```
From iris.program_logic Require Export weakestpre.
From iris.heap_lang Require Export lang.
From iris.proofmode Require Import tactics.
From iris.heap_lang Require Import proofmode notation.
Set Default Proof Using "Type*".
Definition assert : val :=
λ: "v", if: "v" #() then #() else #0 #0. (* #0 #0 is unsafe *)
(* just below ;; *)
Notation "'assert:' e" := (assert (λ: <>, e))%E (at level 99) : expr_scope.
Lemma wp_assert `{heapG Σ} E (Φ : val → iProp Σ) e `{!Closed [] e} :
WP e @ E {{ v, ⌜v = #true⌝ ∧ ▷ Φ #() }} -∗ WP assert: e @ E {{ Φ }}.
Proof.
Fail (iLöb as "IH" forall (e Closed0)).
iAssert (True)%I as "T"; [by admit|].
(iLöb as "IH" forall (e Closed0)).
Abort.
```
I guess with the new unified handling of reverting hypotheses this probably applies to other tactics as well.Robbert KrebbersRobbert Krebbershttps://gitlab.mpi-sws.org/iris/iris/-/issues/62Specialization (iApply/iMod) often diverges on missing *2017-11-16T09:36:42ZRalf Jungjung@mpi-sws.orgSpecialization (iApply/iMod) often diverges on missing *When specializing a lemma that contains Iris-level universal quantifiers, if I forget to add the `*` to the pattern, the tactic frequently diverges. This is very frustrating as it is not even clear what's wrong, or where the `*` has to be added.
If you want, I can create a minimal example. Right now, one way to see this is to remove the `*` from the `iMod` in `weakestpre.wp_atomic`, line 172.Robbert KrebbersRobbert Krebbershttps://gitlab.mpi-sws.org/iris/iris/-/issues/63gmultiset.gmultiset_eq_dec applied too eagerly?2017-05-19T15:20:29ZJannogmultiset.gmultiset_eq_dec applied too eagerly?I don't have time to debug this in more detail so I am just going to dump a representative trace here. Without exception, all my diverging type class searches (of which I have a few per hour) eventually look like this one:
[trace.txt](/uploads/1fad04b1b2cb32d92e41f976f8853f1f/trace.txt)
1. Converting `gmap A (gmap B C)` to `gmap (A* B) (C)` and vice versa.
1. Converting `gmap A B` to `gmap A (A * B)` by copying the argument.
1. Converting `gmap A B` as a `gset (A * B)` (possibly by simply adding a ElemOf instance and corresponding lemma).
```
iAssert (∃ a, P a) with "[]" as (a) "H".
See <https://gitlab.mpi-sws.org/FP/LambdaRust-coq/blob/6d36b8cfbe2e7dbeda13889b17ef4b168d6953cf/theories/lang/spawn.v#L77> and <https://gitlab.mpi-sws.org/FP/LambdaRust-coq/blob/6d36b8cfbe2e7dbeda13889b17ef4b168d6953cf/theories/typing/unsafe/cell.v#L165> for some examples.The `wp_apply` tactic was written in a time when all our lemmas were uncurried. It always distributes all the resources of the current context to one of the goals that it creates, not leaving any control to the user. I think we need something like `wp_apply with "<spec pattern>"` to accommodate curried lemmas.
See <https://gitlab.mpi-sws.org/FP/LambdaRust-coq/blob/6d36b8cfbe2e7dbeda13889b17ef4b168d6953cf/theories/lang/spawn.v#L77> and <https://gitlab.mpi-sws.org/FP/LambdaRust-coq/blob/6d36b8cfbe2e7dbeda13889b17ef4b168d6953cf/theories/typing/unsafe/cell.v#L165> for some examples.https://gitlab.mpi-sws.org/iris/iris/-/issues/71Framing in Disjunctions2019-11-01T13:20:31ZJannoFraming in Disjunctions@haidang and I used to have two Instances for Frame that would let us frame out things from only one side of a disjunction. We currently do not have that instance anymore – apparently, it got lost somehow – but we miss it. I do realize that such an instance potentially leads to unsolvable goals more often than any of the existing framing instances. So this should probably not be the default behavior of `iFrame`. Nonetheless, the functionality was extremely convenient in some places. Often, disjunctive goals could easily be closed by framing out a bunch of resources and closing the goal with a `by` prefix or a separate `done`. No `iLeft` or `iRight` was needed.
I wonder if Iris could still benefit from such rules by adding a marker in the syntax for `iFrame`, e.g. `iFrame "!H"`, which applies the more reckless disjunction framing rules. The same could be applied for specialization patterns with something like `$!H`.
What do you think?@haidang and I used to have two Instances for Frame that would let us frame out things from only one side of a disjunction. We currently do not have that instance anymore – apparently, it got lost somehow – but we miss it. I do realize that such an instance potentially leads to unsolvable goals more often than any of the existing framing instances. So this should probably not be the default behavior of `iFrame`. Nonetheless, the functionality was extremely convenient in some places. Often, disjunctive goals could easily be closed by framing out a bunch of resources and closing the goal with a `by` prefix or a separate `done`. No `iLeft` or `iRight` was needed.
I wonder if Iris could still benefit from such rules by adding a marker in the syntax for `iFrame`, e.g. `iFrame "!H"`, which applies the more reckless disjunction framing rules. The same could be applied for specialization patterns with something like `$!H`.
What do you think?Robbert KrebbersRobbert Krebbershttps://gitlab.mpi-sws.org/iris/iris/-/issues/72Support `iCombine "H1 H2 ..." as "Hx"`2017-05-19T15:20:29ZRalf Jungjung@mpi-sws.orgSupport `iCombine "H1 H2 ..." as "Hx"`It'd be nice if `iCombine` supported passing a single string of space-separated hypothesis instead of insisting on two strings, each being a single name. Combining more than two hypothesis would be done by folding.It'd be nice if `iCombine` supported passing a single string of space-separated hypothesis instead of insisting on two strings, each being a single name. Combining more than two hypothesis would be done by folding.Robbert KrebbersRobbert Krebbershttps://gitlab.mpi-sws.org/iris/iris/-/issues/73Specialization patterns syntax extensions2017-05-19T15:20:29ZRobbert KrebbersSpecialization patterns syntax extensionsThere have been some requests to add new stuff to specialization patterns:
1. A `//` token for performing `done`. One could then write things like `[$H1 $H2 //]` or `[//]`.
2. Being able to frame in persistent specialization patterns, i.e. `[# $H1 $H2]`.
3. A token, say `[$]` to solve the goal by framing, and by keeping all unused hypotheses for the subsequent goals.
However, there are some questions here:
1. I suppose we want to be able to use `//` also for pure and persistent goals. For example `[% //]` and `[# //]`.
2. What is going to happen when we do `[# H1 $H2]`. There are some obvious choices: a.) using a hypothesis without a `$` prefix is forbidden b.) ignore all hypotheses that are not prefixed with a `$` (there is no need to select hypotheses, you get all anyway, since the goal is persistent) c.) prune the context that goal.
3. What to frame? Just the spatial hypotheses, or everything (including the persistent ones)?
```
Lemma test_iApply_1 (M : ucmraT) (P : nat → uPred M) :
▷ (∃ x, P x) -∗ ∃ x, ▷ P x.
Proof.
iIntros "H". Fail iApply uPred.later_exist.
rewrite -uPred.later_exist. by iNext.
Qed.
```
∃ x : vec val m, ⌜#l = #l⌝ ∗ ▷ l ↦∗ x
```
and all my assumptions are only available later. I cannot do `iNext` because not everything is below a later, but I can do `rewrite -uPred.sep_exist_l. iSplit; first done.`. This works because some part of what is below the existential does not depend on the witness.
Now I wonder, would it make sense for `iSplit` to work in this case (giving me ` ⌜#l = #l⌝` and `∃ x : vec val m, ▷ l ↦∗ x` as goals)? The rewrite I did above is not very discoverable, but neither is the `iSplit`. What do you think? @jjourdan @robbertkrebbers
