 24 Aug, 2016 5 commits


Zhen Zhang authored
unfolded logically atomic triple The definition is a bit funky now to hack together something fast. See demo section for an example of application. cc @dreyer @jung @robbertkrebbers @jjourdan See merge request !7

Zhen Zhang authored

Robbert Krebbers authored

Robbert Krebbers authored
This is allowed as long as one of the conjuncts is thrown away (i.e. is a wildcard _ in the introduction pattern). It corresponds to the principle of "external choice" in linear logic.

Robbert Krebbers authored

 23 Aug, 2016 3 commits


Robbert Krebbers authored
Also, since do_head_step no longer has a purpose, I have removed it and just use a bunch of eauto hints.

Robbert Krebbers authored

Robbert Krebbers authored

 22 Aug, 2016 11 commits


Robbert Krebbers authored

Robbert Krebbers authored
This implements issue #3.

Robbert Krebbers authored
This is more consistent with CAS, which also can be used on any value. Note that being able to (atomically) test for equality of any value and being able to CAS on any value is not realistic. See the discussion at https://gitlab.mpisws.org/FP/iriscoq/issues/26, and in particular JH Jourdan's observation: I think indeed for heap_lang this is just too complicated. Anyway, the role of heap_lang is not to model any actual programming language, but rather to show that we can do proofs about certain programs. The fact that you can write unrealistic programs is not a problem, IMHO. The only thing which is important is that the program that we write are realistic (i.e., faithfully represents the algorithm we want to p This commit is based on a commit by Zhen Zhang who generalized equality to work on any literal (and not just integers).

Robbert Krebbers authored

Robbert Krebbers authored
Since [inG] ranges over [cmraT]s, using an [ucmraT]s results in [ucmra_cmraR] coercions that slow down type checking. This commit improves the compilation time of thread_local.v by 40%.

JacquesHenri Jourdan authored
By using the global ghost maps instead of our own ones.

Robbert Krebbers authored
The previous commit is not really necesarry anymore, but my proof for UIP of types with decidable equality is a bit more general, so I won't revert it.

Robbert Krebbers authored
This way we get rid of the (unused) axiom eq_rect_eq reported by coqchk.

Ralf Jung authored

Ralf Jung authored

Robbert Krebbers authored

 21 Aug, 2016 3 commits


Robbert Krebbers authored

Ralf Jung authored

Ralf Jung authored

 20 Aug, 2016 1 commit


Robbert Krebbers authored
This requirement was useful in Iris 2.0: in order to ensure that ownership of the physical state was timeless, we required the ghost CMRA to have a timeless unit. To avoid having additional type class parameters, or having to extend the algebraic hierarchy, we required the units of any CMRA to be timeless. In Iris 3.0, this issue no longer applies: ownership of the physical state is ghost ownership in the global CMRA, whose unit is always timeless. Thanks to Jeehoon Kang for spotting this unnecessary requirement.

 19 Aug, 2016 7 commits
 18 Aug, 2016 4 commits


JacquesHenri Jourdan authored

JacquesHenri Jourdan authored

JacquesHenri Jourdan authored

Ralf Jung authored

 17 Aug, 2016 2 commits
 16 Aug, 2016 4 commits


Ralf Jung authored
