 23 May, 2018 5 commits


This version allows one to either close or cancel the invariant after opening it.

These results turned out to be neither that useful nor canonical, and can easily be derived from local updates. This reverts commit 465dd9f4.

Thanks to @jung for proposing these names.

 17 May, 2018 1 commit


`sed i 's/frag_auth_op/frac_auth_frag_op/g' $(find name "*.v")`

 09 May, 2018 2 commits


 03 May, 2018 1 commit


 27 Apr, 2018 1 commit


 23 Apr, 2018 3 commits
 20 Apr, 2018 1 commit


Also, remove the inconsistency that `wp_expr_eval` succeeds on a goal that is not a WP.

 18 Apr, 2018 1 commit


 11 Apr, 2018 1 commit


 03 Apr, 2018 2 commits


The closing view shift's LHS mask is now universally quantified, which makes it easier to execute the closing view shift.

 28 Mar, 2018 1 commit


 27 Mar, 2018 1 commit


This is a substitute for !136.

 19 Mar, 2018 1 commit


 12 Mar, 2018 1 commit


 22 Feb, 2018 1 commit


As reported by @jjourdan: framing now no longer back tracks on whether to strip laters or not. When framing below a later, we now only make it strip laters of the head of the frame.

 21 Feb, 2018 1 commit


 20 Feb, 2018 9 commits


The finiteness was needed to have the axiom of choice over the domain. This axiom is not needed if cmra_extend is in Type.

Revert "Remove the domain finiteness hypothesis for the function CMRA, and put cmra_extend in Type." This reverts commit fa897ff5.

The finiteness was needed to have the axiom of choice over the domain. This axiom is not needed if cmra_extend is in Type.

Fixed by stdpp 93b4ec70e13a573a9055a5bf1269f5885e18e843.

We now use the `Maybe` prefix as also used for `Frame`: it indicates whether progress has been made by stripping of a later or not.

 08 Feb, 2018 1 commit


 07 Feb, 2018 5 commits


We already supported framing under wands.

For example, framing `P` in `(P ∨ Q) ∗ R` now succeeds and turns the goal into `R`.

 02 Feb, 2018 1 commit


