Proofreading SeparationLogic

SeparationLogic.v

@@ -327,11 +327,11 @@ Inductive hoare_triple : forall {result}, hprop -> cmd result -> (result -> hpro
 | HtFrame : forall {result} (c : cmd result) P Q R,
     hoare_triple P c Q
     -> hoare_triple (P * R)%sep c (fun r => Q r * R)%sep.
-(* The *frame rule* is the other big idea of separation.  We can extend any
+(* The *frame rule* is the other big idea of separation logic.  We can extend
- * Hoare triple by starring an arbitrary assertion [R] into both precondition
+ * any Hoare triple by starring an arbitrary assertion [R] into both
- * and postcondition.  Note that rule [HtRead] built in a variant of the frame
+ * precondition and postcondition.  Note that rule [HtRead] built in a variant
- * rule, where the frame predicate [R] may depend on the value [v] being read.
+ * of the frame rule, where the frame predicate [R] may depend on the value [v]
- * The other operations can use this generic frame rule instead. *)
+ * being read.  The other operations can use this generic frame rule instead. *)
 
 
 Notation "{{ P }} c {{ r ~> Q }}" :=
@@ -1266,7 +1266,7 @@ Qed.
 Fixpoint linkedListSegment (p : nat) (ls : list nat) (q : nat) :=
   match ls with
     | nil => [| p = q |]
-    | x :: ls' => [| p <> 0 |] * exists p', p |-> x * (p+1) |-> p' * linkedListSegment p' ls' q
+    | x :: ls' => [| p <> 0 |] * exists p', p |--> [x; p'] * linkedListSegment p' ls' q
   end%sep.
 
 (* Next, two [linkedListSegment] lemmas analogous to those for [linkedList]
@@ -1280,7 +1280,7 @@ Qed.
 
 Lemma linkedListSegment_append : forall q r x ls p,
   q <> 0
-  -> linkedListSegment p ls q * q |-> x * (q+1) |-> r ===> linkedListSegment p (ls ++ x :: nil) r.
+  -> linkedListSegment p ls q * q |--> [x; r] ===> linkedListSegment p (ls ++ x :: nil) r.
 Proof.
   induct ls; cancel; auto.
   subst; cancel.