

@1921

9 years 
mulligan 
Horror proof mostly finished (compiles all way until end of CostsProof?.ma).



@1920

9 years 
campbell 
Most of the labelling simulation. Still need to sort out switch …



@1919

9 years 
mulligan 
Fixes to get everything compiling again



@1918

9 years 
tranquil 
using listb.ma now



@1917

9 years 
tranquil 
predicate for unrepeating traces, fused final_abstract_status with …



@1916

9 years 
mulligan 
Closed remaining daemons in block_cost'. Rest of file now typechecks …



@1915

9 years 
garnier 
Correction of a typo in switchRemoval.



@1914

9 years 
campbell 
Fix bug in Clight semantics that misses gotolabels inside a cost …



@1913

9 years 
mulligan 
Got the rest of the file to typecheck as before.



@1912

9 years 
mulligan 
Patches to get block_cost' and dependencies working again after change …



@1911

9 years 
mulligan 
Changed statement of block_cost' to start on new termination argument



@1910

9 years 
mulligan 
Finished proof modulo termination argument



@1909

9 years 
mulligan 
Ported new statements to remainder of Interpret.ma file.



@1908

9 years 
fguidi 
notation fixup following last commit of matita
we shifted the levels …



@1907

9 years 
mulligan 
Fixes to get file to compile



@1906

9 years 
mulligan 
Statements simplified in block_cost and dependencies



@1905

9 years 
boender 
 plugging gap in assembly proof



@1904

9 years 
mulligan 
Problem with proof fixed by noting that problem is actually irrelevant



@1903

9 years 
mulligan 
Small changes prior to experiment



@1902

9 years 
mulligan 
Reverted needless changes to StructuredTraces?



@1901

9 years 
mulligan 
Slight changes to StructuredTraces?: should not change too much



@1900

9 years 
mulligan 
CostProof? complete, modulo some daemons and axioms in earlier files



@1899

9 years 
mulligan 
Changes to statements of theorems



@1898

9 years 
mulligan 
Ported changes from ASMCosts.ma into CostsProof?.ma and got everything …



@1897

9 years 
mulligan 
Changes to proof, and pushed through those changes to rest of the file.



@1896

9 years 
mulligan 
Finished horror proof



@1895

9 years 
mulligan 
Split the ASMCosts files while working on traverse_code_internal. A …



@1894

9 years 
mulligan 
Closed a hole in the proof by deriving a contradiction using even_p …



@1893

9 years 
campbell 
Show stronger result about labelling of expressions.



@1892

9 years 
mulligan 
Lots of work from today



@1891

9 years 
mulligan 
Nightmarish proofs on bitvectors. Trying to find some way of making …



@1890

9 years 
boender 
 added comment about bitvector translation



@1889

9 years 
boender 
 some pages of article



@1888

9 years 
campbell 
Show that labelling of expressions works ...
after fixing it to match …



@1887

9 years 
boender 
 added SEFM2012 directory
 some progress in assembly



@1886

9 years 
boender 
 improvements for disambiguation and quick(er) typing



@1885

9 years 
boender 
 updated assembler with new definition of occurs_exactly_once



@1884

9 years 
campbell 
Syntax changes to fit Paolo's commit.



@1883

9 years 
campbell 
Ilias' switch removal code, plus a test.



@1882

9 years 
tranquil 
big update, alas incomplete:
joint changed a bit, and all BE languages …



@1881

9 years 
campbell 
Resurrect version of exec_up_to which shows the final state.



@1880

9 years 
campbell 
Show that RTLabs flat traces are determined by their starting state, …



@1879

9 years 
boender 
 Policy compiles until the end, still some (fairly trivial) cases …



@1878

9 years 
campbell 
Enforce typing of constants in frontend, plus binops for RTLabs.



@1877

9 years 
campbell 
Update RTLabs structured traces for typed binops and new memory model.



@1876

9 years 
campbell 
Update Cexec soundness proof.
Change finishes_with predicate to …



@1875

9 years 
campbell 
Update brief memory model test.



@1874

9 years 
campbell 
First cut at using backend memory model throughout.
Note the …



@1873

9 years 
campbell 
Fix up earlier frontend value conversion work.



@1872

9 years 
campbell 
Make binary operations in Cminor/RTLabs properly typed.
A few extra …



@1871

9 years 
campbell 
Change Clight to Cminor compilation to use gotos rather than loops, …



@1870

9 years 
boender 
 changed sigma00 in Assembly to use foldl_strong + proved invariants …



@1869

9 years 
mulligan 
a load of axioms closed in ASMCosts file



@1831

9 years 
mulligan 
small changes to asmcosts file to refactor proof



@1812

9 years 
campbell 
Provide a combined type for terminating and nonterminating structured …



@1811

9 years 
boender 
 corrected definition of geb



@1810

9 years 
boender 
 new version of policy that compiles up to the final glue



@1809

9 years 
boender 
 committed partially compiling version of policy (up until …



@1808

9 years 
campbell 
Create a Prop version of the nonterminating structured traces so that …



@1807

9 years 
mulligan 
some changes, as finally worked out what i was up to prior to working …



@1806

9 years 
campbell 
Show that we could construct RTLabs nonterminating structured traces …



@1805

9 years 
campbell 
RTLabs structured traces: package up some of the properties we need …



@1784

9 years 
campbell 
Start on proof of existence of nonterminating RTLabs structured traces.



@1783

9 years 
campbell 
Remove junk from nonterminating structured traces.



@1782

9 years 
campbell 
Correct bad inversion.



@1765

9 years 
campbell 
Rule out final states in nonterminating executions chunks (RTLabs …



@1764

9 years 
campbell 
Terminating function preserve the property that the execution does not …



@1736

9 years 
campbell 
Show that the bound on the number of instructions until a cost label …



@1730

9 years 
sacerdot 
Minor changes while studying the proof.



@1729

9 years 
sacerdot 
Comment left from SVN merge removed.



@1719

9 years 
campbell 
Show that nontermination survives a terminating function call.



@1713

9 years 
campbell 
Add a distinguished final state to the frontend languages to match up …



@1712

9 years 
campbell 
Show that constructing an RTLabs structure trace really does use a …



@1711

9 years 
mulligan 
finished block_cost' proof: 1.5 minutes to typecheck qed.



@1710

9 years 
mulligan 
changes from friday afternoon



@1709

9 years 
mulligan 
Changes to the execution of the MOVC instruction



@1707

9 years 
campbell 
Progress on finite segments of infinite RTLabs structured trace.



@1706

9 years 
campbell 
Checkpoint RTLabs structured traces.



@1705

9 years 
campbell 
Checkpoint RTLabs labelling soundness work.



@1697

9 years 
mulligan 
important bug found



@1696

9 years 
mulligan 
finished adding russell types to the traverse_cost_* functions



@1695

9 years 
mulligan 
Progress on CostsProof?.ma file.



@1693

9 years 
mulligan 
Changes to ASMCosts and CostsProofs? files to get everything working again.



@1692

9 years 
mulligan 
resolved conflict in asm costs this morning



@1691

9 years 
sacerdot 
Some progress in the proof: less daemons, less hypotheses in lemmas.



@1684

9 years 
mulligan 
changes from the past week



@1682

9 years 
campbell 
Complete proof for as_after_return for RTLabs.



@1681

9 years 
campbell 
Checkpoint of stack preservation work in RTLabs.



@1680

9 years 
campbell 
Comment out unused tailcalls in Cminor and RTLabs.
(They would be a …



@1675

9 years 
campbell 
Some work on sound labelled for RTLabs.



@1672

9 years 
campbell 
Matita now generates a couple of inversion lemmas that were manually …



@1671

9 years 
campbell 
A little more on RTLabs infinite traces.



@1670

9 years 
campbell 
Snapshot of nonterminating RTLabs structured traces work.



@1669

9 years 
mulligan 
Commit for claudio



@1668

9 years 
boender 
 split build_maps into build_maps and build_maps_ok
 work with CSC …



@1667

9 years 
sacerdot 
Main lemma for the main_thm of AssemblyProof? redeclared as an axiom …



@1666

9 years 
sacerdot 
PreStatus? datatype change: the code_memory field is not a left …



@1665

9 years 
mulligan 
progress on closing holes in block_cost' proof



@1663

9 years 
mulligan 
old cases working again, work on new ones



@1658

9 years 
mulligan 
asm costs changes from today


