 11 Nov, 2017 5 commits


Robbert Krebbers authored

Ralf Jung authored
add later_ne; make later_proper match the other _proper lemmas See merge request FP/iriscoq!81

Ralf Jung authored

Robbert Krebbers authored

Robbert Krebbers authored

 09 Nov, 2017 8 commits


David Swasey authored
Add progress bit to WP. See merge request FP/iriscoq!37

David Swasey authored

David Swasey authored

David Swasey authored
This is derived from `wp_forget_not_stuck` and a trivial preorder on stuckness bits. (The two lemmas are redundant, but I have examples where each seems more natural than the other.) I did *not* bake `wp_stuckness_mono` into `strong_mono` for two reasons. Mainly, I didn't see a nice way to combine the two proofs (beyond `cut`). Less important, changing the type of `wp_strong_mono` will break code.

David Swasey authored
I saw no need for `stuckness_flip`: strong atomicity always works, while weak atomicity works only for expressions that are not stuck. Since this seemed unclear, I split lemma `wp_atomic'` up into `wp_strong_atomic` (parametric in the WP's `s`) and `wp_weak_atomic` (not). The proof mode instance is stated in terms of the derived rule `wp_atomic` (parametric in `s`).

David Swasey authored

David Swasey authored
 08 Nov, 2017 9 commits


David Swasey authored

David Swasey authored

David Swasey authored

David Swasey authored

David Swasey authored

David Swasey authored
Pull progress bit out of the WP fixpoint, make (most) wp adequacy notation only parsing, and generalize forget_progress.

David Swasey authored

David Swasey authored

David Swasey authored

 07 Nov, 2017 4 commits
 06 Nov, 2017 1 commit


Robbert Krebbers authored

 05 Nov, 2017 1 commit


Robbert Krebbers authored

 04 Nov, 2017 4 commits


Ralf Jung authored

Robbert Krebbers authored

Robbert authored
Make atomic a type class. See merge request FP/iriscoq!78

Robbert Krebbers authored

 03 Nov, 2017 2 commits


Ralf Jung authored

Robbert Krebbers authored

 02 Nov, 2017 3 commits


Robbert Krebbers authored

Robbert Krebbers authored
Thanks to Amin Timany for an initial version of the proof.

Robbert authored
Make proofnode notation more robust in the context of import order See merge request FP/iriscoq!75

 01 Nov, 2017 3 commits


Robbert Krebbers authored
This solves issue #100: the proof mode notation is sometimes not printed. As Ralf discovered, the problem is that there are two overlapping notations: ```coq Notation "P ⊢ Q" := (uPred_entails P Q). ``` And the "proof mode" notation: ``` Notation "Γ '' □ Δ '' ∗ Q" := (of_envs (Envs Γ Δ) ⊢ Q%I). ``` These two notations overlap, so, when having a "proof mode" goal of the shape `of_envs (Envs Γ Δ) ⊢ Q%I`, how do we know which notation is Coq going to pick for pretty printing this goal? As we have seen, this choice depends on the import order (since both notations appear in different files), and as such, Coq sometimes (unintendedly) uses the first notation instead of the latter. The idea of this commit is to wrap `of_envs (Envs Γ Δ) ⊢ Q%I` into a definition so that there is no ambiguity for the pretty printer anymore.

Robbert Krebbers authored

Robbert Krebbers authored
This class, in combination with `TCForall`, turns out the useful in LambdaRust to express that lists of expressions are values.
