Use scheme - then + then * for bullets.

theories/bsets.v

@@ -21,11 +21,11 @@ Instance bset_collection {A} `{∀ x y : A, Decision (x = y)} :
   Collection A (bset A).
 Proof.
   split; [split| |].
-  * by intros x ?.
-  * by intros x y; rewrite <-(bool_decide_spec (x = y)).
-  * split. apply orb_prop_elim. apply orb_prop_intro.
-  * split. apply andb_prop_elim. apply andb_prop_intro.
-  * intros X Y x; unfold elem_of, bset_elem_of; simpl. 
+  - by intros x ?.
+  - by intros x y; rewrite <-(bool_decide_spec (x = y)).
+  - split. apply orb_prop_elim. apply orb_prop_intro.
+  - split. apply andb_prop_elim. apply andb_prop_intro.
+  - intros X Y x; unfold elem_of, bset_elem_of; simpl. 
     destruct (bset_car X x), (bset_car Y x); simpl; tauto.
 Qed.
 Instance bset_elem_of_dec {A} x (X : bset A) : Decision (x ∈ X) := _.

theories/co_pset.v

@@ -65,10 +65,10 @@ Lemma coPset_eq t1 t2 :
 Proof.
   revert t2.
   induction t1 as [b1|b1 l1 IHl r1 IHr]; intros [b2|b2 l2 r2] Ht ??; simpl in *.
-  * f_equal; apply (Ht 1).
-  * by discriminate (coPLeaf_wf (coPNode b2 l2 r2) b1).
-  * by discriminate (coPLeaf_wf (coPNode b1 l1 r1) b2).
-  * f_equal; [apply (Ht 1)| |].
+  - f_equal; apply (Ht 1).
+  - by discriminate (coPLeaf_wf (coPNode b2 l2 r2) b1).
+  - by discriminate (coPLeaf_wf (coPNode b1 l1 r1) b2).
+  - f_equal; [apply (Ht 1)| |].
     + apply IHl; try apply (λ x, Ht (x~0)); eauto.
     + apply IHr; try apply (λ x, Ht (x~1)); eauto.
 Qed.
@@ -163,13 +163,13 @@ Instance coPset_elem_of_dec (p : positive) (X : coPset) : Decision (p ∈ X) :=
 Instance coPset_collection : Collection positive coPset.
 Proof.
   split; [split| |].
-  * by intros ??.
-  * intros p q. apply elem_to_Pset_singleton.
-  * intros [t] [t'] p; unfold elem_of, coPset_elem_of, coPset_union; simpl.
+  - by intros ??.
+  - intros p q. apply elem_to_Pset_singleton.
+  - intros [t] [t'] p; unfold elem_of, coPset_elem_of, coPset_union; simpl.
     by rewrite elem_to_Pset_union, orb_True.
-  * intros [t] [t'] p; unfold elem_of,coPset_elem_of,coPset_intersection; simpl.
+  - intros [t] [t'] p; unfold elem_of,coPset_elem_of,coPset_intersection; simpl.
     by rewrite elem_to_Pset_intersection, andb_True.
-  * intros [t] [t'] p; unfold elem_of, coPset_elem_of, coPset_difference; simpl.
+  - intros [t] [t'] p; unfold elem_of, coPset_elem_of, coPset_difference; simpl.
     by rewrite elem_to_Pset_intersection,
       elem_to_Pset_opp, andb_True, negb_True.
 Qed.
@@ -192,7 +192,7 @@ Lemma coPset_finite_spec X : set_finite X ↔ coPset_finite (`X).
 Proof.
   destruct X as [t Ht].
   unfold set_finite, elem_of at 1, coPset_elem_of; simpl; clear Ht; split.
-  * induction t as [b|b l IHl r IHr]; simpl.
+  - induction t as [b|b l IHl r IHr]; simpl.
     { destruct b; simpl; [intros [l Hl]|done].
       by apply (is_fresh (of_list l : Pset)), elem_of_of_list, Hl. }
     intros [ll Hll]; rewrite andb_True; split.
@@ -200,7 +200,7 @@ Proof.
       rewrite elem_of_list_omap; intros; exists (i~0); auto.
     + apply IHr; exists (omap (maybe (~1)) ll); intros i.
       rewrite elem_of_list_omap; intros; exists (i~1); auto.
-  * induction t as [b|b l IHl r IHr]; simpl; [by exists []; destruct b|].
+  - induction t as [b|b l IHl r IHr]; simpl; [by exists []; destruct b|].
     rewrite andb_True; intros [??]; destruct IHl as [ll ?], IHr as [rl ?]; auto.
     exists ([1] ++ ((~0) <$> ll) ++ ((~1) <$> rl))%list; intros [i|i|]; simpl;
       rewrite elem_of_cons, elem_of_app, !elem_of_list_fmap; naive_solver.
@@ -237,8 +237,8 @@ Qed.
 Lemma coPpick_elem_of X : ¬set_finite X → coPpick X ∈ X.
 Proof.
   destruct X as [t ?]; unfold coPpick; destruct (coPpick_raw _) as [j|] eqn:?.
-  * by intros; apply coPpick_raw_elem_of.
-  * by intros []; apply coPset_finite_spec, coPpick_raw_None.
+  - by intros; apply coPpick_raw_elem_of.
+  - by intros []; apply coPset_finite_spec, coPpick_raw_None.
 Qed.
 
 (** * Conversion to psets *)
@@ -270,8 +270,8 @@ Fixpoint of_Pset_raw (t : Pmap_raw ()) : coPset_raw :=
 Lemma of_Pset_wf t : Pmap_wf t → coPset_wf (of_Pset_raw t).
 Proof.
   induction t as [|[] l IHl r IHr]; simpl; rewrite ?andb_True; auto.
-  * intros [??]; destruct l as [|[]], r as [|[]]; simpl in *; auto.
-  * destruct l as [|[]], r as [|[]]; simpl in *; rewrite ?andb_true_r;
+  - intros [??]; destruct l as [|[]], r as [|[]]; simpl in *; auto.
+  - destruct l as [|[]], r as [|[]]; simpl in *; rewrite ?andb_true_r;
       rewrite ?andb_True; rewrite ?andb_True in IHl, IHr; intuition.
 Qed.
 Lemma elem_of_of_Pset_raw i t : e_of i (of_Pset_raw t) ↔ t !! i = Some ().
@@ -327,9 +327,9 @@ Definition coPset_suffixes (p : positive) : coPset :=
 Lemma elem_coPset_suffixes p q : p ∈ coPset_suffixes q ↔ ∃ q', p = q' ++ q.
 Proof.
   unfold elem_of, coPset_elem_of; simpl; split.
-  * revert p; induction q; intros [?|?|]; simpl;
+  - revert p; induction q; intros [?|?|]; simpl;
       rewrite ?coPset_elem_of_node; naive_solver.
-  * by intros [q' ->]; induction q; simpl; rewrite ?coPset_elem_of_node.
+  - by intros [q' ->]; induction q; simpl; rewrite ?coPset_elem_of_node.
 Qed.
 Lemma coPset_suffixes_infinite p : ¬set_finite (coPset_suffixes p).
 Proof.

theories/collections.v

@@ -48,8 +48,8 @@ Section simple_collection.
   Lemma elem_of_subseteq_singleton x X : x ∈ X ↔ {[ x ]} ⊆ X.
   Proof.
     split.
-    * intros ??. rewrite elem_of_singleton. by intros ->.
-    * intros Ex. by apply (Ex x), elem_of_singleton.
+    - intros ??. rewrite elem_of_singleton. by intros ->.
+    - intros Ex. by apply (Ex x), elem_of_singleton.
   Qed.
   Global Instance singleton_proper : Proper ((=) ==> (≡)) (singleton (B:=C)).
   Proof. by repeat intro; subst. Qed.
@@ -59,9 +59,9 @@ Section simple_collection.
   Lemma elem_of_union_list Xs x : x ∈ ⋃ Xs ↔ ∃ X, X ∈ Xs ∧ x ∈ X.
   Proof.
     split.
-    * induction Xs; simpl; intros HXs; [by apply elem_of_empty in HXs|].
+    - induction Xs; simpl; intros HXs; [by apply elem_of_empty in HXs|].
       setoid_rewrite elem_of_cons. apply elem_of_union in HXs. naive_solver.
-    * intros [X []]. induction 1; simpl; [by apply elem_of_union_l |].
+    - intros [X []]. induction 1; simpl; [by apply elem_of_union_l |].
       intros. apply elem_of_union_r; auto.
   Qed.
   Lemma non_empty_singleton x : ({[ x ]} : C) ≢ ∅.
@@ -113,9 +113,9 @@ Section of_option_list.
   Lemma elem_of_of_list (x : A) l : x ∈ of_list l ↔ x ∈ l.
   Proof.
     split.
-    * induction l; simpl; [by rewrite elem_of_empty|].
+    - induction l; simpl; [by rewrite elem_of_empty|].
       rewrite elem_of_union,elem_of_singleton; intros [->|?]; constructor; auto.
-    * induction 1; simpl; rewrite elem_of_union, elem_of_singleton; auto.
+    - induction 1; simpl; rewrite elem_of_union, elem_of_singleton; auto.
   Qed.
 End of_option_list.
 
@@ -356,11 +356,11 @@ Section collection_ops.
       Forall2 (∈) xs Xs ∧ y ∈ Y ∧ foldr (λ x, (≫= f x)) (Some y) xs = Some x.
   Proof.
     split.
-    * revert x. induction Xs; simpl; intros x HXs; [eexists [], x; intuition|].
+    - revert x. induction Xs; simpl; intros x HXs; [eexists [], x; intuition|].
       rewrite elem_of_intersection_with in HXs; destruct HXs as (x1&x2&?&?&?).
       destruct (IHXs x2) as (xs & y & hy & ? & ?); trivial.
       eexists (x1 :: xs), y. intuition (simplify_option_equality; auto).
-    * intros (xs & y & Hxs & ? & Hx). revert x Hx.
+    - intros (xs & y & Hxs & ? & Hx). revert x Hx.
       induction Hxs; intros; simplify_option_equality; [done |].
       rewrite elem_of_intersection_with. naive_solver.
   Qed.
@@ -389,8 +389,8 @@ Section NoDup.
   Global Instance: Proper (R ==> (≡) ==> iff) elem_of_upto.
   Proof.
     intros ?? E1 ?? E2. split; intros [z [??]]; exists z.
-    * rewrite <-E1, <-E2; intuition.
-    * rewrite E1, E2; intuition.
+    - rewrite <-E1, <-E2; intuition.
+    - rewrite E1, E2; intuition.
   Qed.
   Global Instance: Proper ((≡) ==> iff) set_NoDup.
   Proof. firstorder. Qed.
@@ -575,8 +575,8 @@ Section collection_monad.
     l ∈ mapM f k ↔ Forall2 (λ x y, x ∈ f y) l k.
   Proof.
     split.
-    * revert l. induction k; solve_elem_of.
-    * induction 1; solve_elem_of.
+    - revert l. induction k; solve_elem_of.
+    - induction 1; solve_elem_of.
   Qed.
   Lemma collection_mapM_length {A B} (f : A → M B) l k :
     l ∈ mapM f k → length l = length k.

theories/fin_collections.v

@@ -20,9 +20,9 @@ Proof. by exists (elements X); intros; rewrite elem_of_elements. Qed.
 Global Instance elements_proper: Proper ((≡) ==> (≡ₚ)) (elements (C:=C)).
 Proof.
   intros ?? E. apply NoDup_Permutation.
-  * apply NoDup_elements.
-  * apply NoDup_elements.
-  * intros. by rewrite !elem_of_elements, E.
+  - apply NoDup_elements.
+  - apply NoDup_elements.
+  - intros. by rewrite !elem_of_elements, E.
 Qed.
 Global Instance collection_size_proper: Proper ((≡) ==> (=)) (@size C _).
 Proof. intros ?? E. apply Permutation_length. by rewrite E. Qed.
@@ -45,9 +45,9 @@ Lemma size_singleton (x : A) : size {[ x ]} = 1.
 Proof.
   change (length (elements {[ x ]}) = length [x]).
   apply Permutation_length, NoDup_Permutation.
-  * apply NoDup_elements.
-  * apply NoDup_singleton.
-  * intros y.
+  - apply NoDup_elements.
+  - apply NoDup_singleton.
+  - intros y.
     by rewrite elem_of_elements, elem_of_singleton, elem_of_list_singleton.
 Qed.
 Lemma size_singleton_inv X x y : size X = 1 → x ∈ X → y ∈ X → x = y.
@@ -59,8 +59,8 @@ Qed.
 Lemma collection_choose_or_empty X : (∃ x, x ∈ X) ∨ X ≡ ∅.
 Proof.
   destruct (elements X) as [|x l] eqn:HX; [right|left].
-  * apply equiv_empty; intros x. by rewrite <-elem_of_elements, HX, elem_of_nil.
-  * exists x. rewrite <-elem_of_elements, HX. by left.
+  - apply equiv_empty; intros x. by rewrite <-elem_of_elements, HX, elem_of_nil.
+  - exists x. rewrite <-elem_of_elements, HX. by left.
 Qed.
 Lemma collection_choose X : X ≢ ∅ → ∃ x, x ∈ X.
 Proof. intros. by destruct (collection_choose_or_empty X). Qed.
@@ -75,17 +75,17 @@ Lemma size_1_elem_of X : size X = 1 → ∃ x, X ≡ {[ x ]}.
 Proof.
   intros E. destruct (size_pos_elem_of X); auto with lia.
   exists x. apply elem_of_equiv. split.
-  * rewrite elem_of_singleton. eauto using size_singleton_inv.
-  * solve_elem_of.
+  - rewrite elem_of_singleton. eauto using size_singleton_inv.
+  - solve_elem_of.
 Qed.
 Lemma size_union X Y : X ∩ Y ≡ ∅ → size (X ∪ Y) = size X + size Y.
 Proof.
   intros [E _]. unfold size, collection_size. simpl. rewrite <-app_length.
   apply Permutation_length, NoDup_Permutation.
-  * apply NoDup_elements.
-  * apply NoDup_app; repeat split; try apply NoDup_elements.
+  - apply NoDup_elements.
+  - apply NoDup_app; repeat split; try apply NoDup_elements.
     intros x; rewrite !elem_of_elements; solve_elem_of.
-  * intros. by rewrite elem_of_app, !elem_of_elements, elem_of_union.
+  - intros. by rewrite elem_of_app, !elem_of_elements, elem_of_union.
 Qed.
 Instance elem_of_dec_slow (x : A) (X : C) : Decision (x ∈ X) | 100.
 Proof.
@@ -129,9 +129,9 @@ Proof.
   intros ? Hemp Hadd. apply well_founded_induction with (⊂).
   { apply collection_wf. }
   intros X IH. destruct (collection_choose_or_empty X) as [[x ?]|HX].
-  * rewrite (union_difference {[ x ]} X) by solve_elem_of.
+  - rewrite (union_difference {[ x ]} X) by solve_elem_of.
     apply Hadd. solve_elem_of. apply IH; solve_elem_of.
-  * by rewrite HX.
+  - by rewrite HX.
 Qed.
 Lemma collection_fold_ind {B} (P : B → C → Prop) (f : A → B → B) (b : B) :
   Proper ((=) ==> (≡) ==> iff) P →
@@ -143,9 +143,9 @@ Proof.
   { intros help ?. apply help; [apply NoDup_elements|].
     symmetry. apply elem_of_elements. }
   induction 1 as [|x l ?? IH]; simpl.
-  * intros X HX. setoid_rewrite elem_of_nil in HX.
+  - intros X HX. setoid_rewrite elem_of_nil in HX.
     rewrite equiv_empty. done. solve_elem_of.
-  * intros X HX. setoid_rewrite elem_of_cons in HX.
+  - intros X HX. setoid_rewrite elem_of_cons in HX.
     rewrite (union_difference {[ x ]} X) by solve_elem_of.
     apply Hadd. solve_elem_of. apply IH. solve_elem_of.
 Qed.

theories/finite.v

@@ -30,8 +30,8 @@ Proof.
   destruct finA as [xs Hxs HA]; unfold encode_nat, encode, card; simpl.
   rewrite Nat2Pos.id by done; simpl.
   destruct (list_find _ xs) as [[i y]|] eqn:?; simpl.
-  * destruct (list_find_Some (x =) xs i y); eauto using lookup_lt_Some.
-  * destruct xs; simpl. exfalso; eapply not_elem_of_nil, (HA x). lia.
+  - destruct (list_find_Some (x =) xs i y); eauto using lookup_lt_Some.
+  - destruct xs; simpl. exfalso; eapply not_elem_of_nil, (HA x). lia.
 Qed.
 Lemma encode_decode A `{finA: Finite A} i :
   i < card A → ∃ x, decode_nat i = Some x ∧ encode_nat x = i.
@@ -80,8 +80,8 @@ Lemma finite_inj_Permutation `{Finite A} `{Finite B} (f : A → B)
   `{!Inj (=) (=) f} : card A = card B → f <$> enum A ≡ₚ enum B.
 Proof.
   intros. apply contains_Permutation_length_eq.
-  * by rewrite fmap_length.
-  * by apply finite_inj_contains.
+  - by rewrite fmap_length.
+  - by apply finite_inj_contains.
 Qed.
 Lemma finite_inj_surj `{Finite A} `{Finite B} (f : A → B)
   `{!Inj (=) (=) f} : card A = card B → Surj (=) f.
@@ -103,20 +103,20 @@ Lemma finite_inj A `{Finite A} B `{Finite B} :
   card A ≤ card B ↔ ∃ f : A → B, Inj (=) (=) f.
 Proof.
   split.
-  * intros. destruct (decide (card A = 0)) as [HA|?].
+  - intros. destruct (decide (card A = 0)) as [HA|?].
     { exists (card_0_inv B HA). intros y. apply (card_0_inv _ HA y). }
     destruct (finite_surj A B) as (g&?); auto with lia.
     destruct (surj_cancel g) as (f&?). exists f. apply cancel_inj.
-  * intros [f ?]. unfold card. rewrite <-(fmap_length f).
+  - intros [f ?]. unfold card. rewrite <-(fmap_length f).
     by apply contains_length, (finite_inj_contains f).
 Qed.
 Lemma finite_bijective A `{Finite A} B `{Finite B} :
   card A = card B ↔ ∃ f : A → B, Inj (=) (=) f ∧ Surj (=) f.
 Proof.
   split.
-  * intros; destruct (proj1 (finite_inj A B)) as [f ?]; auto with lia.
+  - intros; destruct (proj1 (finite_inj A B)) as [f ?]; auto with lia.
     exists f; auto using (finite_inj_surj f).
-  * intros (f&?&?). apply (anti_symm (≤)); apply finite_inj.
+  - intros (f&?&?). apply (anti_symm (≤)); apply finite_inj.
     + by exists f.
     + destruct (surj_cancel f) as (g&?); eauto using cancel_inj.
 Qed.
@@ -193,8 +193,8 @@ Program Instance option_finite `{Finite A} : Finite (option A) :=
   {| enum := None :: Some <$> enum A |}.
 Next Obligation.
   constructor.
-  * rewrite elem_of_list_fmap. by intros (?&?&?).
-  * apply (NoDup_fmap_2 _); auto using NoDup_enum.
+  - rewrite elem_of_list_fmap. by intros (?&?&?).
+  - apply (NoDup_fmap_2 _); auto using NoDup_enum.
 Qed.
 Next Obligation.
   intros ??? [x|]; [right|left]; auto.
@@ -221,9 +221,9 @@ Program Instance sum_finite `{Finite A, Finite B} : Finite (A + B)%type :=
   {| enum := (inl <$> enum A) ++ (inr <$> enum B) |}.
 Next Obligation.
   intros. apply NoDup_app; split_ands.
-  * apply (NoDup_fmap_2 _). by apply NoDup_enum.
-  * intro. rewrite !elem_of_list_fmap. intros (?&?&?) (?&?&?); congruence.
-  * apply (NoDup_fmap_2 _). by apply NoDup_enum.
+  - apply (NoDup_fmap_2 _). by apply NoDup_enum.
+  - intro. rewrite !elem_of_list_fmap. intros (?&?&?) (?&?&?); congruence.
+  - apply (NoDup_fmap_2 _). by apply NoDup_enum.
 Qed.
 Next Obligation.
   intros ?????? [x|y]; rewrite elem_of_app, !elem_of_list_fmap;
@@ -238,20 +238,20 @@ Next Obligation.
   intros ??????. induction (NoDup_enum A) as [|x xs Hx Hxs IH]; simpl.
   { constructor. }
   apply NoDup_app; split_ands.
-  * by apply (NoDup_fmap_2 _), NoDup_enum.
-  * intros [? y]. rewrite elem_of_list_fmap. intros (?&?&?); simplify_equality.
+  - by apply (NoDup_fmap_2 _), NoDup_enum.
+  - intros [? y]. rewrite elem_of_list_fmap. intros (?&?&?); simplify_equality.
     clear IH. induction Hxs as [|x' xs ?? IH]; simpl.
     { rewrite elem_of_nil. tauto. }
     rewrite elem_of_app, elem_of_list_fmap.
     intros [(?&?&?)|?]; simplify_equality.
     + destruct Hx. by left.
     + destruct IH. by intro; destruct Hx; right. auto.
-  * done.
+  - done.
 Qed.
 Next Obligation.
   intros ?????? [x y]. induction (elem_of_enum x); simpl.
-  * rewrite elem_of_app, !elem_of_list_fmap. eauto using @elem_of_enum.
-  * rewrite elem_of_app; eauto.
+  - rewrite elem_of_app, !elem_of_list_fmap. eauto using @elem_of_enum.
+  - rewrite elem_of_app; eauto.
 Qed.
 Lemma prod_card `{Finite A} `{Finite B} : card (A * B) = card A * card B.
 Proof.
@@ -272,13 +272,13 @@ Next Obligation.
   revert IH. generalize (list_enum (enum A) n). intros l Hl.
   induction (NoDup_enum A) as [|x xs Hx Hxs IH]; simpl; auto; [constructor |].
   apply NoDup_app; split_ands.
-  * by apply (NoDup_fmap_2 _).
-  * intros [k1 Hk1]. clear Hxs IH. rewrite elem_of_list_fmap.
+  - by apply (NoDup_fmap_2 _).
+  - intros [k1 Hk1]. clear Hxs IH. rewrite elem_of_list_fmap.
     intros ([k2 Hk2]&?&?) Hxk2; simplify_equality'. destruct Hx. revert Hxk2.
     induction xs as [|x' xs IH]; simpl in *; [by rewrite elem_of_nil |].
     rewrite elem_of_app, elem_of_list_fmap, elem_of_cons.
     intros [([??]&?&?)|?]; simplify_equality'; auto.
-  * apply IH.
+  - apply IH.
 Qed.
 Next Obligation.
   intros ???? [l Hl]. revert l Hl.
@@ -286,9 +286,9 @@ Next Obligation.
   { apply elem_of_list_singleton. by apply (sig_eq_pi _). }
   revert IH. generalize (list_enum (enum A) n). intros k Hk.
   induction (elem_of_enum x) as [x xs|x xs]; simpl in *.
-  * rewrite elem_of_app, elem_of_list_fmap. left. injection Hl. intros Hl'.
+  - rewrite elem_of_app, elem_of_list_fmap. left. injection Hl. intros Hl'.
     eexists (l↾Hl'). split. by apply (sig_eq_pi _). done.
-  * rewrite elem_of_app. eauto.
+  - rewrite elem_of_app. eauto.
 Qed.
 Lemma list_card `{Finite A} n : card { l | length l = n } = card A ^ n.
 Proof.

theories/gmap.v

@@ -37,8 +37,8 @@ Lemma gmap_partial_alter_wf `{Countable K} {A} (f : option A → option A) m i :
   gmap_wf m → gmap_wf (partial_alter f (encode i) m).
 Proof.
   intros Hm p x. destruct (decide (encode i = p)) as [<-|?].
-  * rewrite decode_encode; eauto.
-  * rewrite lookup_partial_alter_ne by done. by apply Hm.
+  - rewrite decode_encode; eauto.
+  - rewrite lookup_partial_alter_ne by done. by apply Hm.
 Qed.
 Instance gmap_partial_alter `{Countable K} {A} :
     PartialAlter K A (gmap K A) := λ f i m,
@@ -78,7 +78,7 @@ Instance gmap_to_list `{Countable K} {A} : FinMapToList K A (gmap K A) := λ m,
 Instance gmap_finmap `{Countable K} : FinMap K (gmap K).
 Proof.
   split.
-  * unfold lookup; intros A [m1 Hm1] [m2 Hm2] Hm.
+  - unfold lookup; intros A [m1 Hm1] [m2 Hm2] Hm.
     apply gmap_eq, map_eq; intros i; simpl in *.
     apply bool_decide_unpack in Hm1; apply bool_decide_unpack in Hm2.
     apply option_eq; intros x; split; intros Hi.
@@ -86,12 +86,12 @@ Proof.
       by destruct (decode i); simplify_equality'; rewrite <-Hm.
     + pose proof (Hm2 i x Hi); simpl in *.
       by destruct (decode i); simplify_equality'; rewrite Hm.
-  * done.
-  * intros A f [m Hm] i; apply (lookup_partial_alter f m).
-  * intros A f [m Hm] i j Hs; apply (lookup_partial_alter_ne f m).
+  - done.
+  - intros A f [m Hm] i; apply (lookup_partial_alter f m).
+  - intros A f [m Hm] i j Hs; apply (lookup_partial_alter_ne f m).
     by contradict Hs; apply (inj encode).
-  * intros A B f [m Hm] i; apply (lookup_fmap f m).
-  * intros A [m Hm]; unfold map_to_list; simpl.
+  - intros A B f [m Hm] i; apply (lookup_fmap f m).
+  - intros A [m Hm]; unfold map_to_list; simpl.
     apply bool_decide_unpack, map_Forall_to_list in Hm; revert Hm.
     induction (NoDup_map_to_list m) as [|[p x] l Hpx];
       inversion 1 as [|??? Hm']; simplify_equality'; [by constructor|].
@@ -99,15 +99,15 @@ Proof.
     rewrite elem_of_list_omap; intros ([p' x']&?&?); simplify_equality'.
     feed pose proof (proj1 (Forall_forall _ _) Hm' (p',x')); simpl in *; auto.
     by destruct (decode p') as [i'|]; simplify_equality'.
-  * intros A [m Hm] i x; unfold map_to_list, lookup; simpl.
+  - intros A [m Hm] i x; unfold map_to_list, lookup; simpl.
     apply bool_decide_unpack in Hm; rewrite elem_of_list_omap; split.
     + intros ([p' x']&Hp'&?); apply elem_of_map_to_list in Hp'.
       feed pose proof (Hm p' x'); simpl in *; auto.
       by destruct (decode p') as [i'|] eqn:?; simplify_equality'.
     + intros; exists (encode i,x); simpl.
       by rewrite elem_of_map_to_list, decode_encode.
-  * intros A B f [m Hm] i; apply (lookup_omap f m).
-  * intros A B C f ? [m1 Hm1] [m2 Hm2] i; unfold merge, lookup; simpl.
+  - intros A B f [m Hm] i; apply (lookup_omap f m).
+  - intros A B C f ? [m1 Hm1] [m2 Hm2] i; unfold merge, lookup; simpl.
     set (f' o1 o2 := match o1, o2 with None,None => None | _, _ => f o1 o2 end).
     by rewrite lookup_merge by done; destruct (m1 !! _), (m2 !! _).
 Qed.
@@ -130,8 +130,8 @@ Instance gset_positive_fresh : Fresh positive (gset positive) := λ X,
 Instance gset_positive_fresh_spec : FreshSpec positive (gset positive).
 Proof.
   split.
-  * apply _.
-  * by intros X Y; rewrite <-elem_of_equiv_L; intros ->.
-  * intros [[m Hm]]; unfold fresh; simpl.
+  - apply _.
+  - by intros X Y; rewrite <-elem_of_equiv_L; intros ->.
+  - intros [[m Hm]]; unfold fresh; simpl.
     by intros ?; apply (is_fresh (dom Pset m)), elem_of_dom_2 with ().
 Qed.

theories/hashset.v

@@ -63,12 +63,12 @@ Instance hashset_elems: Elements A (hashset hash) := λ m,
 Global Instance: FinCollection A (hashset hash).
 Proof.
   split; [split; [split| |]| |].
-  * intros ? (?&?&?); simplify_map_equality'.
-  * unfold elem_of, hashset_elem_of, singleton, hashset_singleton; simpl.
+  - intros ? (?&?&?); simplify_map_equality'.
+  - unfold elem_of, hashset_elem_of, singleton, hashset_singleton; simpl.
     intros x y. setoid_rewrite lookup_singleton_Some. split.
     { by intros (?&[? <-]&?); decompose_elem_of_list. }
     intros ->; eexists [y]. by rewrite elem_of_list_singleton.
-  * unfold elem_of, hashset_elem_of, union, hashset_union.
+  - unfold elem_of, hashset_elem_of, union, hashset_union.
     intros [m1 Hm1] [m2 Hm2] x; simpl; setoid_rewrite lookup_union_with_Some.
     split.
     { intros (?&[[]|[[]|(l&k&?&?&?)]]&Hx); simplify_equality'; eauto.
@@ -78,7 +78,7 @@ Proof.
       exists (list_union l k). rewrite elem_of_list_union. naive_solver.
     + destruct (m1 !! hash x) as [l|]; eauto 6.
       exists (list_union l k). rewrite elem_of_list_union. naive_solver.
-  * unfold elem_of, hashset_elem_of, intersection, hashset_intersection.
+  - unfold elem_of, hashset_elem_of, intersection, hashset_intersection.
     intros [m1 ?] [m2 ?] x; simpl.
     setoid_rewrite lookup_intersection_with_Some. split.
     { intros (?&(l&k&?&?&?)&Hx); simplify_option_equality.
@@ -87,7 +87,7 @@ Proof.
       by (by rewrite elem_of_list_intersection).
     exists (list_intersection l k); split; [exists l, k|]; split_ands; auto.
     by rewrite option_guard_True by eauto using elem_of_not_nil.
-  * unfold elem_of, hashset_elem_of, intersection, hashset_intersection.
+  - unfold elem_of, hashset_elem_of, intersection, hashset_intersection.
     intros [m1 ?] [m2 ?] x; simpl.
     setoid_rewrite lookup_difference_with_Some. split.
     { intros (l'&[[??]|(l&k&?&?&?)]&Hx); simplify_option_equality;
@@ -97,13 +97,13 @@ Proof.
     assert (x ∈ list_difference l k) by (by rewrite elem_of_list_difference).
     exists (list_difference l k); split; [right; exists l,k|]; split_ands; auto.
     by rewrite option_guard_True by eauto using elem_of_not_nil.
-  * unfold elem_of at 2, hashset_elem_of, elements, hashset_elems.
+  - unfold elem_of at 2, hashset_elem_of, elements, hashset_elems.
     intros [m Hm] x; simpl. setoid_rewrite elem_of_list_bind. split.
     { intros ([n l]&Hx&Hn); simpl in *; rewrite elem_of_map_to_list in Hn.
       cut (hash x = n); [intros <-; eauto|].
       eapply (Forall_forall (λ x, hash x = n) l); eauto. eapply Hm; eauto. }
     intros (l&?&?). exists (hash x, l); simpl. by rewrite elem_of_map_to_list.
-  * unfold elements, hashset_elems. intros [m Hm]; simpl.
+  - unfold elements, hashset_elems. intros [m Hm]; simpl.
     rewrite map_Forall_to_list in Hm. generalize (NoDup_fst_map_to_list m).
     induction Hm as [|[n l] m' [??]];
       csimpl; inversion_clear 1 as [|?? Hn]; [constructor|].
@@ -152,10 +152,10 @@ Proof.
   unfold remove_dups_fast; generalize (x1 :: x2 :: l); clear l; intros l.
   generalize (λ x, hash x `mod` (2 * length l))%Z; intros f.
   rewrite elem_of_elements; split.
-  * revert x. induction l as [|y l IH]; intros x; simpl.
+  - revert x. induction l as [|y l IH]; intros x; simpl.
     { by rewrite elem_of_empty. }
     rewrite elem_of_union, elem_of_singleton. intros [->|]; [left|right]; eauto.
-  * induction 1; solve_elem_of.
+  - induction 1; solve_elem_of.
 Qed.
 Lemma NoDup_remove_dups_fast l : NoDup (remove_dups_fast l).
 Proof.

theories/lexico.v

@@ -49,9 +49,9 @@ Instance prod_lexico_po `{Lexico A, Lexico B, !StrictOrder (@lexico A _)}
   `{!StrictOrder (@lexico B _)} : StrictOrder (@lexico (A * B) _).
 Proof.
   split.
-  * intros [x y]. apply prod_lexico_irreflexive.
+  - intros [x y]. apply prod_lexico_irreflexive.
     by apply (irreflexivity lexico y).
-  * intros [??] [??] [??] ??.
+  - intros [??] [??] [??] ??.
     eapply prod_lexico_transitive; eauto. apply transitivity.
 Qed.
 Instance prod_lexico_trichotomyT `{Lexico A, tA : !TrichotomyT (@lexico A _)}
@@ -119,8 +119,8 @@ Instance list_lexico_po `{Lexico A, !StrictOrder (@lexico A _)} :
   StrictOrder (@lexico (list A) _).
 Proof.
   split.
-  * intros l. induction l. by intros ?. by apply prod_lexico_irreflexive.
-  * intros l1. induction l1 as [|x1 l1]; intros [|x2 l2] [|x3 l3] ??; try done.
+  - intros l. induction l. by intros ?. by apply prod_lexico_irreflexive.
+  - intros l1. induction l1 as [|x1 l1]; intros [|x2 l2] [|x3 l3] ??; try done.
     eapply prod_lexico_transitive; eauto.
 Qed.
 Instance list_lexico_trichotomy `{Lexico A, tA : !TrichotomyT (@lexico A _)} :
@@ -142,8 +142,8 @@ Instance sig_lexico_po `{Lexico A, !StrictOrder (@lexico A _)}
   (P : A → Prop) `{∀ x, ProofIrrel (P x)} : StrictOrder (@lexico (sig P) _).
 Proof.
   unfold lexico, sig_lexico. split.
-  * intros [x ?] ?. by apply (irreflexivity lexico x). 
-  * intros [x1 ?] [x2 ?] [x3 ?] ??. by transitivity x2.
+  - intros [x ?] ?. by apply (irreflexivity lexico x). 
+  - intros [x1 ?] [x2 ?] [x3 ?] ??. by transitivity x2.
 Qed.
 Instance sig_lexico_trichotomy `{Lexico A, tA : !TrichotomyT (@lexico A _)}
   (P : A → Prop) `{∀ x, ProofIrrel (P x)} : TrichotomyT (@lexico (sig P) _).

theories/listset.v

@@ -21,9 +21,9 @@ Global Opaque listset_singleton listset_empty.
 Global Instance: SimpleCollection A (listset A).
 Proof.
   split.
-  * by apply not_elem_of_nil.
-  * by apply elem_of_list_singleton.
-  * intros [?] [?]. apply elem_of_app.
+  - by apply not_elem_of_nil.
+  - by apply elem_of_list_singleton.
+  - intros [?] [?]. apply elem_of_app.
 Qed.
 Lemma listset_empty_alt X : X ≡ ∅ ↔ listset_car X = [].
 Proof.
@@ -50,24 +50,24 @@ Instance listset_filter: Filter A (listset A) := λ P _ l,
 Instance: Collection A (listset A).
 Proof.
   split.
-  * apply _.
-  * intros [?] [?]. apply elem_of_list_intersection.
-  * intros [?] [?]. apply elem_of_list_difference.
+  - apply _.
+  - intros [?] [?]. apply elem_of_list_intersection.
+  - intros [?] [?]. apply elem_of_list_difference.
 Qed.
 Instance listset_elems: Elements A (listset A) := remove_dups ∘ listset_car.
 Global Instance: FinCollection A (listset A).
 Proof.
   split.
-  * apply _.
-  * intros. apply elem_of_remove_dups.
-  * intros. apply NoDup_remove_dups.
+  - apply _.
+  - intros. apply elem_of_remove_dups.
+  - intros. apply NoDup_remove_dups.
 Qed.
 Global Instance: CollectionOps A (listset A).
 Proof.
   split.
-  * apply _.
-  * intros ? [?] [?]. apply elem_of_list_intersection_with.
-  * intros [?] ??. apply elem_of_list_filter.
+  - apply _.
+  - intros ? [?] [?]. apply elem_of_list_intersection_with.
+  - intros [?] ??. apply elem_of_list_filter.
 Qed.
 End listset.
 
@@ -102,10 +102,10 @@ Instance listset_join: MJoin listset := λ A, mbind id.
 Instance: CollectionMonad listset.
 Proof.
   split.
-  * intros. apply _.
-  * intros ??? [?] ?. apply elem_of_list_bind.
-  * intros. apply elem_of_list_ret.
-  * intros ??? [?]. apply elem_of_list_fmap.
-  * intros ? [?] ?. unfold mjoin, listset_join, elem_of, listset_elem_of.
+  - intros. apply _.
+  - intros ??? [?] ?. apply elem_of_list_bind.
+  - intros. apply elem_of_list_ret.
+  - intros ??? [?]. apply elem_of_list_fmap.
+  - intros ? [?] ?. unfold mjoin, listset_join, elem_of, listset_elem_of.
     simpl. by rewrite elem_of_list_bind.
 Qed.

theories/listset_nodup.v

@@ -39,11 +39,11 @@ Instance listset_nodup_filter: Filter A C := λ P _ l,