1. 03 Oct, 2018 1 commit
  2. 25 Jun, 2018 1 commit
  3. 14 Jun, 2018 1 commit
  4. 05 Jun, 2018 1 commit
  5. 20 Jan, 2018 1 commit
    • Robbert Krebbers's avatar
      Consistently name `wp_value_inv`. · 6edc1fe3
      Robbert Krebbers authored
      We already used the following naming convention: `wp_value'` is stated in
      terms of `of_val` and `wp_value` is stated in terms of `IntoVal`. This
      commit applies this convention to `wp_value_inv` as well.
      6edc1fe3
  6. 11 Dec, 2017 1 commit
  7. 07 Dec, 2017 2 commits
  8. 26 Nov, 2017 1 commit
  9. 09 Nov, 2017 3 commits
  10. 08 Nov, 2017 4 commits
  11. 30 Oct, 2017 1 commit
  12. 26 Oct, 2017 1 commit
  13. 25 Oct, 2017 1 commit
    • Robbert Krebbers's avatar
      Make `iDestruct ... as (cpat) "..."` work on '⌜φ⌝ ∧ P` and `⌜φ⌝ ∗ P`. · c5045145
      Robbert Krebbers authored
      The advantage is that we can directly use a Coq introduction pattern
      `cpat` to perform actions to the pure assertion. Before, this had
      to be done in several steps:
      
        iDestruct ... as "[Htmp ...]"; iDestruct "Htmp" as %cpat.
      
      That is, one had to introduce a temporary name.
      
      I expect this to be quite useful in various developments as many of
      e.g. our invariants are written as:
      
        ∃ x1 .. x2, ⌜ pure stuff ⌝ ∗ spacial stuff.
      c5045145
  14. 27 Sep, 2017 1 commit
    • Robbert Krebbers's avatar
      Fix issue #99. · 7ed067a9
      Robbert Krebbers authored
      This causes a bit of backwards incompatibility: it may now succeed with
      later stripping below unlocked/TC transparent definitions. This problem
      actually occured for `wsat`.
      7ed067a9
  15. 26 Sep, 2017 1 commit
    • Robbert Krebbers's avatar
      Fix issue #98. · e17ac4ad
      Robbert Krebbers authored
      We used to normalize the goal, and then checked whether it was of
      a certain shape. Since `uPred_valid P` normalized to `True ⊢ P`,
      there was no way of making a distinction between the two, hence
      `True ⊢ P` was treated as `uPred_valid P`.
      
      In this commit, I use type classes to check whether the goal is of
      a certain shape. Since we declared `uPred_valid` as `Typeclasses
      Opaque`, we can now make a distinction between `True ⊢ P` and
      `uPred_valid P`.
      e17ac4ad
  16. 24 Mar, 2017 1 commit
  17. 15 Mar, 2017 1 commit
  18. 11 Feb, 2017 1 commit
  19. 24 Jan, 2017 1 commit
  20. 12 Jan, 2017 1 commit
  21. 09 Jan, 2017 1 commit
  22. 06 Jan, 2017 1 commit
  23. 05 Jan, 2017 1 commit
  24. 03 Jan, 2017 1 commit
  25. 09 Dec, 2016 4 commits
  26. 24 Nov, 2016 1 commit
  27. 22 Nov, 2016 1 commit
  28. 03 Nov, 2016 1 commit
    • Robbert Krebbers's avatar
      Use symbol ∗ for separating conjunction. · cc31476d
      Robbert Krebbers authored
      The old choice for ★ was a arbitrary: the precedence of the ASCII asterisk *
      was fixed at a wrong level in Coq, so we had to pick another symbol. The ★ was
      a random choice from a unicode chart.
      
      The new symbol ∗ (as proposed by David Swasey) corresponds better to
      conventional practise and matches the symbol we use on paper.
      cc31476d
  29. 28 Oct, 2016 2 commits
  30. 25 Oct, 2016 1 commit
    • Robbert Krebbers's avatar
      Generalize update tactics into iMod and iModIntro for modalities. · fc30ca08
      Robbert Krebbers authored
      There are now two proof mode tactics for dealing with modalities:
      
      - `iModIntro` : introduction of a modality
      - `iMod pm_trm as (x1 ... xn) "ipat"` : eliminate a modality
      
      The behavior of these tactics can be controlled by instances of the `IntroModal`
      and `ElimModal` type class. We have declared instances for later, except 0,
      basic updates and fancy updates. The tactic `iMod` is flexible enough that it
      can also eliminate an updates around a weakest pre, and so forth.
      
      The corresponding introduction patterns of these tactics are `!>` and `>`.
      
      These tactics replace the tactics `iUpdIntro`, `iUpd` and `iTimeless`.
      
      Source of backwards incompatability: the introduction pattern `!>` is used for
      introduction of arbitrary modalities. It used to introduce laters by stripping
      of a later of each hypotheses.
      fc30ca08