|
|
|
@2281
|
8 years |
sacerdot |
…
|
|
|
|
@2280
|
8 years |
sacerdot |
Proof repaired.
|
|
|
|
@2279
|
8 years |
sacerdot |
1. Bug fixed in the semantics of PUSH (no indirection performed)
2. …
|
|
|
|
@2278
|
8 years |
mulligan |
Half of JC case complete
|
|
|
|
@2277
|
8 years |
tranquil |
* replaced incorrect use of subvector_with
|
|
|
|
@2276
|
8 years |
sacerdot |
…
|
|
|
|
@2275
|
8 years |
tranquil |
* moved around some code (I8051.ma does not depend on ByteValues?.ma …
|
|
|
|
@2274
|
8 years |
sacerdot |
Dead code commented out and code out of place moved to Test.ma.
|
|
|
|
@2273
|
8 years |
sacerdot |
1. lemmas moved from all files to Test.ma
2. most of the lemmas in …
|
|
|
|
@2272
|
8 years |
mulligan |
Changed proof strategy for main lemma after noticed that the current …
|
|
|
|
@2271
|
8 years |
garnier |
Proof of correction for the semantics of expressions under memory …
|
|
|
|
@2270
|
8 years |
mulligan |
Bug spotted and fixed in write_at_stack_pointer
|
|
|
|
@2269
|
8 years |
sacerdot |
Proof completely repaired up to …
|
|
|
|
@2268
|
8 years |
mulligan |
Bug spotted in instruction_size (lookup_datalabels cannot just be a …
|
|
|
|
@2267
|
8 years |
sacerdot |
Call is now proved using the new strategy.
|
|
|
|
@2266
|
8 years |
sacerdot |
All daemons closed in Jmp case.
|
|
|
|
@2265
|
8 years |
sacerdot |
Commented out code removed.
|
|
|
|
@2264
|
8 years |
sacerdot |
1) Major change: we now always use the efficient way of resolving …
|
|
|
|
@2263
|
8 years |
garnier |
Finished proving semantics preservation under memory injections for …
|
|
|
|
@2262
|
8 years |
mulligan |
Changes from today.
|
|
|
|
@2261
|
8 years |
mulligan |
Resolved conflict
|
|
|
|
@2260
|
8 years |
sacerdot |
Now we use the efficient lookup_address.
|
|
|
|
@2259
|
8 years |
mulligan |
For Claudio
|
|
|
|
@2258
|
8 years |
sacerdot |
1. lemma generalized
2. automation replaced with expansion to make …
|
|
|
|
@2257
|
8 years |
mulligan |
Daemon in SETB case closed.
|
|
|
|
@2256
|
8 years |
mulligan |
MOV and MOVX cases complete
|
|
|
|
@2255
|
8 years |
garnier |
Had to modify the definition of memory injections to prove that …
|
|
|
|
@2254
|
8 years |
campbell |
Fix up invariants in Cminor semantics.
|
|
|
|
@2253
|
8 years |
campbell |
Cminor to RTLabs is now a total function.
|
|
|
|
@2252
|
8 years |
campbell |
Use the return statement invariant. Restructure the invariants for …
|
|
|
|
@2251
|
8 years |
campbell |
Add new invariant to Cminor that return typs should be respected.
|
|
|
|
@2250
|
8 years |
campbell |
Tidy up Clight to Cminor pass a bit.
|
|
|
|
@2249
|
8 years |
campbell |
Tweak Cminor invariant to be slightly more readable/extendable.
|
|
|
|
@2248
|
8 years |
sacerdot |
Final changes. All daemons removed, but the real one (open goal).
|
|
|
|
@2247
|
8 years |
mulligan |
Work on the MOV instruction from today and bug fixes in set_arg_1.
|
|
|
|
@2246
|
8 years |
sacerdot |
Final technical lemma streamlined. Maybe it can be streamlined even more.
|
|
|
|
@2245
|
8 years |
sacerdot |
Temporary commit to have a backtracking point. Yes, I know this breaks …
|
|
|
|
@2244
|
8 years |
sacerdot |
Technical lemma used.
|
|
|
|
@2243
|
8 years |
sacerdot |
One more lemma streamlined, one to go + one to be completed.
|
|
|
|
@2242
|
8 years |
sacerdot |
jump_expansion_step3 streamlined
|
|
|
|
@2241
|
8 years |
boender |
- merged changes by Claudio
|
|
|
|
@2240
|
8 years |
sacerdot |
All "interesting" technical lemmas singled out, proofs to be uncommented.
|
|
|
|
@2239
|
8 years |
sacerdot |
One more lemma polished.
|
|
|
|
@2238
|
8 years |
sacerdot |
Taken out lemma integrated.
|
|
|
|
@2237
|
8 years |
sacerdot |
Even shorter version.
|
|
|
|
@2236
|
8 years |
sacerdot |
One subproof made shorter.
|
|
|
|
@2235
|
8 years |
sacerdot |
Towards smaller proofs.
|
|
|
|
@2234
|
8 years |
garnier |
Progress on proving semantics preservation under memory injections.
|
|
|
|
@2233
|
8 years |
tranquil |
* completed update of ERTL semantics
* some minor changes in joint …
|
|
|
|
@2232
|
8 years |
campbell |
Remove unused block structure in Cminor.
|
|
|
|
@2231
|
8 years |
garnier |
Various tiny lemmas used in at least two files in the fornt-end.
|
|
|
|
@2230
|
8 years |
sacerdot |
Glue proof maximally simplified or sort of.
|
|
|
|
@2229
|
8 years |
sacerdot |
More cleaning up, ready for more aggressive factorization.
|
|
|
|
@2228
|
8 years |
sacerdot |
Further proof reduction.
|
|
|
|
@2227
|
8 years |
garnier |
* New version of the switch removal algorithm, described at the top of …
|
|
|
|
@2226
|
8 years |
campbell |
Whole program proof.
|
|
|
|
@2225
|
8 years |
sacerdot |
Minor and major improvements everywhere, shortened proofs.
|
|
|
|
@2224
|
8 years |
campbell |
Proper whole program result in RTLabs/Traces
|
|
|
|
@2223
|
8 years |
campbell |
Simplify RTLabs structure traces proofs by getting rid of wrong …
|
|
|
|
@2222
|
8 years |
sacerdot |
More robust to possible future changes to the "in match" semantics …
|
|
|
|
@2221
|
8 years |
boender |
- removed cases daemon from PolicyFront?
|
|
|
|
@2220
|
8 years |
sacerdot |
Some minor speed up and daemon-uncommenting.
|
|
|
|
@2219
|
8 years |
campbell |
Speed up cast simplification proof checking a bit.
|
|
|
|
@2218
|
8 years |
campbell |
Separate out cost properties required of RTLabs programs from the …
|
|
|
|
@2217
|
8 years |
tranquil |
* collapsed step_params, unserialized_params, funct_params and …
|
|
|
|
@2216
|
8 years |
mulligan |
More work on the big lemma. Nearly there now.
|
|
|
|
@2215
|
8 years |
sacerdot |
Some speed up.
|
|
|
|
@2214
|
8 years |
tranquil |
* changed order of parameters of joint_internal_function and genv in …
|
|
|
|
@2213
|
8 years |
boender |
- removed one cases daemon
|
|
|
|
@2212
|
8 years |
mulligan |
More work on the INC case
|
|
|
|
@2211
|
8 years |
boender |
- finished proof of sigma specification
- added some stuff to Util, as …
|
|
|
|
@2210
|
8 years |
mulligan |
XOR case completely finished.
|
|
|
|
@2209
|
8 years |
mulligan |
Closed major daemons in the supporting lemmas of the main lemma.
|
|
|
|
@2208
|
8 years |
tranquil |
* moving some code around
* changed immediates to hold beval in …
|
|
|
|
@2207
|
8 years |
mulligan |
Improvements and corrections to the main lemma proof in …
|
|
|
|
@2206
|
8 years |
campbell |
Add note about cost maps to simulation definition.
|
|
|
|
@2205
|
8 years |
campbell |
Get correctness.ma type checking again.
|
|
|
|
@2204
|
8 years |
sacerdot |
Shuffling around, suggestions, improvements.
|
|
|
|
@2203
|
8 years |
campbell |
A general result about simulations of executions.
|
|
|
|
@2202
|
8 years |
campbell |
Start defining equivalent executions.
|
|
|
|
@2201
|
8 years |
campbell |
Forgotten comment update.
|
|
|
|
@2200
|
8 years |
tranquil |
* updated joint semantics: generation of linear and graph semantics
* …
|
|
|
|
@2199
|
8 years |
sacerdot |
No longer used lemma containing the last daemon removed.
The proof is …
|
|
|
|
@2198
|
8 years |
mulligan |
Work from today.
|
|
|
|
@2197
|
8 years |
sacerdot |
Main lemmas all closed.
|
|
|
|
@2196
|
8 years |
sacerdot |
Speed up using patterns.
|
|
|
|
@2195
|
8 years |
mulligan |
Got AssemblyProof?.ma compiling again using daemons.
|
|
|
|
@2194
|
8 years |
sacerdot |
1. monotone moved to Assembly
2. some easier daemons, one shows an …
|
|
|
|
@2193
|
8 years |
sacerdot |
Statement clean-up.
|
|
|
|
@2192
|
8 years |
sacerdot |
Shuffling around.
|
|
|
|
@2191
|
8 years |
sacerdot |
Only one daemon left.
|
|
|
|
@2190
|
8 years |
sacerdot |
Two daemons left.
|
|
|
|
@2189
|
8 years |
sacerdot |
Proof very close to completion.
|
|
|
|
@2188
|
8 years |
sacerdot |
1. Policy specification generalized
2. All invariants but the main one …
|
|
|
|
@2187
|
8 years |
mulligan |
Work from today on the big proof.
|
|
|
|
@2186
|
8 years |
tranquil |
updated joint semantics
|
|
|
|
@2185
|
8 years |
campbell |
Use bitvectors for offsets.
|
|
|
|
@2184
|
8 years |
campbell |
Minor fix ups.
|
|
|
|
@2183
|
8 years |
mulligan |
More progress on main lemma proof.
|
|
|
|
@2182
|
8 years |
tranquil |
updated linearisation pass
|
|
|
|
