spellings (optimizing, etc.)



@2342

8 years 
mulligan 
simplified statements



@2341

8 years 
sacerdot 
More introduction.



@2340

8 years 
sacerdot 
Introduction rewritten.



@2339

8 years 
mulligan 
Got to page 8/9.



@2338

8 years 
campbell 
Use much nicer definition for making several steps in the labelling …



@2337

8 years 
mulligan 
Removed the referee's comments that have already been addressed from …



@2336

8 years 
mulligan 
Added hyphenat.sty, needed file to compile even after doing a …



@2335

8 years 
campbell 
Deal with goto labels in RTLabs to Cminor by fixing up goto statements …



@2334

8 years 
sacerdot 
Only relevant pieces of reviews left in place.



@2333

8 years 
sacerdot 
Reviews committed.



@2332

8 years 
garnier 
Some progress on switch removal. Small fix in the definition of free, …



@2331

8 years 
mulligan 
Added some structure to the paper



@2330

8 years 
mulligan 
Added directory for new structured traces paper.



@2329

8 years 
mulligan 
Added new directory for papers so as to stop them from being spread …



@2328

8 years 
campbell 
Cut down the notion of a Clight labelled state to those where we pick …



@2327

8 years 
mulligan 
Fixed typos in paper highlighted by referees. More substantial …



@2326

8 years 
campbell 
More accurate notion of labelled states in Clight.



@2325

8 years 
campbell 
Fill out some Clight bits and pieces in correctness.ma.



@2324

8 years 
tranquil 
semantics of blocks: function to produce trace from execution of …



@2323

8 years 
campbell 
Some correctness proof comments.



@2322

8 years 
campbell 
Today's correctness groupthink.



@2321

8 years 
campbell 
Add toolstick branch of the prototype.



@2320

8 years 
campbell 
Update compiler and correctness with labelling changes.



@2319

8 years 
campbell 
Generate perprogram cost labels rather than perfunction ones, and …



@2318

8 years 
boender 
 now it compiles



@2317

8 years 
boender 
 small changes to make things compile



@2316

8 years 
boender 
 committed temporary version: true version has to wait until I …



@2315

8 years 
campbell 
Add some more commentary.



@2314

8 years 
campbell 
Move generic definitions from recent commit to appropriate places.



@2313

8 years 
campbell 
RTLabs cost checker correct.



@2312

8 years 
garnier 
Memory injections, to be revised



@2311

8 years 
garnier 
Some more cleaning of switchRemoval …



@2310

8 years 
garnier 
Moved a lemma from switchRemoval to positive.



@2309

8 years 
garnier 
Removed the superfluous xorb definition and move some basic properties …



@2308

8 years 
campbell 
More proof (and corrections) on cost checking.



@2307

8 years 
campbell 
Half the proofs for sound cost labelling check.



@2306

8 years 
campbell 
An insertion sort for testing purposes.



@2305

8 years 
campbell 
RTLabs cost spec checking function implemented (lacks proof, or much …



@2304

8 years 
garnier 
Strengthened proof of associativity of bitvector addition. Some more …



@2303

8 years 
campbell 
Some preliminary checking of cost labelling properties in RTLabs.



@2302

8 years 
garnier 
Finally proved associativity of addition on bitvectors. Rejoice.



@2301

8 years 
mulligan 
Trying to get the big proof working again



@2300

8 years 
campbell 
Cut out some dead ends and add some comments to the last commit.



@2299

8 years 
campbell 
Soundly labelled RTLabs structured traces are "unrepeating".



@2298

8 years 
garnier 
WIP: converting switch removal from Z to bitvectors. Does not compile, …



@2297

8 years 
campbell 
Nicer form of steps until cost label bound in RTLabs.



@2296

8 years 
campbell 
Tidy up some illplaced definitions.



@2295

8 years 
campbell 
Start on showing unrepeating property of RTLabs structured traces: …



@2294

8 years 
campbell 
Make RTLabs cost spec deterministic.



@2293

8 years 
campbell 
Add instruction pointer for call states in RTLabs.



@2292

8 years 
campbell 
More RTLabs invariants.



@2291

8 years 
campbell 
Disable switch removal in compiler.ma for now.



@2290

8 years 
campbell 
Remove jump tables from RTLabs > RTL.



@2289

8 years 
campbell 
Update alias



@2288

8 years 
campbell 
Remove jumptables from RTLabs. :(



@2287

8 years 
campbell 
RTLabs typing for loads and stores.



@2286

8 years 
tranquil 
Big update!
* merge of all _paolo variants
* reorganised some depends …



@2285

8 years 
sacerdot 
1. duplicated code erased
2. POP case finished up to lemmas on …



@2284

8 years 
sacerdot 
PUSH finished



@2283

8 years 
mulligan 
Work from today.



@2282

8 years 
sacerdot 
PUSH case almost finished



@2281

8 years 
sacerdot 
…



@2280

8 years 
sacerdot 
Proof repaired.



@2279

8 years 
sacerdot 
1. Bug fixed in the semantics of PUSH (no indirection performed)
2. …



@2278

8 years 
mulligan 
Half of JC case complete



@2277

8 years 
tranquil 
* replaced incorrect use of subvector_with



@2276

8 years 
sacerdot 
…



@2275

8 years 
tranquil 
* moved around some code (I8051.ma does not depend on ByteValues?.ma …



@2274

8 years 
sacerdot 
Dead code commented out and code out of place moved to Test.ma.



@2273

8 years 
sacerdot 
1. lemmas moved from all files to Test.ma
2. most of the lemmas in …



@2272

8 years 
mulligan 
Changed proof strategy for main lemma after noticed that the current …



@2271

8 years 
garnier 
Proof of correction for the semantics of expressions under memory …



@2270

8 years 
mulligan 
Bug spotted and fixed in write_at_stack_pointer



@2269

8 years 
sacerdot 
Proof completely repaired up to …



@2268

8 years 
mulligan 
Bug spotted in instruction_size (lookup_datalabels cannot just be a …



@2267

8 years 
sacerdot 
Call is now proved using the new strategy.


