Merge branch 'master' of gitlab.mpi-sws.org:FP/iris-coq

ca162551 · Jacques-Henri Jourdan · ee98243c · 03fce0a3 · ca162551 · ca162551
Commit ca162551 authored Jan 11, 2017 by Jacques-Henri Jourdan
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -8,7 +8,7 @@ iris-coq8.5.3:
  - . build/opam-ci.sh 'coq 8.5.3' 'coq-mathcomp-ssreflect 1.6.1'
  # build
  - 'time make -j8 TIMED=y 2>&1 | tee build-log.txt'
-  - 'if fgrep Axiom build-log-full.txt >/dev/null; then exit 1; fi'
+  - 'if fgrep Axiom build-log.txt >/dev/null; then exit 1; fi'
  - 'cat build-log.txt | egrep "[a-zA-Z0-9_/-]+ \(user: [0-9]" | tee build-time.txt'
  - 'if (( RANDOM % 10 == 0 )); then make validate; fi'
  cache:

--- a/Makefile
+++ b/Makefile
@@ -8,7 +8,7 @@ COQ_VERSION=$(shell coqc --version | egrep -o 'version 8.[0-9]' | egrep -o '8.[0
 COQ_MAKEFILE_FLAGS ?=

 ifeq ($(COQ_VERSION), 8.6)
-	COQ_MAKEFILE_FLAGS += -arg -w -arg -notation-overridden,-redundant-canonical-projection
+	COQ_MAKEFILE_FLAGS += -arg -w -arg -notation-overridden,-redundant-canonical-projection,-several-object-files
 endif

 # Forward most targets to Coq makefile (with some trick to make this phony)
@@ -20,19 +20,13 @@ all: Makefile.coq

 clean: Makefile.coq
 	+@make -f Makefile.coq clean
-	find \( -name "*.v.d" -o -name "*.vo" -o -name "*.aux" -o -name "*.cache" -o -name "*.glob" -o -name "*.vio" \) -print -delete
+	find theories \( -name "*.v.d" -o -name "*.vo" -o -name "*.aux" -o -name "*.cache" -o -name "*.glob" -o -name "*.vio" \) -print -delete
 	rm -f Makefile.coq

-# Create Coq Makefile
-Makefile.coq: _CoqProject Makefile
-	@# we want to pass the correct name to coq_makefile or it will be confused.
+# Create Coq Makefile. POSIX awk can't do in-place editing, but coq_makefile wants the real filename, so we do some file gymnastics.
+Makefile.coq: _CoqProject Makefile awk.Makefile
 	coq_makefile $(COQ_MAKEFILE_FLAGS) -f _CoqProject -o Makefile.coq
-	mv Makefile.coq Makefile.coq.tmp
-	@# The sed script is for Coq 8.5 only, it fixes 'make verify'.
-	@# The awk script fixes 'make uninstall'.
-	sed 's/$$(COQCHK) $$(COQCHKFLAGS) $$(COQLIBS)/$$(COQCHK) $$(COQCHKFLAGS) $$(subst -Q,-R,$$(COQLIBS))/' < Makefile.coq.tmp \
-	  | awk '/^uninstall:/{print "uninstall:";print "\tif [ -d \"$$(DSTROOT)\"$$(COQLIBINSTALL)/iris/ ]; then find \"$$(DSTROOT)\"$$(COQLIBINSTALL)/iris/ -name \"*.vo\" -print -delete; fi";getline;next}1' > Makefile.coq
-	rm Makefile.coq.tmp
+	mv Makefile.coq Makefile.coq.tmp && awk -f awk.Makefile Makefile.coq.tmp > Makefile.coq && rm Makefile.coq.tmp

 # Install build-dependencies
 build-dep:
@@ -42,9 +36,10 @@ build-dep:
 	opam install coq-iris --deps-only $(YFLAG)
 	opam pin remove coq-iris

-# some fiels that do *not* need to be forwarded to Makefile.coq
+# Some files that do *not* need to be forwarded to Makefile.coq
 Makefile: ;
 _CoqProject: ;
+awk.Makefile: ;

 # Phony targets (i.e. targets that should be run no matter the timestamps of the involved files)
 phony: ;

--- a/awk.Makefile
+++ b/awk.Makefile
+# awk program that patches the Makefile generated by Coq.
+
+# Detect the name this project will be installed under.
+/\$\(COQLIBINSTALL\)\/.*\/\$\$i/ {
+# Wow, POSIX awk is really broken.  I mean, isn't it supposed to be a text processing language?
+# And there is not even a way to access the matched groups of a regexp...?!? Lucky enough,
+# we can just split the string at '/' here.
+	split($0, PIECES, /\//);
+	PROJECT=PIECES[2];
+}
+
+# Patch the uninstall target to work properly, and to also uninstall stale files.
+# Also see <https://coq.inria.fr/bugs/show_bug.cgi?id=4907>.
+/^uninstall:/ {
+	print "uninstall:";
+	print "\tif [ -d \"$(DSTROOT)\"$(COQLIBINSTALL)/"PROJECT"/ ]; then find \"$(DSTROOT)\"$(COQLIBINSTALL)/"PROJECT"/ \\( -name \"*.vo\" -o -name \"*.v\" -o -name \"*.glob\" -o \\( -type d -empty \\) \\) -print -delete; fi";
+	getline;
+	next
+}
+
+# Patch vio2vo to (a) run "make quick" with the same number of jobs, ensuring
+# that the .vio files are up-to-date, and (b) only schedule vio2vo for those
+# files where the .vo is *older* than the .vio.
+/^vio2vo:/ {
+	print "vio2vo:";
+	print "\t@make -j $(J) quick"
+	print "\t@VIOFILES=$$(for file in $(VOFILES:%.vo=%.vio); do vofile=\"$$(echo \"$$file\" | sed \"s/\\.vio/.vo/\")\"; if [ \"$$vofile\" -ot \"$$file\" -o ! -e \"$$vofile\" ]; then echo -n \"$$file \"; fi; done); \\"
+	print "\t echo \"VIO2VO: $$VIOFILES\"; \\"
+	print "\t if [ -n \"$$VIOFILES\" ]; then $(COQC) $(COQDEBUG) $(COQFLAGS) -schedule-vio2vo $(J) $$VIOFILES; fi"
+	getline;
+	next
+}
+
+# This forwards all unchanged lines
+1
--- a/theories/algebra/agree.v
+++ b/theories/algebra/agree.v
@@ -208,7 +208,7 @@ Section list_theory.

    Lemma list_agrees_fmap `{Equivalence _ R'} al :
      list_agrees R al → list_agrees R' (f <$> al).
-    Proof using All.
+    Proof using Type*.
      move=> /list_agrees_alt Hl. apply (list_agrees_alt R') => a' b'.
      intros (a & -> & Ha)%elem_of_list_fmap (b & -> & Hb)%elem_of_list_fmap.
      apply Hf. exact: Hl.

--- a/theories/algebra/auth.v
+++ b/theories/algebra/auth.v
 From iris.algebra Require Export excl local_updates.
 From iris.base_logic Require Import base_logic.
 From iris.proofmode Require Import classes.
-Set Default Proof Using "Type*".
+Set Default Proof Using "Type".

 Record auth (A : Type) := Auth { authoritative : excl' A; auth_own : A }.
 Add Printing Constructor auth.

--- a/theories/algebra/base.v
+++ b/theories/algebra/base.v
 From mathcomp Require Export ssreflect.
 From iris.prelude Require Export prelude.
-Set Default Proof Using "Type*".
+Set Default Proof Using "Type".
 Global Set Bullet Behavior "Strict Subproofs".
 Global Open Scope general_if_scope.
 Ltac done := prelude.tactics.done.
--- a/theories/algebra/cmra.v
+++ b/theories/algebra/cmra.v
 From iris.algebra Require Export ofe.
-Set Default Proof Using "Type*".
+Set Default Proof Using "Type".

 Class PCore (A : Type) := pcore : A → option A.
 Instance: Params (@pcore) 2.
@@ -428,6 +428,7 @@ Qed.

 (** ** Total core *)
 Section total_core.
+  Set Default Proof Using "Type*".
  Context `{CMRATotal A}.

  Lemma cmra_core_l x : core x ⋅ x ≡ x.
@@ -699,6 +700,9 @@ Structure rFunctor := RFunctor {
 Existing Instances rFunctor_ne rFunctor_mono.
 Instance: Params (@rFunctor_map) 5.

+Delimit Scope rFunctor_scope with RF.
+Bind Scope rFunctor_scope with rFunctor.
+
 Class rFunctorContractive (F : rFunctor) :=
  rFunctor_contractive A1 A2 B1 B2 :> Contractive (@rFunctor_map F A1 A2 B1 B2).

@@ -708,6 +712,7 @@ Coercion rFunctor_diag : rFunctor >-> Funclass.
 Program Definition constRF (B : cmraT) : rFunctor :=
  {| rFunctor_car A1 A2 := B; rFunctor_map A1 A2 B1 B2 f := cid |}.
 Solve Obligations with done.
+Coercion constRF : cmraT >-> rFunctor.

 Instance constRF_contractive B : rFunctorContractive (constRF B).
 Proof. rewrite /rFunctorContractive; apply _. Qed.
@@ -728,6 +733,9 @@ Structure urFunctor := URFunctor {
 Existing Instances urFunctor_ne urFunctor_mono.
 Instance: Params (@urFunctor_map) 5.

+Delimit Scope urFunctor_scope with URF.
+Bind Scope urFunctor_scope with urFunctor.
+
 Class urFunctorContractive (F : urFunctor) :=
  urFunctor_contractive A1 A2 B1 B2 :> Contractive (@urFunctor_map F A1 A2 B1 B2).

@@ -737,6 +745,7 @@ Coercion urFunctor_diag : urFunctor >-> Funclass.
 Program Definition constURF (B : ucmraT) : urFunctor :=
  {| urFunctor_car A1 A2 := B; urFunctor_map A1 A2 B1 B2 f := cid |}.
 Solve Obligations with done.
+Coercion constURF : ucmraT >-> urFunctor.

 Instance constURF_contractive B : urFunctorContractive (constURF B).
 Proof. rewrite /urFunctorContractive; apply _. Qed.
@@ -1063,6 +1072,7 @@ Next Obligation.
  intros F1 F2 A1 A2 A3 B1 B2 B3 f g f' g' [??]; simpl.
  by rewrite !rFunctor_compose.
 Qed.
+Notation "F1 * F2" := (prodRF F1%RF F2%RF) : rFunctor_scope.

 Instance prodRF_contractive F1 F2 :
  rFunctorContractive F1 → rFunctorContractive F2 →
@@ -1085,6 +1095,7 @@ Next Obligation.
  intros F1 F2 A1 A2 A3 B1 B2 B3 f g f' g' [??]; simpl.
  by rewrite !urFunctor_compose.
 Qed.
+Notation "F1 * F2" := (prodURF F1%URF F2%URF) : urFunctor_scope.

 Instance prodURF_contractive F1 F2 :
  urFunctorContractive F1 → urFunctorContractive F2 →
@@ -1242,6 +1253,29 @@ Proof.
    intros [->|(x&y&->&->&[Hxy|?])]; simpl; eauto 10 using @cmra_monotone.
    right; exists (f x), (f y). by rewrite {3}Hxy; eauto.
 Qed.
+
+Program Definition optionRF (F : rFunctor) : rFunctor := {|
+  rFunctor_car A B := optionR (rFunctor_car F A B);
+  rFunctor_map A1 A2 B1 B2 fg := optionC_map (rFunctor_map F fg)
+|}.
+Next Obligation.
+  by intros F A1 A2 B1 B2 n f g Hfg; apply optionC_map_ne, rFunctor_ne.
+Qed.
+Next Obligation.
+  intros F A B x. rewrite /= -{2}(option_fmap_id x).
+  apply option_fmap_equiv_ext=>y; apply rFunctor_id.
+Qed.
+Next Obligation.
+  intros F A1 A2 A3 B1 B2 B3 f g f' g' x. rewrite /= -option_fmap_compose.
+  apply option_fmap_equiv_ext=>y; apply rFunctor_compose.
+Qed.
+
+Instance optionRF_contractive F :
+  rFunctorContractive F → rFunctorContractive (optionRF F).
+Proof.
+  by intros ? A1 A2 B1 B2 n f g Hfg; apply optionC_map_ne, rFunctor_contractive.
+Qed.
+
 Program Definition optionURF (F : rFunctor) : urFunctor := {|
  urFunctor_car A B := optionUR (rFunctor_car F A B);
  urFunctor_map A1 A2 B1 B2 fg := optionC_map (rFunctor_map F fg)

--- a/theories/algebra/cmra_big_op.v
+++ b/theories/algebra/cmra_big_op.v
 From iris.algebra Require Export cmra list.
 From iris.prelude Require Import functions gmap gmultiset.
-Set Default Proof Using "Type*".
+Set Default Proof Using "Type".

 (** The operator [ [⋅] Ps ] folds [⋅] over the list [Ps]. This operator is not a
 quantifier, so it binds strongly.
@@ -101,9 +101,9 @@ Proof.
  - by trans (big_op xs2).
 Qed.

-Lemma big_op_contains xs ys : xs `contains` ys → [⋅] xs ≼ [⋅] ys.
+Lemma big_op_submseteq xs ys : xs ⊆+ ys → [⋅] xs ≼ [⋅] ys.
 Proof.
-  intros [xs' ->]%contains_Permutation.
+  intros [xs' ->]%submseteq_Permutation.
  rewrite big_op_app; apply cmra_included_l.
 Qed.

@@ -158,9 +158,9 @@ Section list.
  Lemma big_opL_permutation (f : A → M) l1 l2 :
    l1 ≡ₚ l2 → ([⋅ list] x ∈ l1, f x) ≡ ([⋅ list] x ∈ l2, f x).
  Proof. intros Hl. by rewrite /big_opL !imap_const Hl. Qed.
-  Lemma big_opL_contains (f : A → M) l1 l2 :
-    l1 `contains` l2 → ([⋅ list] x ∈ l1, f x) ≼ ([⋅ list] x ∈ l2, f x).
-  Proof. intros Hl. apply big_op_contains. rewrite !imap_const. by rewrite ->Hl. Qed.
+  Lemma big_opL_submseteq (f : A → M) l1 l2 :
+    l1 ⊆+ l2 → ([⋅ list] x ∈ l1, f x) ≼ ([⋅ list] x ∈ l2, f x).
+  Proof. intros Hl. apply big_op_submseteq. rewrite !imap_const. by rewrite ->Hl. Qed.

  Global Instance big_opL_ne l n :
    Proper (pointwise_relation _ (pointwise_relation _ (dist n)) ==> (dist n))
@@ -230,7 +230,7 @@ Section gmap.
    ([⋅ map] k ↦ x ∈ m1, f k x) ≼ [⋅ map] k ↦ x ∈ m2, g k x.
  Proof.
    intros Hm Hf. trans ([⋅ map] k↦x ∈ m2, f k x).
-    - by apply big_op_contains, fmap_contains, map_to_list_contains.
+    - by apply big_op_submseteq, fmap_submseteq, map_to_list_submseteq.
    - apply big_opM_forall; apply _ || auto.
  Qed.
  Lemma big_opM_ext f g m :
@@ -345,7 +345,7 @@ Section gset.
    ([⋅ set] x ∈ X, f x) ≼ [⋅ set] x ∈ Y, g x.
  Proof.
    intros HX Hf. trans ([⋅ set] x ∈ Y, f x).
-    - by apply big_op_contains, fmap_contains, elements_contains.
+    - by apply big_op_submseteq, fmap_submseteq, elements_submseteq.
    - apply big_opS_forall; apply _ || auto.
  Qed.
  Lemma big_opS_ext f g X :
@@ -446,7 +446,7 @@ Section gmultiset.
    ([⋅ mset] x ∈ X, f x) ≼ [⋅ mset] x ∈ Y, g x.
  Proof.
    intros HX Hf. trans ([⋅ mset] x ∈ Y, f x).
-    - by apply big_op_contains, fmap_contains, gmultiset_elements_contains.
+    - by apply big_op_submseteq, fmap_submseteq, gmultiset_elements_submseteq.
    - apply big_opMS_forall; apply _ || auto.
  Qed.
  Lemma big_opMS_ext f g X :

--- a/theories/algebra/cmra_tactics.v
+++ b/theories/algebra/cmra_tactics.v
 From iris.algebra Require Export cmra.
 From iris.algebra Require Import cmra_big_op.
-Set Default Proof Using "Type*".
+Set Default Proof Using "Type".

 (** * Simple solver for validity and inclusion by reflection *)
 Module ra_reflection. Section ra_reflection.
@@ -29,9 +29,9 @@ Module ra_reflection. Section ra_reflection.
    by rewrite fmap_app IH1 IH2 big_op_app.
  Qed.
  Lemma flatten_correct Σ e1 e2 :
-    flatten e1 `contains` flatten e2 → eval Σ e1 ≼ eval Σ e2.
+    flatten e1 ⊆+ flatten e2 → eval Σ e1 ≼ eval Σ e2.
  Proof.
-    by intros He; rewrite !eval_flatten; apply big_op_contains; rewrite ->He.
+    by intros He; rewrite !eval_flatten; apply big_op_submseteq; rewrite ->He.
  Qed.

  Class Quote (Σ1 Σ2 : list A) (l : A) (e : expr) := {}.

--- a/theories/algebra/coPset.v
+++ b/theories/algebra/coPset.v
 From iris.algebra Require Export cmra.
 From iris.algebra Require Import updates local_updates.
 From iris.prelude Require Export collections coPset.
-Set Default Proof Using "Type*".
+Set Default Proof Using "Type".
 (** This is pretty much the same as algebra/gset, but I was not able to
 generalize the construction without breaking canonical structures. *)


--- a/theories/algebra/cofe_solver.v
+++ b/theories/algebra/cofe_solver.v
@@ -205,7 +205,7 @@ Instance fold_ne : Proper (dist n ==> dist n) fold.
 Proof. by intros n X Y HXY k; rewrite /fold /= HXY. Qed.

 Theorem result : solution F.
-Proof using All.
+Proof using Type*.
  apply (Solution F T _ (CofeMor unfold) (CofeMor fold)).
  - move=> X /=. rewrite equiv_dist=> n k; rewrite /unfold /fold /=.
    rewrite -g_tower -(gg_tower _ n); apply (_ : Proper (_ ==> _) (g _)).

--- a/theories/algebra/csum.v
+++ b/theories/algebra/csum.v
 From iris.algebra Require Export cmra.
 From iris.base_logic Require Import base_logic.
 From iris.algebra Require Import local_updates.
-Set Default Proof Using "Type*".
+Set Default Proof Using "Type".
 Local Arguments pcore _ _ !_ /.
 Local Arguments cmra_pcore _ !_ /.
 Local Arguments validN _ _ _ !_ /.

--- a/theories/algebra/deprecated.v
+++ b/theories/algebra/deprecated.v
 From iris.algebra Require Import ofe cmra.
-Set Default Proof Using "Type*".
+Set Default Proof Using "Type".

 (* Old notation for backwards compatibility. *)


--- a/theories/algebra/dra.v
+++ b/theories/algebra/dra.v
 From iris.algebra Require Export cmra updates.
-Set Default Proof Using "Type*".
+Set Default Proof Using "Type".

 Record DRAMixin A `{Equiv A, Core A, Disjoint A, Op A, Valid A} := {
  (* setoids *)

--- a/theories/algebra/excl.v
+++ b/theories/algebra/excl.v
 From iris.algebra Require Export cmra.
 From iris.base_logic Require Import base_logic.
-Set Default Proof Using "Type*".
+Set Default Proof Using "Type".
 Local Arguments validN _ _ _ !_ /.
 Local Arguments valid _ _  !_ /.


--- a/theories/algebra/frac.v
+++ b/theories/algebra/frac.v
 From Coq.QArith Require Import Qcanon.
 From iris.algebra Require Export cmra.
-Set Default Proof Using "Type*".
+Set Default Proof Using "Type".

 Notation frac := Qp (only parsing).


--- a/theories/algebra/gmap.v
+++ b/theories/algebra/gmap.v
@@ -2,7 +2,7 @@ From iris.algebra Require Export cmra.
 From iris.prelude Require Export gmap.
 From iris.algebra Require Import updates local_updates.
 From iris.base_logic Require Import base_logic.
-Set Default Proof Using "Type*".
+Set Default Proof Using "Type".

 Section cofe.
 Context `{Countable K} {A : ofeT}.
@@ -334,6 +334,7 @@ Proof.
 Qed.

 Section freshness.
+  Set Default Proof Using "Type*".
  Context `{Fresh K (gset K), !FreshSpec K (gset K)}.
  Lemma alloc_updateP_strong (Q : gmap K A → Prop) (I : gset K) m x :
    ✓ x → (∀ i, m !! i = None → i ∉ I → Q (<[i:=x]>m)) → m ~~>: Q.

--- a/theories/algebra/gset.v
+++ b/theories/algebra/gset.v
 From iris.algebra Require Export cmra.
 From iris.algebra Require Import updates local_updates.
 From iris.prelude Require Export collections gmap mapset.
-Set Default Proof Using "Type*".
+Set Default Proof Using "Type".

 (* The union CMRA *)
 Section gset.
@@ -155,6 +155,7 @@ Section gset_disj.
  Proof. eauto using gset_disj_alloc_empty_updateP_strong. Qed.

  Section fresh_updates.
+    Set Default Proof Using "Type*".
    Context `{Fresh K (gset K), !FreshSpec K (gset K)}.

    Lemma gset_disj_alloc_updateP (Q : gset_disj K → Prop) X :

--- a/theories/algebra/iprod.v
+++ b/theories/algebra/iprod.v
 From iris.algebra Require Export cmra.
 From iris.base_logic Require Import base_logic.
 From iris.prelude Require Import finite.
-Set Default Proof Using "Type*".
+Set Default Proof Using "Type".

 (** * Indexed product *)
 (** Need to put this in a definition to make canonical structures to work. *)

--- a/theories/algebra/list.v
+++ b/theories/algebra/list.v
@@ -2,7 +2,7 @@ From iris.algebra Require Export cmra.
 From iris.prelude Require Export list.
 From iris.base_logic Require Import base_logic.
 From iris.algebra Require Import updates local_updates.
-Set Default Proof Using "Type*".
+Set Default Proof Using "Type".

 Section cofe.
 Context {A : ofeT}.