1. 06 Mar, 2016 2 commits
  2. 05 Mar, 2016 3 commits
  3. 02 Mar, 2016 1 commit
  4. 01 Mar, 2016 1 commit
  5. 25 Feb, 2016 3 commits
  6. 24 Feb, 2016 6 commits
  7. 23 Feb, 2016 4 commits
  8. 22 Feb, 2016 3 commits
    • Robbert Krebbers's avatar
      Move global functor construction to its own file and define notations. · 457a11d9
      Robbert Krebbers authored
      And now the part that I forgot to commit.
      457a11d9
    • Robbert Krebbers's avatar
      Restraint instance search for global functors. · e0d0f8dd
      Robbert Krebbers authored
      Also, give all these global functors the suffix GF to avoid shadowing
      such as we had with authF.
      
      And add some type annotations for clarity.
      e0d0f8dd
    • Ralf Jung's avatar
      add the infrastructure for Coq to automatically infer the "inG" instances · 95c486ef
      Ralf Jung authored
      I added a new typeclass "inGF" to witness that a particular *functor* is part of \Sigma. inG, in contrast, witnesses a particular *CMRA* to be in there, after applying the functor to "\later iProp".
      inGF can be inferred if that functor is consed to the head of \Sigma, and it is preserved by consing a new functor to \Sigma. This is not the case for inG since the recursive occurence of \Sigma also changes.
      For evry construction (auth, sts, saved_prop), there is an instance infering the respective authG, stsG, savedPropG from an inGF. There is also a global inG_inGF, but Coq is unable to use it.
      
      I tried to instead have *only* inGF, since having both typeclasses seemed weird. However, then the actual type that e.g. "own" is about is the result of applying a functor, and Coq entirely fails to infer anything.
      
      I had to add a few type annotations in heap.v, because Coq tried to use the "authG_inGF" instance before the A got fixed, and ended up looping and expanding endlessly on that proof of timelessness.
      This does not seem entirely unreasonable, I was honestly surprised Coq was able to infer the types previously.
      95c486ef
  9. 21 Feb, 2016 2 commits
  10. 20 Feb, 2016 3 commits
  11. 19 Feb, 2016 1 commit
  12. 18 Feb, 2016 2 commits
  13. 17 Feb, 2016 6 commits
  14. 16 Feb, 2016 3 commits
    • Robbert Krebbers's avatar
    • Robbert Krebbers's avatar
      Use bundled type classes for ghost ownership. · b07dd0b5
      Robbert Krebbers authored
      * These type classes bundle an identifier into the global CMRA with a proof
        that the identifier points to the correct CMRA. Bundling allows us to get
        rid of many arguments everywhere.
      
      * I have setup the type classes so that we no longer have to keep track of the
        global CMRA identifiers. These are implicit and resolved automatically.
      
      * For heap I am also bundling the name of the heap RA instance. There always
        should be at most one heap instance so this does not introduce ambiguities.
      
      * We now have a "maps to" notation!
      b07dd0b5
    • Robbert Krebbers's avatar
      Many STS tweaks: · 9997d0ef
      Robbert Krebbers authored
      * Clearly separate the file algebra/sts in three parts:
        1.) The definition of an STS, step relations, and closure stuff
        2.) The construction as a disjoint RA (this module should never be used)
        3.) The construction as a CMRA with many derived properties
      * Turn stsT into a canonical structure so that we can make more of its arguments
        implicit.
      * Rename the underlying step relation of STSs to prim_step (similar naming as
        for languages, but here in a module to avoid ambiguity)
      * Refactor program_logic/sts by moving general properties of the STS CMRA to
        algebra/sts.v
      * Make naming and use of modules in program_logic/sts more consistent with
        program_logic/auth and program_logic/saved_prop
      * Prove setoid properties of all definitions in program_logic/sts
      9997d0ef