GitLab

I am now also using reification to obtain the indexes corresponding to
the stuff we want to cancel instead of relying on matching using Ltac.

barrier: strive for consistency between barrierGF and the inGF assumptions; also change some instance names

And now the part that I forgot to commit.

Also, give all these global functors the suffix GF to avoid shadowing
such as we had with authF.

And add some type annotations for clarity.

I added a new typeclass "inGF" to witness that a particular *functor* is part of \Sigma. inG, in contrast, witnesses a particular *CMRA* to be in there, after applying the functor to "\later iProp".
inGF can be inferred if that functor is consed to the head of \Sigma, and it is preserved by consing a new functor to \Sigma. This is not the case for inG since the recursive occurence of \Sigma also changes.
For evry construction (auth, sts, saved_prop), there is an instance infering the respective authG, stsG, savedPropG from an inGF. There is also a global inG_inGF, but Coq is unable to use it.

I tried to instead have *only* inGF, since having both typeclasses seemed weird. However, then the actual type that e.g. "own" is about is the result of applying a functor, and Coq entirely fails to infer anything.

I had to add a few type annotations in heap.v, because Coq tried to use the "authG_inGF" instance before the A got fixed, and ended up looping and expanding endlessly on that proof of timelessness.
This does not seem entirely unreasonable, I was honestly surprised Coq was able to infer the types previously.

This strengthens some lemmas that are written using the notion of closednes, shortening some proofs all the way up to barrier.v

This avoids ambiguity with P and Q that we were using before for both
uPreds/iProps and indexed uPreds/iProps.

It is doing much more than just dealing with ∈, it solves all kinds
of goals involving set operations (including ≡ and ⊆).

Do not use proper explicitly but let setoids handle it.

* These type classes bundle an identifier into the global CMRA with a proof
  that the identifier points to the correct CMRA. Bundling allows us to get
  rid of many arguments everywhere.

* I have setup the type classes so that we no longer have to keep track of the
  global CMRA identifiers. These are implicit and resolved automatically.

* For heap I am also bundling the name of the heap RA instance. There always
  should be at most one heap instance so this does not introduce ambiguities.

* We now have a "maps to" notation!

* Clearly separate the file algebra/sts in three parts:
  1.) The definition of an STS, step relations, and closure stuff
  2.) The construction as a disjoint RA (this module should never be used)
  3.) The construction as a CMRA with many derived properties
* Turn stsT into a canonical structure so that we can make more of its arguments
  implicit.
* Rename the underlying step relation of STSs to prim_step (similar naming as
  for languages, but here in a module to avoid ambiguity)
* Refactor program_logic/sts by moving general properties of the STS CMRA to
  algebra/sts.v
* Make naming and use of modules in program_logic/sts more consistent with
  program_logic/auth and program_logic/saved_prop
* Prove setoid properties of all definitions in program_logic/sts

Turns out it only holds as a view shift, not as an implication