1. 02 Jul, 2018 1 commit
  2. 30 Jun, 2018 1 commit
  3. 29 Jun, 2018 3 commits
  4. 14 Jun, 2018 2 commits
  5. 13 Jun, 2018 1 commit
  6. 06 Jun, 2018 2 commits
  7. 17 May, 2018 1 commit
  8. 27 Apr, 2018 1 commit
  9. 23 Apr, 2018 2 commits
  10. 13 Jan, 2018 1 commit
  11. 07 Dec, 2017 1 commit
  12. 05 Dec, 2017 1 commit
  13. 30 Nov, 2017 1 commit
  14. 09 Nov, 2017 3 commits
  15. 08 Nov, 2017 2 commits
  16. 25 Sep, 2017 3 commits
    • Robbert Krebbers's avatar
      Let stateful tactics try all decompositions. · 284ccdd5
      Robbert Krebbers authored
      This problem has been reported by Léon Gondelman.
      
      Before, when using, for example wp_alloc, in an expression like:
      
        ref (ref v)
      
      It would apply `tac_wp_alloc` to the outermost ref, after which it
      fails to establish that the argument `ref v` is a value. In this
      commit, other evaluation positions will be tried whenever it turn
      out that the argument of the construct is not a value. The same
      applies to store/cas/...
      
      I have implemented this by making use of the new `IntoVal` class.
      284ccdd5
    • Dan Frumin's avatar
      Add a `repeat (wp_pure _)` example. · 8e4f1524
      Dan Frumin authored
      8e4f1524
    • Dan Frumin's avatar
      The `PureExec` typeclass for performing pure symbolic executions. · bbcd2c84
      Dan Frumin authored
      Instead of writing a separate tactic lemma for each pure reduction,
      there is a single tactic lemma for performing all of them.
      
      The instances of PureExec can be shared between WP tactics and, e.g.
      symbolic execution in the ghost  threadpool
      bbcd2c84
  17. 05 Jan, 2017 1 commit
  18. 03 Jan, 2017 1 commit
  19. 09 Dec, 2016 3 commits
  20. 08 Dec, 2016 1 commit
  21. 24 Nov, 2016 1 commit
  22. 22 Nov, 2016 2 commits
    • Robbert Krebbers's avatar
      Make nclose an explicit coercion. · 274209c2
      Robbert Krebbers authored and Ralf Jung's avatar Ralf Jung committed
      We do this by introducing a type class UpClose with notation ↑.
      
      The reason for this change is as follows: since `nclose : namespace
      → coPset` is declared as a coercion, the notation `nclose N ⊆ E` was
      pretty printed as `N ⊆ E`. However, `N ⊆ E` could not be typechecked
      because type checking goes from left to right, and as such would look
      for an instance `SubsetEq namespace`, which causes the right hand side
      to be ill-typed.
      274209c2
    • Ralf Jung's avatar
      new notation for pure assertions · 99cbb525
      Ralf Jung authored
      99cbb525
  23. 01 Nov, 2016 1 commit
  24. 28 Oct, 2016 1 commit
  25. 25 Oct, 2016 1 commit
  26. 12 Oct, 2016 1 commit
  27. 27 Sep, 2016 1 commit