Merge PR #10966: `assert_succeeds`&`assert_fails`: multisuccess fix

Reviewed-by: SkySkimmer
Reviewed-by: Zimmi48

2 files changed, 15 insertions, 2 deletions

diff --git a/doc/changelog/04-tactics/10966-assert-succeeds-once.rst b/doc/changelog/04-tactics/10966-assert-succeeds-once.rst
new file mode 100644
index 0000000000..09bef82c80
--- /dev/null
+++ b/doc/changelog/04-tactics/10966-assert-succeeds-once.rst
@@ -0,0 +1,11 @@
+- The :tacn:`assert_succeeds` and :tacn:`assert_fails` tactics now
+  only run their tactic argument once, even if it has multiple
+  successes.  This prevents blow-up and looping from using
+  multisuccess tactics with :tacn:`assert_succeeds`.  (`#10966
+  <https://github.com/coq/coq/pull/10966>`_ fixes `#10965
+  <https://github.com/coq/coq/issues/10965>`_, by Jason Gross).
+
+- The :tacn:`assert_succeeds` and :tacn:`assert_fails` tactics now
+  behave correctly when their tactic fully solves the goal.  (`#10966
+  <https://github.com/coq/coq/pull/10966>`_ fixes `#9114
+  <https://github.com/coq/coq/issues/9114>`_, by Jason Gross).
diff --git a/doc/sphinx/proof-engine/ltac.rst b/doc/sphinx/proof-engine/ltac.rst
index 79eddbd3b5..6efc634087 100644
--- a/doc/sphinx/proof-engine/ltac.rst
+++ b/doc/sphinx/proof-engine/ltac.rst
@@ -516,7 +516,9 @@ Coq provides a derived tactic to check that a tactic *fails*:
 .. tacn:: assert_fails @ltac_expr
    :name: assert_fails
 
-   This behaves like :n:`tryif @ltac_expr then fail 0 tac "succeeds" else idtac`.
+   This behaves like :tacn:`idtac` if :n:`@ltac_expr` fails, and
+   behaves like :n:`fail 0 @ltac_expr "succeeds"` if :n:`@ltac_expr`
+   has at least one success.
 
 Checking the success
 ~~~~~~~~~~~~~~~~~~~~
@@ -528,7 +530,7 @@ success:
    :name: assert_succeeds
 
    This behaves like
-   :n:`tryif (assert_fails tac) then fail 0 tac "fails" else idtac`.
+   :n:`tryif (assert_fails @ltac_expr) then fail 0 @ltac_expr "fails" else idtac`.
 
 Solving
 ~~~~~~~