

@2645

8 years 
sacerdot 
1. some broken backend files repaires, several still to go
2. the …



@2643

8 years 
sacerdot 
We are not proving erasure, so this is dead code.



@2601

8 years 
sacerdot 
Extraction to ocaml is now working, with a couple of bugs left.
One …



@2593

8 years 
mckinna 
Finally chased down wicked failure to close case 1.1: of …



@2575

8 years 
mckinna 
temporary commit
localised the source of trouble in the proof of
…



@2573

8 years 
mckinna 
temporary fixes to ensure {compiler,correctness}.ma recompile
after …



@2531

8 years 
mckinna 
Trivial tweaks.



@2516

8 years 
mckinna 
removed typedefs; restored older versions; moved typedefs to …



@2508

8 years 
mckinna 
more tweaks. compiler and correctness still build.



@2504

8 years 
mckinna 
More refactoring to support the tidied up compiler.ma



@2498

8 years 
mckinna 
Refactor:
Typedefs object_code and costlabel_map lifted out from …



@2475

8 years 
campbell 
Get compiler.ma and correctness.ma checking again. Note that the …



@2327

8 years 
mulligan 
Fixed typos in paper highlighted by referees. More substantial …



@2318

8 years 
boender 
 now it compiles



@2317

8 years 
boender 
 small changes to make things compile



@2316

8 years 
boender 
 committed temporary version: true version has to wait until I …



@2314

8 years 
campbell 
Move generic definitions from recent commit to appropriate places.



@2311

8 years 
garnier 
Some more cleaning of switchRemoval …



@2307

8 years 
campbell 
Half the proofs for sound cost labelling check.



@2301

8 years 
mulligan 
Trying to get the big proof working again



@2286

8 years 
tranquil 
Big update!
* merge of all _paolo variants
* reorganised some depends …



@2285

8 years 
sacerdot 
1. duplicated code erased
2. POP case finished up to lemmas on …



@2284

8 years 
sacerdot 
PUSH finished



@2283

8 years 
mulligan 
Work from today.



@2282

8 years 
sacerdot 
PUSH case almost finished



@2281

8 years 
sacerdot 
…



@2280

8 years 
sacerdot 
Proof repaired.



@2279

8 years 
sacerdot 
1. Bug fixed in the semantics of PUSH (no indirection performed)
2. …



@2278

8 years 
mulligan 
Half of JC case complete



@2276

8 years 
sacerdot 
…



@2275

8 years 
tranquil 
* moved around some code (I8051.ma does not depend on ByteValues?.ma …



@2274

8 years 
sacerdot 
Dead code commented out and code out of place moved to Test.ma.



@2273

8 years 
sacerdot 
1. lemmas moved from all files to Test.ma
2. most of the lemmas in …



@2272

8 years 
mulligan 
Changed proof strategy for main lemma after noticed that the current …



@2270

8 years 
mulligan 
Bug spotted and fixed in write_at_stack_pointer



@2269

8 years 
sacerdot 
Proof completely repaired up to …



@2268

8 years 
mulligan 
Bug spotted in instruction_size (lookup_datalabels cannot just be a …



@2267

8 years 
sacerdot 
Call is now proved using the new strategy.



@2266

8 years 
sacerdot 
All daemons closed in Jmp case.



@2265

8 years 
sacerdot 
Commented out code removed.



@2264

8 years 
sacerdot 
1) Major change: we now always use the efficient way of resolving …



@2262

8 years 
mulligan 
Changes from today.



@2261

8 years 
mulligan 
Resolved conflict



@2260

8 years 
sacerdot 
Now we use the efficient lookup_address.



@2259

8 years 
mulligan 
For Claudio



@2258

8 years 
sacerdot 
1. lemma generalized
2. automation replaced with expansion to make …



@2257

8 years 
mulligan 
Daemon in SETB case closed.



@2256

8 years 
mulligan 
MOV and MOVX cases complete



@2248

8 years 
sacerdot 
Final changes. All daemons removed, but the real one (open goal).



@2247

8 years 
mulligan 
Work on the MOV instruction from today and bug fixes in set_arg_1.



@2246

8 years 
sacerdot 
Final technical lemma streamlined. Maybe it can be streamlined even more.



@2245

8 years 
sacerdot 
Temporary commit to have a backtracking point. Yes, I know this breaks …



@2244

8 years 
sacerdot 
Technical lemma used.



@2243

8 years 
sacerdot 
One more lemma streamlined, one to go + one to be completed.



@2242

8 years 
sacerdot 
jump_expansion_step3 streamlined



@2241

8 years 
boender 
 merged changes by Claudio



@2240

8 years 
sacerdot 
All "interesting" technical lemmas singled out, proofs to be uncommented.



@2239

8 years 
sacerdot 
One more lemma polished.



@2238

8 years 
sacerdot 
Taken out lemma integrated.



@2237

8 years 
sacerdot 
Even shorter version.



@2236

8 years 
sacerdot 
One subproof made shorter.



@2235

8 years 
sacerdot 
Towards smaller proofs.



@2230

8 years 
sacerdot 
Glue proof maximally simplified or sort of.



@2229

8 years 
sacerdot 
More cleaning up, ready for more aggressive factorization.



@2228

8 years 
sacerdot 
Further proof reduction.



@2225

8 years 
sacerdot 
Minor and major improvements everywhere, shortened proofs.



@2222

8 years 
sacerdot 
More robust to possible future changes to the "in match" semantics …



@2221

8 years 
boender 
 removed cases daemon from PolicyFront?



@2220

8 years 
sacerdot 
Some minor speed up and daemonuncommenting.



@2216

8 years 
mulligan 
More work on the big lemma. Nearly there now.



@2215

8 years 
sacerdot 
Some speed up.



@2213

8 years 
boender 
 removed one cases daemon



@2212

8 years 
mulligan 
More work on the INC case



@2211

8 years 
boender 
 finished proof of sigma specification
 added some stuff to Util, as …



@2210

8 years 
mulligan 
XOR case completely finished.



@2209

8 years 
mulligan 
Closed major daemons in the supporting lemmas of the main lemma.



@2207

8 years 
mulligan 
Improvements and corrections to the main lemma proof in …



@2204

8 years 
sacerdot 
Shuffling around, suggestions, improvements.



@2200

8 years 
tranquil 
* updated joint semantics: generation of linear and graph semantics
* …



@2199

8 years 
sacerdot 
No longer used lemma containing the last daemon removed.
The proof is …



@2198

8 years 
mulligan 
Work from today.



@2197

8 years 
sacerdot 
Main lemmas all closed.



@2196

8 years 
sacerdot 
Speed up using patterns.



@2195

8 years 
mulligan 
Got AssemblyProof?.ma compiling again using daemons.



@2194

8 years 
sacerdot 
1. monotone moved to Assembly
2. some easier daemons, one shows an …



@2193

8 years 
sacerdot 
Statement cleanup.



@2192

8 years 
sacerdot 
Shuffling around.



@2191

8 years 
sacerdot 
Only one daemon left.



@2190

8 years 
sacerdot 
Two daemons left.



@2189

8 years 
sacerdot 
Proof very close to completion.



@2188

8 years 
sacerdot 
1. Policy specification generalized
2. All invariants but the main one …



@2187

8 years 
mulligan 
Work from today on the big proof.



@2183

8 years 
mulligan 
More progress on main lemma proof.



@2181

8 years 
mulligan 
Work from the last week on the new formulation of the main lemma for …



@2177

8 years 
campbell 
Tidy up multiplication.



@2173

8 years 
mulligan 
MUL case of main lemma nearly complete (subject to two small holes …



@2172

8 years 
mulligan 
Moved new versions of get_ / set_arg_* into Status.ma. Commented out …



@2171

8 years 
mulligan 
Finished the commutations



@2170

8 years 
sacerdot 
Splitted from AssemblyProofSplit?.ma



@2168

8 years 
sacerdot 
No more daemons left! All axioms are real axioms.


