pl/frap
1
0
Fork 0
mirror of https://github.com/achlipala/frap.git synced 2024-11-10 00:07:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Renaming invariantFor_monotone to invariant_weaken

Browse source
This commit is contained in:
Adam Chlipala 2016-02-15 18:59:39 -05:00
parent e669e53157
commit 53925f1a1f
2 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Invariant.v
View file

@ -22,7 +22,7 @@ Proof.
firstorder.
Qed.
Theorem invariantFor_monotone : forall {state} (sys : trsys state)
Theorem invariant_weaken : forall {state} (sys : trsys state)
(invariant1 invariant2 : state -> Prop),
invariantFor sys invariant1
-> (forall s, invariant1 s -> invariant2 s)

4
TransitionSystems.v
View file

@ -647,7 +647,7 @@ Qed.
(* Now, to prove our final result about the two incrementing threads, let's use
* a more general fact, about when one invariant implies another. *)
Theorem invariantFor_weaken : forall {state} (sys : trsys state)
Theorem invariant_weaken : forall {state} (sys : trsys state)
(invariant1 invariant2 : state -> Prop),
invariantFor sys invariant1
-> (forall s, invariant1 s -> invariant2 s)
@ -674,7 +674,7 @@ Theorem increment2_sys_correct : forall s,
Proof.
simplify.
eapply use_invariant.
apply invariantFor_weaken with (invariant1 := increment2_invariant).
apply invariant_weaken with (invariant1 := increment2_invariant).
(* Note the use of a [with] clause to specify a quantified variable's
* value. *)