 24 Aug, 2016 1 commit


 22 Aug, 2016 1 commit


 21 Aug, 2016 1 commit


 20 Aug, 2016 1 commit


This requirement was useful in Iris 2.0: in order to ensure that ownership of the physical state was timeless, we required the ghost CMRA to have a timeless unit. To avoid having additional type class parameters, or having to extend the algebraic hierarchy, we required the units of any CMRA to be timeless. In Iris 3.0, this issue no longer applies: ownership of the physical state is ghost ownership in the global CMRA, whose unit is always timeless. Thanks to Jeehoon Kang for spotting this unnecessary requirement.

 16 Aug, 2016 1 commit


 14 Aug, 2016 1 commit


This is more consistent with the definition of the extension order, which is also defined in terms of an existential.

 11 Aug, 2016 2 commits


It is not nonexpansive, so not a function we should use.

They are redundant because frac is discrete.

 09 Aug, 2016 1 commit


 08 Aug, 2016 6 commits


With Coq 8.6, you can no longer have intro patterns that give more names than the constructor has. Also, patterns with too few names are now interpreted as filling up with "?", rather than putting the unnamed parts into the goal again. Furthermore, it seems the behavior of "simplify_eq/=" changed, I guess hypotheses are considered in different order now. I managed to work around this, but it all seem kind of fragile. The next compilation failure is an "Anyomaly: ... Please report", so that's what I will do.

This commit reverts cdce49a7, which turns out to be no longer useful, and which I thus no longer wish to maintain.

 05 Aug, 2016 3 commits


And make it Typeclasses Opaque to ensure that we indeed do not do so using the proof mode.

 04 Aug, 2016 5 commits


Prove some properties about it, and define timeless in terms of it, and factor this notion out of raw view shifts.

show that even \later^n False is inconsistent (for any fixed n); properly use pvs in counter_examples

 02 Aug, 2016 2 commits


 01 Aug, 2016 1 commit


The new updates allow allocation fresh elements satisfying an arbitrary proposition (for example, being even) instead of just not being in a given finite set. TODO: maybe also do this for finite maps (gmaps).

 28 Jul, 2016 2 commits


 27 Jul, 2016 7 commits


This reverts commit 20b4ae55, which does not seem to work with Coq 8.5pl2 (I accidentally tested with 8.5pl1).

This makes type checking more directed, and somewhat more predictable. On the downside, it makes it impossible to declare the singleton on lists as an instance of SingletonM and the insert and alter operations on functions as instances of Alter and Insert. However, these were not used often anyway.

 25 Jul, 2016 5 commits


Also, I removed the @ from lookup_weaken since the Coq bug we experienced before somehow disappeared.

