2003-06-16  David Aspinall  <da@dcs.ed.ac.uk>

    * DaveExper/ToyGrailLemmas.thy 1.16: Delete hpsize_def from simpset

2003-06-16  lenb  <lenb@dcs.ed.ac.uk>

    * DaveExper/ExampleListReverseInplace.thy 1.3, DaveExper/ExampleListAppend.thy 1.2:
    Added temporal proof

    * DaveExper/ExampleListClass.thy 1.3: Added LLength predicate and lemmas

2003-06-12  David Aspinall  <da@dcs.ed.ac.uk>

    * DaveExper/ToyGrailLemmasNat.thy 1.2, DaveExper/ToyGrailDefNat.thy 1.3:
    Add newobj

    * DaveExper/SimpVC.ML 1.2:
    Tweaks to handle nested patterns and nested elementhood.

    * DaveExper/SimpVC.thy 1.2: Updated.

    * DaveExper/SimpVC.thy 1.1: New files.

    * DaveExper/ExampleListlength.thy 1.4: Proof of clock count / heap size

    * DaveExper/ExampleEvenOdd.thy 1.11: Remove HSize

    * DaveExper/ToyHLproofs.thy 1.5, DaveExper/ToyHLrec.thy 1.4:
    Use newobj function in New rules

    * DaveExper/ToyHLderived.thy 1.21: Add two rules for using adaptation.

    * DaveExper/ToyHLbasic.thy 1.19: Use newobj in New rule

    * DaveExper/ToyGrailLemmas.thy 1.15:
    Add newobj lemmas.  Add hpsize function (Lennart) and properties

    * DaveExper/ToyGrailDef.thy 1.20: Add back newobj constant

2003-06-11  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * DaveExper/ToyVDMderived.thy 1.9, DaveExper/ExampleEOI.thy 1.3, DaveExper/ExampleEOIVDM.thy 1.1, DaveExper/ExampleEvenOdd.thy 1.10, DaveExper/ExampleEvenOddVDM.thy 1.5, DaveExper/ExamplePing.thy 1.4, DaveExper/ExamplePingVDM.thy 1.1, DaveExper/ToyGrailDef.thy 1.19, DaveExper/ExampleDecIVDM.thy 1.1:
    Tinkered with invoke rules and examples.
    ExamplePingVDM.thy (using InvokeStatic and direct recursion) now goes
    through, but uses an unproven rule VInvokeStaticRecSat2 akin to the
    corresponding Call rule.

2003-06-11  David Aspinall  <da@dcs.ed.ac.uk>

    * ChangeLog 1.2: Updated

    * CmltList.thy 1.4: Remove false assumption, undoing fantastic proof.

2003-06-11  lenb  <lenb@dcs.ed.ac.uk>

    * DaveExper/ExampleEvenOdd.thy 1.9, DaveExper/ExampleListReverseInplace.thy 1.2:
    Why EvenOdd upodated? In Reverse: attempt at clock

2003-06-11  oshka208  <oshka208@dcs.ed.ac.uk>

    * DaveExper/ListToyCut.thy 1.1: an example

    * DaveExper/ListLength.thy 1.1: add length predicate

2003-06-11  lenb  <lenb@dcs.ed.ac.uk>

    * DaveExper/ExampleListReverseInplace.thy 1.1, DaveExper/ExampleListAppend.thy 1.1:
    Proof of spacebound complete

    * DaveExper/ExampleListClass.thy 1.2:
    Add HSize and SizeInsert (both should ge somewhere in basics eventually)

2003-06-11  David Aspinall  <da@dcs.ed.ac.uk>

    * DaveExper/ToyHLextras.thy 1.2: Add derivation of HCall from HCallinv

    * DaveExper/ToyHLbasic.thy 1.18, DaveExper/ToyHLderived.thy 1.20:
    Move HCallinv into basic.

2003-06-10  lenb  <lenb@dcs.ed.ac.uk>

    * DaveExper/ExampleListlength.thy 1.3: Functional correctness works

2003-06-10  David Aspinall  <da@dcs.ed.ac.uk>

    * DaveExper/ExampleEvenOddproofs.thy 1.1, DaveExper/ExampleKonstproofs.thy 1.1, DaveExper/ExampleCountproofs.thy 1.1, DaveExper/ToyHLproofsDeriv.thy 1.1:
    New files.

2003-06-09  David Aspinall  <da@dcs.ed.ac.uk>

    * DaveExper/ExampleEvenOddVDM.thy 1.4:
    Warning about possibly bogus proof from false assumption

    * DaveExper/ExampleCountVDM.thy 1.4: Comments.

    * DaveExper/TODO 1.6: Updated.

    * DaveExper/ExampleCountVDM.thy 1.3, DaveExper/ToyVDMderived.thy 1.8:
    Remove need for type constraint on SATISFIED expressions

    * DaveExper/ExampleKonstVDM.thy 1.6: Use SATISFIES syntax

    * DaveExper/ToyVDMderived.thy 1.7:
    Add some silly syntax for VDM specs; add derived rule for using it.

    * DaveExper/ToyHLbasic.thy 1.17: Tweak proof

    * DaveExper/ToyHLderived.thy 1.19: Comments.

    * DaveExper/ExampleCountVDM.thy 1.2:
    Fixed up to prove non-trivial property.  Main innovation is constructing exact specification.

    * DaveExper/TODO 1.5: Updated.

    * DaveExper/ToyGrailDefNat.thy 1.2: Merge tweaks to tick

    * DaveExper/ToyGrailDef.thy 1.18:
    Comment.  Revert incrcallcount to non-lambda

    * DaveExper/TODO 1.4, DaveExper/README 1.5: Updated.

    * DaveExper/ToyGrailLemmas.thy 1.14:
    Begun to add back Lennarts record simps (but are they causing looping?)

    * DaveExper/ToyHLrec.thy 1.3: Use imagepre

    * DaveExper/ToyGrailDef.thy 1.17:
    Switch callcount and invokecount to ints.  Tune definitions of tick/tickcall.

    * DaveExper/ExampleKonstVDM.thy 1.5:
    I broke HWs proof so have fixed it with VCallRec1

    * DaveExper/ToyVDMderived.thy 1.6:
    Add VCallRec1 which (I hope) avoids untick/uncall instantiations.

    * DaveExper/ToyVDMderived.thy 1.5: Small bugfix.

    * DaveExper/ExampleKonst.thy 1.7, DaveExper/ExampleCount.thy 1.3, DaveExper/ExampleEvenOdd.thy 1.8:
    Comments.

    * DaveExper/ExampleKonst.thy 1.6: Comments and naming

    * DaveExper/ExampleCount.thy 1.2: Updated.

    * DaveExper/ExampleCount.thy 1.1: New files.

    * DaveExper/ToyHLderived.thy 1.18: Small bugfix.

    * DaveExper/ToyHLderived.thy 1.17:
    Remove old stuff to ToyHLextras.  Add two rules for recursive annotated calls  which work.

    * DaveExper/ToyHLextras.thy 1.1: New files.

    * DaveExper/ToyHLbasic.thy 1.16:
    Add assertion transformer stuff here (but little used).  Use it in HCall rule.

    * DaveExper/ToyHLproofs.thy 1.4: Add contexts to conseq rule.

    * DaveExper/README 1.4: Updated.

    * DaveExper/ToyFunGrail.thy 1.2: Deleted file

    * DaveExper/ToyFunGrail.thy 1.1: New files.

2003-06-08  David Aspinall  <da@dcs.ed.ac.uk>

    * DaveExper/defunct/ToyGrailDefOverloaded.thy 1.1: New files.

    * DaveExper/ToyHLmutrec.thy 1.2, DaveExper/defunct/ToyHLmutrec.thy 1.1:
    Renamed file

    * DaveExper/ToyVDM.thy 1.10:
    Define VDM validity directly so HL dep can be removed.  Simplify VIfstrong.

    * DaveExper/ToyGrailLemmas.thy 1.13:
    Fix inductive cases to match evaluation rules

    * DaveExper/ToyGrailDef.thy 1.16: Add shorthand for tick o incrcallcount

    * DaveExper/ToyFunGrailDef.thy 1.1, DaveExper/ToyGrailLemmasExtras.thy 1.1:
    New files.

    * DaveExper/README 1.3: Updated.

    * DaveExper/ToyGrailLemmasNat.thy 1.1, DaveExper/ToyGrailDefNat.thy 1.1, DaveExper/ToyHLbasicNat.thy 1.1, DaveExper/ToyHLproofs2.thy 1.1, DaveExper/ToyHLrec2.thy 1.1:
    New files.

    * DaveExper/ToyHLproofs.thy 1.3: Comments.

2003-06-07  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * DaveExper/ToyHLderived.thy 1.16, DaveExper/ToyVDMderived.thy 1.4, IsaMakefile 1.2, ToyHLbasic0.thy 1.8:
    Added Call rules (Hoare-style) motivated by ol VCG (see HCall*4VCG*).

2003-06-06  David Aspinall  <da@dcs.ed.ac.uk>

    * ChangeLog 1.1, Makefile 1.1: New files.

    * PLAN.txt 1.12: Updated.

    * Finmap.thy 1.10: Comments

    * DaveExper/ToyGrailLemmas.thy 1.12:
    Remove mono props from simpset [WARNING: may break proofs; prob not]

    * DaveExper/ToyHLproofs.thy 1.2: Fix non-leaf rules to carry contexts

2003-06-06  lenb  <lenb@dcs.ed.ac.uk>

    * DaveExper/ExampleEvenOddVDM.thy 1.3: Added shoter proof

2003-06-05  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * DaveExper/ExampleEvenOddVDM.thy 1.2, DaveExper/ToyVDM.thy 1.9, DaveExper/ToyVDMderived.thy 1.3:
    ExampleEvenOddVDM.thy now works (proof needs clean-up)

2003-06-05  David Aspinall  <da@dcs.ed.ac.uk>

    * DaveExper/ToyVDMderived.thy 1.2: Remove crap (not needed, right?)

    * DaveExper/ToyVDM.thy 1.8: Add stronger if rule

    * DaveExper/ToyHLbasic.thy 1.15: Trivially simplified measure rule

    * DaveExper/ToyGrailDef.thy 1.15: Add shorthand for tick/incrcallcount

    * DaveExper/ToyHLrec.thy 1.2: Updated.

    * DaveExper/ToyHLproofs.thy 1.1: New files.

2003-06-05  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * DaveExper/ExampleKonstVDM.thy 1.4, DaveExper/ToyVDM.thy 1.7:
    konst VDM-style now has a complete proof

2003-06-04  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * DaveExper/ExampleCountVDM.thy 1.1, DaveExper/ExampleEvenOddVDM.thy 1.1, DaveExper/ExampleKonstVDM.thy 1.3:
    Added an "untick" function; with this the count example goes through.

    * DaveExper/ExampleDecVDM.thy 1.1, DaveExper/ExampleSwapVDM.thy 1.2:
    Simple dec and swap examples now run through smoothly in VDM style.

2003-06-03  David Aspinall  <da@dcs.ed.ac.uk>

    * DaveExper/ToyVDM.thy 1.6:
    Add crucial missing paren in VIf... also cleanup claset

    * DaveExper/ToyVDM.thy 1.5: Fix for diamondsuit, changes to New, Measure.

    * DaveExper/ToyGrailDef.thy 1.14: Whitespace

2003-06-03  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * DaveExper/ExampleNew.thy 1.1, DaveExper/ExampleSwapVDM.thy 1.1, DaveExper/ToyVDMderived.thy 1.1:
    Examples for VDM-style stuff. Problems with rule for If.
    Tried alternatives for this rule
    Added ToyVDMderived.thy for these rules.

    * DaveExper/document/informal.ps 1.1, DaveExper/document/informal.tex 1.4:
    Added rules for get-put-fields and Invokes

2003-06-02  lenb  <lenb@dcs.ed.ac.uk>

    * DaveExper/document/informal.tex 1.3:
    More dynamic semantics and Hoare rules

2003-06-02  David Aspinall  <da@dcs.ed.ac.uk>

    * DaveExper/ExampleEvenOdd.thy 1.7, DaveExper/ToyHLbasic.thy 1.14, DaveExper/ToyHLderived.thy 1.15:
    Revert to previous HPre/HPost versions, in HLbasic

2003-05-31  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * DaveExper/ExamplePing.thy 1.3, DaveExper/ToyHLderived.thy 1.14:
    ping example

2003-05-30  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * DaveExper/ExampleEvenOdd.thy 1.6, DaveExper/ExamplePing.thy 1.2, DaveExper/ToyHLderived.thy 1.13:
    reordering of proof steps to make it go through

    * FeatureReports/ToyVCGtest0xc.thy 1.2, FeatureReports/ToyVCGtest_BROKEN.thy 1.3:
    narrowed down namespace problem (0xc)

    * DaveExper/ExampleEOI.thy 1.2, DaveExper/ExamplePing.thy 1.1:
    Ping example (direct recursion; essentially count with invokes)

2003-05-30  David Aspinall  <da@dcs.ed.ac.uk>

    * DaveExper/ToyHLderived.thy 1.12, DaveExper/ExampleEvenOdd.thy 1.5:
    Revert to original HPre/HPost rules

    * DaveExper/ExampleEvenOdd.thy 1.4: Remove dep on SimpleVCG

    * DaveExper/SimpleVCG.thy 1.7: Disabled CallPreRec rules

    * DaveExper/ToyHLderived.thy 1.11, DaveExper/ExampleEvenOdd.thy 1.3:
    Changed rule for preconditions; even odd now goes through

    * DaveExper/ExampleEvenOdd.thy 1.2: Todays version

    * DaveExper/ExampleEvenOdd.thy 1.1: New files.

    * DaveExper/SimpleVCG.thy 1.6:
    Add tactic for simplifying VCs (broken) and beginnings of recursive call rules

    * DaveExper/SimpVC.ML 1.1: New files.

    * DaveExper/ToyHLderived.thy 1.10:
    Altered rules for annotations (still not right)

    * DaveExper/ToyGrailDef.thy 1.13, DaveExper/ToyHLbasic.thy 1.13:
    Ignore annotations in op sems as Martin suggested. Use diamond symbol in some more places.

    * DaveExper/ToyPrelude.thy 1.4:
    Fix embarrassing mistake I introduced in ISZERO.

2003-05-29  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * FeatureReports/ToyHLVCG.ML 1.1, FeatureReports/ToyVCG.ML 1.1, FeatureReports/ToyVCG0.ML 1.1, FeatureReports/ToyVCG1.ML 1.1, DaveExper/ExampleEOI.thy 1.1, DaveExper/ExampleKonst.thy 1.5, DaveExper/ToyHLbasic.thy 1.12, DaveExper/ToyHLderived.thy 1.9, DaveExper/ToyVDM.thy 1.4, ToyHLbasic0.thy 1.7:
    Added example of InvokeStatic: even-odd (unfinished)

2003-05-29  David Aspinall  <da@dcs.ed.ac.uk>

    * DaveExper/ExampleListlength.thy 1.2: casetac

2003-05-29  lenb  <lenb@dcs.ed.ac.uk>

    * DaveExper/ExampleListlength.thy 1.1:
    correctness works, modulo side conditions

    * DaveExper/ExampleListClass.thy 1.1:
    Class of Lists and their representation

    * DaveExper/ToyHLderived.thy 1.8: Added rule HLetrI

2003-05-29  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * FeatureReports/ToyVCG1.thy 1.1, FeatureReports/ToyVCGtest0xa.thy 1.2, FeatureReports/ToyVCGtest0xb.thy 1.2, FeatureReports/ToyVCGtest0xc.thy 1.1, FeatureReports/ToyVCGtest_BROKEN.thy 1.2, FeatureReports/ToyHLbasic0.thy 1.1, FeatureReports/ToyHLbasic1.thy 1.1, FeatureReports/ToyPrelude.thy 1.1, FeatureReports/ToyVCG.thy 1.1, FeatureReports/ToyVCG0.thy 1.1, FeatureReports/Finmap.thy 1.1, FeatureReports/ToyGrailDef.thy 1.1, FeatureReports/ToyGrailLemmas.thy 1.1, FeatureReports/ToyHLVCG.thy 1.1, FeatureReports/ToyHLbasic.thy 1.1:
    more featrbures

    * VCG-stuff/ToyVCG.ML 1.5, VCG-stuff/ToyVCGtest0.thy 1.1, VCG-stuff/ToyVCGtest6.thy 1.1, VCG-stuff/ExampleDvd.thy 1.1, VCG-stuff/ExampleEvenOdd.thy 1.1, VCG-stuff/ExampleKonst.thy 1.1, VCG-stuff/T.thy 1.2, VCG-stuff/ToyGrailDef.thy 1.2, VCG-stuff/ToyHLbasic.thy 1.4:
    petaQ

2003-05-29  David Aspinall  <da@dcs.ed.ac.uk>

    * DaveExper/ToyGrailDef.thy 1.12, DaveExper/ToyHLbasic.thy 1.11:
    Fix diamond syntax

2003-05-28  David Aspinall  <da@dcs.ed.ac.uk>

    * DaveExper/ToyGrailDef.thy 1.11, DaveExper/ToyGrailLemmas.thy 1.11, DaveExper/ToyHLbasic.thy 1.10:
    Add arguments to New

    * PLAN.txt 1.11: Updated.

    * DaveExper/document/informal.tex 1.2: Add some notes

    * IsaMakefile 1.1: New files.

    * PLAN.txt 1.10: Updated.

    * ToyProgs.thy 1.1, ToyProgsTest.thy 1.1: New files.

    * DaveExper/ExampleKonst.thy 1.4: Updated.

    * DaveExper/ToyHL.thy 1.1: New files.

    * ToyHLbasic.thy 1.43: Text change

    * ToyGrailDef.thy 1.36: Add syntax for var/field updates

    * DaveExper/ExampleKonstVDM.thy 1.2, DaveExper/ToyVDM.thy 1.3:
    Got a bit further with VDM (but const still broken).

    * DaveExper/TODO 1.3: Updated.

    * DaveExper/document/root.bib 1.1, DaveExper/document/root.tex 1.1:
    doc files

    * DaveExper/document/davemisc.sty 1.1, DaveExper/document/davesrcs.sty 1.1, DaveExper/document/Makefile 1.1, DaveExper/document/infrule.sty 1.1, DaveExper/document/informal.tex 1.1, DaveExper/ROOT.ML 1.1, DaveExper/ExampleCmltList.thy 1.1, DaveExper/ToyProgs.thy 1.5, DaveExper/TODO 1.1, DaveExper/ToyHLrec.thy 1.1, DaveExper/ToyHLmutrec.thy 1.1:
    New files.

    * DaveExper/ToyHLderived.thy 1.7: Add HCallRec (unproven)

    * DaveExper/ToyGrailDef.thy 1.10: Revert type of call/invoke count to nat

    * DaveExper/ToyGrailLemmas.thy 1.10: Add rules for invokecount

    * DaveExper/ExampleKonstVDM.thy 1.1: New files.

    * DaveExper/ExampleSwap.thy 1.3: Use VCG for CALL too

    * DaveExper/SimpleVCG.thy 1.5:
    Fix rule parameters and unfolding of funtable bodies

    * DaveExper/ExampleKonst.thy 1.3: Move HRec into HLderived

2003-05-27  David Aspinall  <da@dcs.ed.ac.uk>

    * DaveExper/ToyGrailLemmas.thy 1.9: Add injectivity of tickn/incrcallcount

    * DaveExper/ToyGrailLemmas.thy 1.8: Change If_ constant name

    * DaveExper/ToyPrelude.thy 1.3: Reduce line count

    * DaveExper/ToyVDM.thy 1.2: Commented out some bits for now

    * DaveExper/VCGtest.thy 1.3: Remove swap ex, elsewhere

    * DaveExper/VCGtest.thy 1.2: Updated.

    * DaveExper/ToyGrailDef.thy 1.9: Change name If_ -> Ifg; add grailbool

    * DaveExper/ExampleSwapFields.thy 1.3: Updated.

    * DaveExper/ExampleSwapFields.thy 1.2, DaveExper/ExampleSwap.thy 1.2:
    New files.

    * DaveExper/ToyHLderived.thy 1.6: Show equivalence of two forms of HIf

    * DaveExper/ToyHLderived.thy 1.5: Add HLetI

    * DaveExper/ExampleKonst.thy 1.2:
    Move dep on SimpleVCG, move LetI to HLderived.

    * DaveExper/ExampleKonst.thy 1.1, DaveExper/ExampleSwapFields.thy 1.1, DaveExper/ExampleSwap.thy 1.1, DaveExper/Finmap.thy 1.1:
    New files.

2003-05-25  David Aspinall  <da@dcs.ed.ac.uk>

    * DaveExper/ToyVDM.thy 1.1: New files.

2003-05-24  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyVCGtest5.thy 1.9, ToyVCGtest6.thy 1.6, VCG-stuff/T.thy 1.1, VCG-stuff/ToyVCG.ML 1.4, VCG-stuff/ToyVCGex.thy 1.4, ToyVCGex.thy 1.2, ToyVCGtest4.thy 1.8, ToyHLRules.thy 1.2, ToyHLbasic1.thy 1.4, ToyVCG0.ML 1.8:
    small changes

2003-05-24  David Aspinall  <da@dcs.ed.ac.uk>

    * DaveExper/ToyHLderived.thy 1.4:
    Remove _1 variants.  Tweak call rules for VCG.

    * DaveExper/ToyPrelude.thy 1.2: Updated.

    * DaveExper/ToyHLbasic.thy 1.9: Documentation.

    * DaveExper/SimpleVCG.thy 1.4: Fix CALL.

    * DaveExper/VCGtest.thy 1.1: New files.

    * DaveExper/SimpleVCG.thy 1.3: Documentation.

    * DaveExper/ToyHLdefunct.thy 1.2: Updated.

    * DaveExper/ToyGrailLemmas.thy 1.7: Lemmas about partial projections

    * DaveExper/ToyHLderived.thy 1.3: Tidy up.  Add TODO list.

    * DaveExper/ToyHLbasic.thy 1.8:
    Remove existentials from pre-conditions. Doc update.

    * DaveExper/ToyProgs.thy 1.4, DaveExper/ToyGrailDef.thy 1.8: Doc update

    * DaveExper/SimpleVCG.thy 1.2: Add call rules, embed ML

    * DaveExper/SimpleVCG.thy 1.1, DaveExper/ToyPrelude.thy 1.1: New files.

    * DaveExper/ToyGrailDef.thy 1.7:
    Add partial projections to eliminate existentials from Hoare rules.  Add freshlocst.

    * DaveExper/ToyHLdefunct.thy 1.1: New files.

    * DaveExper/ToyProgs.thy 1.3: Comments; elim rule for isProg

    * DaveExper/ToyHLderived.thy 1.2: More development

    * DaveExper/ToyHLbasic.thy 1.7, DaveExper/ToyGrailDef.thy 1.6:
    Change syntax for pre/post conds

    * DaveExper/ToyHLbasic.thy 1.6: Separate hoarebasics/hoareprocs

    * VCG-stuff/ToyVCG.ML 1.3: Fix printing Got lucky with a let

    * VCG-stuff/ToyVCG.ML 1.2:
    Fix print messages with correct parens and replace print -> tracing

2003-05-23  David Aspinall  <da@dcs.ed.ac.uk>

    * DaveExper/ToyHLbasic.thy 1.5: Invoke rules use oldframe

    * DaveExper/ToyGrailLemmas.thy 1.6, DaveExper/ToyHLbasic.thy 1.4:
    Add rules for RPrimop (why not there already?)

    * DaveExper/ToyGrailLemmas.thy 1.5:
    Add simps for new abstract constant, oldframe (sigh)

    * DaveExper/ToyHLbasic.thy 1.3: More cleanups, add HRPrimop

    * DaveExper/ToyGrailLemmas.thy 1.4: Add PRE, POST, MEASURE cases

    * DaveExper/ToyGrailDef.thy 1.5: Syntax niceties (waste of time)

    * ToyHLbasic.thy 1.42: Solve some oopses

    * DaveExper/ToyHLderived.thy 1.1: New files.

    * DaveExper/ToyHLbasic.thy 1.2:
    More cleanups; add cases for PRE/POST/MEASURE

    * DaveExper/ToyProgs.thy 1.2: Separate trueInProg to avoid expanding

    * DaveExper/ToyGrailDef.thy 1.4:
    Add assertions to instantiate expressions.  Update text to fit defs.

2003-05-23  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * VCG-stuff/ToyVCG.ML 1.1: VCG proper

    * VCG-stuff/ToyVCG.thy 1.3, VCG-stuff/ToyVCGex.thy 1.3, VCG-stuff/ToyVCGtest5.thy 1.2, VCG-stuff/InductionEgs.thy 1.1, VCG-stuff/ToyHLbasic.thy 1.3:
    minor fixes

    * VCG-stuff/ToyHLbasic.thy 1.2, VCG-stuff/ToyVCG.thy 1.2, VCG-stuff/ToyVCGex.thy 1.2:
    fixed problems in the cleaned up vcg w/ fact example

2003-05-22  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * VCG-stuff/ToyVCGex.thy 1.1, VCG-stuff/ToyVCGtest5.thy 1.1, VCG-stuff/Finmap.thy 1.1, VCG-stuff/ToyGrailDef.thy 1.1, VCG-stuff/ToyGrailLemmas.thy 1.1, VCG-stuff/ToyHLbasic.thy 1.1, VCG-stuff/ToyPrelude.thy 1.1, VCG-stuff/ToyVCG.thy 1.1:
    Added cleaned-up VCG files into own subdir

2003-05-22  lenb  <lenb@dcs.ed.ac.uk>

    * CmltList.thy 1.3, InductionEgs.thy 1.5:
    More (unsuccessful experiments in CmltList. Induction contains my
    (slightly incomplete) version for factorial

2003-05-22  David Aspinall  <da@dcs.ed.ac.uk>

    * DaveExper/README 1.2: Updated.

    * DaveExper/ToyHLbasic.thy 1.1: New files.

    * DaveExper/ToyGrailLemmas.thy 1.3, DaveExper/ToyGrailDef.thy 1.3:
    Switch back to small heap model

    * ToyGrailDef.thy 1.35: More syntax priority changes

    * ToyVCGtest6.thy 1.5: Updated.

    * ToyPrelude.thy 1.2: Alter priorities so less parens needed

    * DaveExper/ToyGrailLemmas.thy 1.2: Projection on callcount

    * DaveExper/ToyGrailDef.thy 1.2: Fixes for heap rep

    * DaveExper/ToyProgs.thy 1.1, DaveExper/ToyProgsTest.thy 1.1: New files.

    * CmltList.thy 1.2: Change to new LET syntax

2003-05-20  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyVCG0.ML 1.7: reorded definitions

    * FeatureReports/ToyVCGtest0xb.thy 1.1, FeatureReports/ToyVCGtest_BROKEN.thy 1.1, FeatureReports/ToyVCGtest0xa.thy 1.1, ToyVCGtest0xa.thy 1.4, ToyVCGtest0xb.thy 1.2:
    moved feature reports into a subdir

    * ToyVCG1.thy 1.3, ToyVCG3.ML 1.3, ToyVCG3.thy 1.3, ToyVCGtest5.thy 1.8, ToyHLVCG.ML 1.1, ToyHLVCG.thy 1.1, ToyHLVCGex.thy 1.1, ToyVCG0.ML 1.6, ToyVCG1.ML 1.3, README 1.2, ToyHLBasic.thy 1.1, ToyHLBasicMono.thy 1.1, ToyHLRules.thy 1.1:
    frantic restructuring; see README

2003-05-20  lenb  <lenb@dcs.ed.ac.uk>

    * InductionEgs.thy 1.4, CmltList.thy 1.1:
    Verification of list operations, for code generated by the camelot compiler

2003-05-19  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyVCGtest0xa.thy 1.3, ToyVCGtest0xb.thy 1.1, ToyVCGtest2.thy 1.5, ToyVCGtest3.thy 1.7, ToyVCGtest5.thy 1.7, ToyVCGtest6.thy 1.4, ToyHLbasic0.thy 1.6, ToyVCG0.ML 1.5, ToyVCGtest0.thy 1.5:
    Mainly worked on dvd example. No complete proof, yet.
    Some tinkering in 0xa to narrow down the table lookup problem.

2003-05-19  lenb  <lenb@dcs.ed.ac.uk>

    * InductionEgs.thy 1.3:
    Improvements to evenodd (single function version), including clock & heap

2003-05-18  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyVCGtest1.thy 1.4, ToyVCGtest3.thy 1.6, ToyVCGtest5.thy 1.6, ToyVCGtest7.thy 1.2, ToyVCGtest8.thy 1.2, ToyVCGtest9.thy 1.5, ToyHLbasic0.thy 1.5, ToyVCG0.ML 1.4, ToyVCG0.thy 1.3, ToyVCGex.thy 1.1:
    Minor changes in the VCG only this time.
    Started a file with cleaned-up VCG examples: ToyVCGex.thy
    Tests on factorial (resources) and mydvd example.

2003-05-18  David Aspinall  <da@dcs.ed.ac.uk>

    * DaveExper/ToyGrailLemmas.thy 1.1, DaveExper/ToyGrailDef.thy 1.1, DaveExper/README 1.1:
    New files.

    * ToyHLbasic.thy 1.41: New let syntax

    * ToyGrailDef_Z.thy 1.4: Deleted file

    * ToyGrailDef.thy 1.34:
    Fix folding of state type and add improved syntax for Let

    * ToyGrailLemmas.thy 1.28: Trivial typos

2003-05-17  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyHLbasic0.thy 1.4, ToyVCG0.ML 1.3, ToyVCGtest1.thy 1.3, ToyVCGtest2.thy 1.4, ToyVCGtest4.thy 1.7, ToyVCGtest5.thy 1.5, ToyVCGtest9.thy 1.4:
    Modifications to hoare1 and hoare2 VCG.
    hoare1: using merged Adaptation and CALL; adaptation is Nipkow-style
    hoare2: using separate Adaptation and CALL; adaptation is Kleyman-style
    Specification of factorial in test4 is proven with help of hoare1

2003-05-16  lenb  <lenb@dcs.ed.ac.uk>

    * InductionEgs.thy 1.2:
    count with new now works - started with example for recursive invoke

2003-05-15  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyHLbasic0.thy 1.3, ToyVCG0.ML 1.2, ToyVCG0.thy 1.2, ToyVCGtest3.thy 1.5, ToyVCGtest4.thy 1.6:
    Modified VCGs to use a Kleymann-style adaption rule with CALL.
    Included in hoare_rec and hoare2 VCGs of ToyVCG0.ML
    Examples in ToyVCGtest4.thy (see lemma fact_is_cool)

2003-05-15  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyHLbasic0.thy 1.2: Quick hack to fix INT change

    * ToyHLbasic.thy 1.40: Add nat->int fixes.

    * ToyGrailLemmas.thy 1.27:
    Extra lemma about heaps being finite; change types in state from nat to int

    * ToyGrailDef.thy 1.33:
    Change types in state from nat to int; remove some redundant finiteness assumptions

    * InductionEgs.thy 1.1: New files.

2003-05-15  lenb  <lenb@dcs.ed.ac.uk>

    * ToyVCGtest.thy 1.13: inprovements to countfn with resources

2003-05-15  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyVCGtest5.thy 1.4, ToyVCGtest6.thy 1.3, ToyHLbasic0.thy 1.1, ToyVCG0.ML 1.1, ToyVCG0.thy 1.1, ToyVCGtest0xa.thy 1.2, ToyVCGtest3.thy 1.4, ToyVCGtest4.thy 1.5:
    Added VCG version w/ pre-post-assertions instantiated to state as aux var.
    Modified some of the test examples to use this version.
    Table lookups seem to be ok in this most-general monomorphic instantiation.

2003-05-14  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyVCGtest0.thy 1.4, ToyVCGtest0xa.thy 1.1, ToyVCGtest4.thy 1.4, ToyVCGtest5.thy 1.3, ToyVCGtest9.thy 1.3, ToyVCG.ML 1.13:
    Added example of failing fun_preassn_table lookup via simp at end of
    ToyVCGtest0xa.thy

2003-05-14  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyVCGtest9.thy 1.2: Possible fix?

2003-05-14  lenb  <lenb@dcs.ed.ac.uk>

    * ToyVCGtest.thy 1.12: Add table and PreAss1 to countfn

2003-05-14  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyHLbasic3.thy 1.3, ToyVCGtest2.thy 1.3, ToyVCGtest3.thy 1.3, ToyVCGtest4.thy 1.3:
    Fixed x-symbol junk in  ToyHLbasic3.thy.
    Fixed HInvoke proof for triple-auxs in  ToyHLbasic3.thy.

2003-05-14  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyVCG.thy 1.17: Remove local path

2003-05-13  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyVCGtest2.thy 1.2, ToyVCGtest3.thy 1.2, ToyVCGtest4.thy 1.2, ToyVCGtest5.thy 1.2, ToyVCGtest6.thy 1.2, ToyVCGtest9.thy 1.1, ToyHLbasic3.thy 1.2, ToyVCG.thy 1.16, ToyVCG1.ML 1.2, ToyVCG1.thy 1.2, ToyVCG3.ML 1.2, ToyVCG3.thy 1.2, ToyVCGtest0.thy 1.3, ToyVCGtest1.thy 1.2, ToyHLbasic1.thy 1.3:
    Added VCG cases for Invoke and InvokeStatic.
    See ToyVCGtest9.thy for examples.
    Currently has problems expanding method body.

2003-05-13  David Aspinall  <da@dcs.ed.ac.uk>

    * LenbVCGexamples.thy 1.2: Still broken, examining inductive proofs

    * ToyGrailDef.thy 1.32, ToyGrailLemmas.thy 1.26, ToyHLbasic.thy 1.39, ToyHLbasic1.thy 1.2:
    Add InvokeStatic and a Hoare rule

2003-05-09  lenb  <lenb@dcs.ed.ac.uk>

    * DT2Preds/mkTheory.sig 1.1, DT2Preds/mkTheory.sml 1.1, DT2Preds/mkTheory.ui 1.1, DT2Preds/mkTheory.uo 1.1, DT2Preds/Example.sml 1.1:
    Added files for simple conversion from datatypes to ToyGrail predicates

    * ToyHLex.thy 1.17, ToyVCGtest.thy 1.11, LT.thy 1.1, LenbVCGexamples.thy 1.1:
    ome more tests - (the beginning of) LP is generated from Camelot-like datatypes.

2003-05-08  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyVCGtest4.thy 1.1, ToyVCGtest5.thy 1.1, ToyVCGtest6.thy 1.1, ToyVCGtest7.thy 1.1, ToyVCGtest8.thy 1.1, ToyVCGtest1.thy 1.1, ToyVCGtest2.thy 1.1, ToyVCGtest3.thy 1.1:
    Various test programs using VCGs

2003-05-07  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyVCG3.thy 1.1, ToyVCGtest.thy 1.10, ToyVCGtest0.thy 1.2, ToyVCG.ML 1.12, ToyVCG.thy 1.15, ToyVCG1.ML 1.1, ToyVCG1.thy 1.1, ToyVCG3.ML 1.1, ToyHLbasic3.thy 1.1, ToyHWL.thy 1.1, ToyHWLtest.thy 1.1, ToyPrelude.thy 1.1, ToyPreludeTest.thy 1.1, LIST.thy 1.3, ListReverseProgram.thy 1.2, ToyGrailDef.thy 1.31, ToyHLbasic.thy 1.38, ToyHLbasic1.thy 1.1:
    Modified VCG with lots of examples. They do a complete traversal of the
    program. Some of the generated VCs still have meta-variables left.
    I'm currently working on these examples and on getting mutual recursion
    to work.

    VCGs:
     hoare_simp etc VCG with unfolding of funbody
     hoare_rec, hoare_rec1 etc VCG using invariants on function calls

    I currently use the VCGs in ToyVCG1.

    At the moment pre- and post-assertions have to be monomorphic to be picked
    up by the simplifier when looking them up in the tables. ToyVCG1 uses
    int preassn type, ToyVCG3 is a start at using (int,int,int) used in the
    mydvd example.

    Good examples to check are test1 (non-rec), test4 (rec).

2003-05-07  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyHLbasic.thy 1.37: Whitespace

    * Finmap.thy 1.9: Remove sorry

2003-04-15  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyHLex.thy 1.16, ToyVCG.ML 1.11, ToyVCGtest0.thy 1.1:
    new examples (direct rec dvd), testing hoare_rec tac with invs

2003-04-13  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyVCG.ML 1.10, ToyVCG.thy 1.14, ToyVCGtest.thy 1.9, ToyHLbasic.thy 1.36:
    Added a tactic that uses the invariant-lookup verison of HCall: hoare_rec
    Some test cases in ToyVCGtest.thy

2003-04-12  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyVCGtest.thy 1.8, ToyHLbasic.thy 1.35, ToyVCG.ML 1.9:
    Most recent versions of HL (started work on mut-rec rules etc),
    VCG (still problems with CALL in THEN branches; limited simplification)
    and VCGtest

2003-04-10  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyVCGtest.thy 1.7: small dec2 example which gives problems to VCG

2003-04-09  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * SpaceExperiments.thy 1.3, ToyGrailDef.thy 1.30, ToyGrailLemmas.thy 1.25, ToyVCG.ML 1.8, ToyVCGtest.thy 1.6:
    VCG runs through with examples up to rec funs (mut-rec untested)
    Solving some VCs fails, just working on that.

2003-04-07  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyHLbasic.thy 1.34: Fixed tests for GetF and PutF.
    They now use relTakesspace etc

2003-04-07  lenb  <lenb@dcs.ed.ac.uk>

    * Finmap.thy 1.8, ToyGrailLemmas.thy 1.24, ToyHLex.thy 1.15:
    Added some lemmas regarding state components...

2003-04-06  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyHLwp.thy 1.9: Some reworking, unfinished.

    * SpaceExperiments.thy 1.2: Added some comments, changed statement

    * ToyVCGtest.thy 1.5: Several proofs now completely solved by hoare_simp.

    * ToyHLex.thy 1.14: Add experimental evaluation tactic.

    * ToyGrailLemmas.thy 1.23: Reworked state simps in a more uniform way

    * ToyGrailDef.thy 1.29:
    Changed state accessors to be syntax instead of consts.

2003-04-05  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyHLex.thy 1.13: Whitespace

    * ToyGrailLemmas.thy 1.22: Remove fmapdomsub_lam.

    * Finmap.thy 1.7: Characterise fmap_dom.   Cleanup proofs.

    * ToyGrailDef.thy 1.28: Remove Void.  Formatting

2003-03-28  oshka208  <oshka208@dcs.ed.ac.uk>

    * SpaceExperiments.thy 1.1: Some examples

    * Finmap.thy 1.6: adding a link to the paper about finmaps

2003-03-27  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyVCGtest.thy 1.4:
    Added ping and coast/pedal example (Nipkow paper) to ToyVCGtest.
    The VCG gets stuck in ping. I'm currently debugging it with ping as input.

2003-03-24  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyGrailDef.thy 1.27, ToyGrailLemmas.thy 1.21, ToyVCGtest.thy 1.3:
    Added swap_example to ToyVCGtest.thy, testing GetFi and PutFi.
    Shorthand notation for heap access.
    Added lemmas on non-interference of istore and rstore wrt lookup

2003-03-24  lenb  <lenb@dcs.ed.ac.uk>

    * ToyVCGtest.thy 1.2, ToyHLbasic.thy 1.33, ToyHLex.thy 1.12:
    Moved "declare Collect_split [simp del]" to HLbasic.
    Deleted David's downup example (it's not tail recursive)
    Added evenodd example, but proof still fails

2003-03-24  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyHLbasic_Z.thy 1.5: Removed

    * ToyHLex.thy 1.11: Some cleanups; failed attempt at count up/down.

    * ToyVCG.thy 1.13: Move test examples to ToyVCGtest

    * ToyVCGtest.thy 1.1: New files.

    * ToyVCG.ML 1.7: Trivial changes

    * ToyHLbasic.thy 1.32: Add HCallAdapt; move assertion tables from ToyVCG

2003-03-22  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyVCG.thy 1.12:
    Finish wf proof for count; temp fix for others to use dodgy axiom

    * ToyVCG.ML 1.6: Add tactic HoareRecWFCall to apply fun_wfmeasure_table

2003-03-21  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyVCG.ML 1.5, ToyVCG.thy 1.11: More tinkering with VCG.
    count example now succeeds

2003-03-21  David Aspinall  <da@dcs.ed.ac.uk>

    * PLAN.txt 1.9, ToyHLbasic.thy 1.31: Updated.

    * ToyVCG.ML 1.4, ToyVCG.thy 1.10: Debugging ToyVCG.ML

    * ToyVCG.ML 1.3: New files.

    * ToyGrailLemmas_Z.thy 1.2: Deleted files.

    * ToyGrailLemmas.thy 1.20: Moved from Z version

    * ToyGrailDef.thy 1.26, ToyHLbasic.thy 1.30: New files.

    * ToyHLbasic.thy 1.29: Deleted files.

    * old/ToyGrailDef.thy 1.1, ToyGrailDef.thy 1.25: Renamed file

    * ToyGrailDef_Z.thy 1.3: Make freshloc an axiom until Isabelle 2003.

    * ToyTMP.thy 1.2: delete

    * Finmap.thy 1.5: Fix some proofs

2003-03-21  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyVCG.thy 1.9, PLAN.txt 1.8: Tinkered with tactics

2003-03-20  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyVCG.thy 1.8: Finish for today

    * ToyGrailDef_Z.thy 1.2, ToyHLbasic_Z.thy 1.4: Fixed up some rules

2003-03-20  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyHLbasic_Z.thy 1.3: More _Z rules (i and r versions of GetF and PutF)

2003-03-20  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyHLex.thy 1.10: These examples are in a sorry state...

    * ToyHLbasic.thy 1.28: Comment out example which breaks later proofs

    * ToyHLvcg.thy 1.3, toyHLvcg.ML 1.3: Deleted file

    * ToyHLbasic_Z.thy 1.2: Updated.

    * ToyGrailLemmas_Z.thy 1.1, ToyHLbasic_Z.thy 1.1, ToyGrailDef_Z.thy 1.1:
    New files.

    * ToyGrailLemmas.thy 1.19:
    Remove finiteness lemmas: finite maps are by definition finite! (see finite_dom_fmap in Finmap.thy)

    * ToyVCG.ML 1.2: Deleted file

    * ToyHLwp.thy 1.8: Add sem def of WP.

    * ToyHLwp.thy 1.7:
    Trimmed file.  Seem to have lost some work from here somehow, darn.

    * ToyHLbasic.thy 1.27: tickn 1 -> tick.   Fix some rules for VCG tactic

    * ToyVCG.thy 1.7:
    Cleaned up and improved VCG tactic.  Basic rules may still need tur

    * ToyTMP.thy 1.1: New files.

2003-03-19  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyVCG.thy 1.6: Some debugging begun, CALL still a problem

    * ToyHLbasic.thy 1.26: Add untickuncall_def to global simpset

    * README 1.1, ToyHLextras.thy 1.1: New files.

    * ToyHLbasic-X.thy 1.2, ToyHLbasic_X.thy 1.2: Deleted files.

    * ToyHLbasic.thy 1.25: Merge with ToyHLbasic_X, include HSP in most rules.

    * ToyGrailLemmas.thy 1.18, ToyHLbasic.thy 1.24: Tweak lemmas

2003-03-19  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyHLbasic_X.thy 1.1, ToyHLvcg.thy 1.2, ToyHLwp.thy 1.6, ToyVCG.thy 1.5, toyHLvcg.ML 1.2:
    VCG for CALL

2003-03-19  lenb  <lenb@dcs.ed.ac.uk>

    * Finmap.thy 1.4, ToyGrailLemmas.thy 1.17, ToyHLbasic.thy 1.23:
    ToyGrailLemmas: Added some lemmas relating state functions, clock and card(dom).
    ToyHLbasic: Added some test lemmas for call and invoke (in the llater case for
    relativised takestime and takesspace predicates)

2003-03-19  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyGrailDef.thy 1.24:
    Introduce tick (= tickn 1) as a syntactic abbreviation.  Hopefully safe for all proofs.

2003-03-18  lenb  <lenb@dcs.ed.ac.uk>

    * Finmap.thy 1.3, ToyHLbasic.thy 1.22:
    No real progress, just some fiddling...

    * ToyGrailLemmas.thy 1.16, ToyHLbasic.thy 1.21:
    Added clocknewobj lemma in ToyGrailLemmas, added some examples for GetF,
    PutF and New in ToyHLbasic

2003-03-18  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyGrailDef.thy 1.23: Old fix: spurious space in concrete syntax for IF.

    * PLAN.txt 1.7: Updated.

    * ToyHLvcg.thy 1.1, toyHLvcg.ML 1.1, ToyHLbasic-X.thy 1.1: New files.

    * ToyVCG.thy 1.4: Add HSP, move tactics around.

    * ToyHLbasic.thy 1.20: Simplify HInvoke a bit.

2003-03-18  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyVCG.thy 1.3:
    Tweaked VCG and added simplification functions (need integration)

2003-03-17  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyHL.thy 1.7, ToyVCG.thy 1.2: Second attempt at a VCGen tactic

    * ToyVCG.thy 1.1, ToyVCG.ML 1.1:
    My first attempt at a VCGen for the ToyGrail Hoare Logic in ToyHLbasic.

2003-03-17  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyHLbasic.thy 1.19: Add missing rule to HBasicRules

    * ToyGrailLemmas.thy 1.15:
    Remove thegetvar_thesstore from simp, breaks in ToyHLbasic

    * ToyGrailLemmas.thy 1.14: Add thegetvar_thestore

    * PLAN.txt 1.6: Changes from Friday

    * ToyGrailDef.thy 1.22: Fix GetF syntax to also use the Beringer Bullet

2003-03-17  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ExEven.thy 1.3, ExHLDvd.thy 1.2, ToyHLbasic.thy 1.18, ToyHLex.thy 1.9, ToyHLwp.thy 1.5:
    Minor changes in ToyHLwp and ToyHLbasic

2003-03-14  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyHLex.thy 1.8:
    Half-finished reworking of example1 (currently badly broken)

    * ToyHLbasic.thy 1.17: Updated.

    * old/ToyHLproc.thy 1.1, ToyHLproc.thy 1.9: Renamed file

    * Finmap.thy 1.2, ToyGrailDef.thy 1.21, ToyHLbasic.thy 1.16:
    Add some lemmas, fix for new heap def.

    * ToyGrailDef.thy 1.20, ToyGrailLemmas.thy 1.13:
    Base on type of finite maps

    * Finmap.thy 1.1: New files.

    * ToyHLwp.thy 1.4: Deal with dyn binding.

2003-03-13  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyHLbasic.thy 1.15:
    Add finiteness into takesspace triple-constructor; use card instead of size (prob same).

    * ToyHLwp.thy 1.3:
    Add WP def for CALL/INVOKE.  Proof needs assumptions; also dynamic method lookup not supported...

    * ToyGrailDef.thy 1.19: Lennart's dot syntax

2003-03-12  David Aspinall  <da@dcs.ed.ac.uk>

    * PLAN.txt 1.5: Updated.

    * DISCUSSION.txt 1.1: New files.

    * ToyHLbasic.thy 1.14: Example for Null, Var.

    * ToyGrailDef.thy 1.18: Remove nested comment

    * PLAN.txt 1.4: Updated.

    * ToyHLproc.thy 1.8: Notes at top

    * ToyHLbasic.thy 1.13:
    Shorten most proofs using HoareI, HoareE.  Add rules for recursion using mathematical induction and WF induction.

2003-03-12  lenb  <lenb@dcs.ed.ac.uk>

    * ToyHLex.thy 1.7, ToyHLproc.thy 1.7:
    Merged with more specialisations of rule for single recursion

2003-03-11  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyGrailDef.thy 1.17, ToyHLbasic.thy 1.12: Finished the HInvoke rule.

2003-03-11  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyGrailLemmas.thy 1.12: Dont apply op sem rules automatically.

    * ToyGrailDef.thy 1.16: Add dummybdy for CALL rule.

    * ToyHLbasic.thy 1.11: Updated.

    * ToyHLbasic.thy 1.10: Checkpoint

2003-03-11  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyHLbasic.thy 1.9, ToyHLex.thy 1.6: HInvoke updated

2003-03-11  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyHLbasic.thy 1.8: Updated.

    * ExP.thy 1.2, ExPing.thy 1.4, PLAN.txt 1.3, ToyGrailDef.thy 1.15, ToyGrailLemmas.thy 1.11, ToyHL.thy 1.6, ExHLPing.thy 1.3:
    Rename ToyGrailDef_X to become the main ToyGrailDef.

    * HLBase.thy 1.5, HLBase_X.thy 1.2: Renamed file

    * HLBase.thy 1.4: Deleted files.

    * ToyHLproc.thy 1.6: Experimental proofs

    * toyGL.tex 1.2: Updated.

    * Ex1.thy 1.3, old/Ex1.thy 1.1: Renamed file

    * PLAN.txt 1.2: Updated.

    * ToyGrailDef.thy 1.14, ToyGrailDef_X.thy 1.13: Renamed file

    * ToyGrailLemmas.thy 1.10: Make a proof compatible with Isabelle 2003/2

    * ToyGrailDef.thy 1.13: Deleted files.

2003-03-10  David Aspinall  <da@dcs.ed.ac.uk>

    * PLAN.txt 1.1, ToyHLax.thy 1.1: New files.

    * ToyHLbasic.thy 1.7:
    Point out mistake in HInvoke attempt; make sure it processes.

    * ToyHLex.thy 1.5: More syntax, cleanup HW Ex1.

    * ToyGrailLemmas.thy 1.9:
    Strengthen clock_mono to prove that clock strictly increases on each step.

    * ToyHLex.thy 1.4: Some additional syntax; attempt to use WF call rule

    * ToyHLproc.thy 1.5:
    Proof of total-correctness style CALL rule using a well-founded ordering; cleanups

    * ToyHLbasic.thy 1.6:
    Replace HCall with HCallbasic (needs untickuncall unravelling). Added HBasicRules lemmas.

2003-03-09  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ExHLDvd.thy 1.1, ExHLPing.thy 1.2, ExHLSwap.thy 1.1, ToyGrailDef_X.thy 1.12, ToyHLbasic.thy 1.5:
    Added some HL examples.
    Had a go at HInvoke rule HL, but still needs work.

2003-03-07  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * LIST.thy 1.2: New file with basic list predicates

2003-03-07  David Aspinall  <da@dcs.ed.ac.uk>

    * HLBase.thy 1.3: Comment duplicate name

    * ToyHLwp.thy 1.2: Partial proof of main lemma

    * ToyGrailDef_X.thy 1.11: Comment about deriving big steps from small step

    * ToyGrailLemmas.thy 1.8: Add getvar_the; remove Isabelle2003 proof

    * ToyHLbasic.thy 1.4: Added Thomas Kleymanns lemma HExAll.

    * ToyGrailLemmas.thy 1.7: Tuned proofs; added some lemmas suggested by HW

    * ToyHLex.thy 1.3:
    Tuned first example.  Added definitions for some of HWs examples.

2003-03-06  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * HLBase_X.thy 1.1, ExHLPing.thy 1.1, ExP.thy 1.1, ExPing.thy 1.3:
    ExPing now proves time bound (foundational).
    Started working on a HL version of this example.

2003-03-06  lenb  <lenb@dcs.ed.ac.uk>

    * ToyHLex.thy 1.2:
    Proof of Resource bound now works due to Isabelle expert David.
    This is the first proof involving a recursive function!!!

2003-03-05  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ExDvd.thy 1.2, ExPing.thy 1.2, HLBase.thy 1.2, Ex1.thy 1.2, Ex2.thy 1.2, Ex3.thy 1.2, ExEven.thy 1.2:
    Moved examples from HWL-tinkering brnahc to main one, and adapted to most
    recent state/op sem etc

2003-03-05  lenb  <lenb@dcs.ed.ac.uk>

    * ToyHLproc.thy 1.4:
    Modified end of a comment in a proof to make program compile

2003-03-05  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ExDvd.thy 1.1.2.6: petaQ

2003-03-05  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyHLwp.thy 1.1: New files.

    * ToyHLproc.thy 1.3: Checkpoint: CALL rule still not proved.

    * ToyHLex.thy 1.1: New files.

    * ToyGrailLemmas.thy 1.6: Move state_functions to Def, add state_simps

    * ToyGrailDef_X.thy 1.10: Oops, already had state_functions

    * ToyGrailDef_X.thy 1.9: Define state_defs simpset

    * ToyHLbasic.thy 1.3: Cosmetic

2003-03-04  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ExPing.thy 1.1.2.5, HLBase.thy 1.1.2.2:
    Changes in ExPing up to recursive call; still generates huge state

2003-03-04  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyHLproc.thy 1.2: Plan of what to do

    * ToyGrailDef_X.thy 1.8: Cleanup def valOf

    * ToyHL.thy 1.5, ToyHLset.thy 1.4: Temporarily defunct

    * ToyGrailDef.thy 1.12: No change; add Emacs comment to prevent latin1 prob

    * ToyHL.thy 1.4: Documentation.

    * ToyGrailDef_X.thy 1.7: More concrete syntax, simplified evalCall1

    * ToyHLproc.thy 1.1: New files.

    * ToyHLbasic.thy 1.2: Updated.

    * ToyHLbasic.thy 1.1: New files.

2003-03-03  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ExDvd.thy 1.1.2.5, ExPing.thy 1.1.2.4:
    more tinkering with dvd (recursion case)

    * ExDvd.thy 1.1.2.4: Expanded dvd example

2003-03-02  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyGrailLemmas.thy 1.5:
    Added lemmas of monotonicity of resource parameters; rule set state_functions.

    * ToyGrailDef_X.thy 1.6:
    Added callcount, invokecount to state; normalized position of tickns

2003-02-28  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyGrailDef.thy 1.11, ToyGrailDef_X.thy 1.5: Shorten evalCall

    * ToyHLset.thy 1.3: More experiments --- CALL is tricky

2003-02-28  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ExDvd.thy 1.1.2.3, ExEven.thy 1.1.2.2, ExPing.thy 1.1.2.3:
    Conitnued on ExDvd and ExPing examples

2003-02-28  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyHLLenb.thy 1.7: Added disjvars as a hint to use it

2003-02-28  lenb  <lenb@dcs.ed.ac.uk>

    * ToyHLLenb.thy 1.6: Factorial now works!!

    * ToyGrailDef.thy 1.10, ToyHLLenb.thy 1.5: factorial nearly works...

2003-02-28  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyGrailDef_X.thy 1.4, ToyGrailDef.thy 1.9:
    Fix maxstack change, and move it to newframe function.

    * ToyGrailLemmas.thy 1.4: Added updatesame

    * ToyHLset.thy 1.2: More development and tiny tests

2003-02-27  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyHLset.thy 1.1: New files.

    * ToyHL.thy 1.3: Updated

2003-02-27  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ExEven.thy 1.1, HLBase.thy 1.1: New file.

    * ExDvd.thy 1.1.2.2, ExEven.thy 1.1.2.1, ExPing.thy 1.1.2.2, HLBase.thy 1.1.2.1:
    Simple example of invoke (proofs still in progress);
    restructuring of theories

2003-02-26  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyGrailLemmas.thy 1.3: Added a couple of lemmas

    * ToyGrailDef.thy 1.8: Change positions of some ticks to match _X version.

    * ToyHL.thy 1.2:
    Add remaining rules.  Wonder if they're actually good for anything?

2003-02-25  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ExDvd.thy 1.1.2.1, ExPing.thy 1.1.2.1, LIST.thy 1.1.2.2, ListReverseProgram.thy 1.1.2.2:
    Examples of "divides" (based on mult) and "ping" (as suggested by David).

    * ExPing.thy 1.1: New file.

    * Ex3.thy 1.1.2.2:
    Examples of "divides" (based on mult) and "ping" (as suggested by David).

    * ExDvd.thy 1.1: New file.

2003-02-25  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyGrailLemmas.thy 1.2: Updated.

    * ToyGrailDef_X.thy 1.3:
    Forgot to check in fixed version.  Changes to point of ticks.

    * ToyHL.thy 1.1: A stab at some Hoare rules!!

    * ToyGrailDef_X.thy 1.2:
    Change to same restriction as ToyGrailDef -- simple expressions only in let bindings.

    * ToyGrailDef-X.thy 1.2: Deleted files.

    * ToyGrailDef_X.thy 1.1: New files.

2003-02-25  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ListReverseProgram.thy 1.1, ListReverseProperties.thy 1.1: New file.

    * ListReverseProgram.thy 1.1.2.1, ListReverseProperties.thy 1.1.2.1, ToyGrailDef.thy 1.7.2.1, ToyHLLenb.thy 1.4.2.1:
    exampels and stuff

    * Ex1.thy 1.1, Ex2.thy 1.1, Ex3.thy 1.1, LIST.thy 1.1: New file.

    * Ex1.thy 1.1.2.1, Ex2.thy 1.1.2.1, Ex3.thy 1.1.2.1, LIST.thy 1.1.2.1:
    exampels and stuff

2003-02-24  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyGrailDef-X.thy 1.1: Experimental simplified version of ToyGrailDef

2003-02-24  lenb  <lenb@dcs.ed.ac.uk>

    * ToyGrailDef.thy 1.7, ToyHLLenb.thy 1.4:
    Corrected errors in IF-rules (s instead of s1) and adapted the
    proof of Tripl1valid to the new syntax & semantics.

2003-02-23  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyGrailLemmas.thy 1.1: New files.

    * ToyHLLenb.thy 1.3:
    Fixed as far as PART III to match revised definition.  Introduced some probs, 8-(.

    * ToyGrailDef.thy 1.6: Renamed fname => funame
    Removed tick, just use tickn instead.
    Added small-step operational sems.  Somewhat ugly at the moment.
    Syntax change: Let takes vname as first parameter.
      -- NB: This is a difference from the real machine, which wouldn't
      need to assign a variable here.  It simplifies the definition of the
      op sems, though.  [We might justifiably subtract steps from the
      execution of If].

2003-02-21  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyHLLenb.thy 1.2: Fix for new def of funtable.

    * ToyGrailDef.thy 1.5:
    Change to use a global table of function names, funtable, instead of local names inside methods

2003-02-21  lenb  <lenb@dcs.ed.ac.uk>

    * ToyHLLenb.thy 1.1:
    Lennart's first attempt at a Hoare style logics for time,
    following roughly Nipkow's paper "Hoare logics in Isabelle/HOL"

    * ToyGrailDef.thy 1.4:
    Merged phrase classes res and letexpr; updated opsem accordingly

2003-02-17  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyGrailDef.thy 1.3: Added cost model for time.

    * ToyGrailDef.thy 1.2: Remove sorry.

    * ToyGrail.thy 1.9, ToyGrailDef.thy 1.1: Renamed file

    * ToyGrail.thy 1.8: Changed some types and finished op sems

2003-02-17  lenb  <lenb@dcs.ed.ac.uk>

    * ToyGrail.thy 1.7: Completed operational semantics

2003-02-17  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyGrail.thy 1.6: Intermediate version for Lennart to work on

2003-02-17  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyGrail.thy 1.5: Wee change in rule for New to make Isabelle happy.

2003-02-16  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyGrail.thy 1.4:
    Nuked a couple of "the"s and continued with op sem rules.

2003-02-16  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyGrail.thy 1.3:
    Fix some of the type definitions (work of Lennart at Gatwick was lost?).  Add some docs and notes.

2003-02-16  a1hloidl  <a1hloidl@dcs.ed.ac.uk>

    * ToyGrail.thy 1.2: Continued work on Op Sem for ToyGrail

2003-02-15  David Aspinall  <da@dcs.ed.ac.uk>

    * ToyGrail.thy 1.1, toyGL.tex 1.1: New files.

