- 11 Feb, 2016 11 commits
-
-
Robbert Krebbers authored
-
Ralf Jung authoredglobalC -> globalF New notation: iPropG, iFunctorG
-
Ralf Jung authored
Introduce the notion of "Frame Shift Assertions", and use to prove the rules about inv and auth at once for pvs and wp Yeah, the name is horrible... but on the plus side, I think it should be possible to show that atomic triples and atomic shifts are also frame shift assertions, and then we get all this stuff for them for free.
-
Ralf Jung authored
-
Ralf Jung authored
-
Ralf Jung authored
-
Ralf Jung authored
-
Ralf Jung authored
-
Ralf Jung authored
-
Robbert Krebbers authored
-
Robbert Krebbers authored
Instead, I separate it into a total function and a predicate describe whether the action is allowed or not. This has some advantages: * It is much easier to deal with total functions and predicates in Coq than with functions into option. * Already existing functions do not need to be wrapped. Instead, when using a local update you end up with a sensible side condition as a Coq Prop. * The definition of local updates (and all CMRA instances) no longer depend on option.
-
- 10 Feb, 2016 6 commits
- 08 Feb, 2016 1 commit
-
-
Ralf Jung authored
-
- 05 Feb, 2016 1 commit
-
-
Ralf Jung authored
-
