coq-club AT inria.fr
Subject: The Coq mailing list
List archive
Re: [Coq-Club] [coq-club] Best way to prove properties of Program Fixpoint with measure function
Chronological Thread
- From: Merlin Göttlinger <megoettlinger AT gmail.com>
- To: coq-club AT inria.fr
- Subject: Re: [Coq-Club] [coq-club] Best way to prove properties of Program Fixpoint with measure function
- Date: Mon, 05 Mar 2018 12:59:29 +0000
- Authentication-results: mail2-smtp-roc.national.inria.fr; spf=None smtp.pra=megoettlinger AT gmail.com; spf=Pass smtp.mailfrom=megoettlinger AT gmail.com; spf=None smtp.helo=postmaster AT mail-io0-f173.google.com
- Ironport-phdr: 9a23:pshX+h8JJlAFFP9uRHKM819IXTAuvvDOBiVQ1KB41e0cTK2v8tzYMVDF4r011RmVBd6ds6oMotGVmpioYXYH75eFvSJKW713fDhBt/8rmRc9CtWOE0zxIa2iRSU7GMNfSA0tpCnjYgBaF8nkelLdvGC54yIMFRXjLwp1Ifn+FpLPg8it2O2+55Pebx9UiDahfLh/MAi4oQLNu8cMnIBsMLwxyhzHontJf+RZ22ZlLk+Nkhj/+8m94odt/zxftPw9+cFAV776f7kjQrxDEDsmKWE169b1uhTFUACC+2ETUmQSkhpPHgjF8BT3VYr/vyfmquZw3jSRMMvrRr42RDui9b9mRxDmiCgFNzA3/mLZhNFugq1Hux+uvQBzzpTObY2JKPZzfKXQds4aS2pbWcZRUjRMDISiYIsVC+oBPOBYoJH8qUMIsRu+GQ2sBOLpyj9HmHD2x7Ax3uMkEQ7Y0wwgGMwBsGjIrNXxNacSV++1w7fSzTjYYPNW3C3y6InMchw7vf6MWrdwfNPXxEIyGQ3FiVCQppbkPzOTzukNvGmb7/ZgVeKykGErsR1+oj+qxsoql4LHhZoVx0ja+SllxIs5P961RU5hbdK6DpdduTuWO5Z0T84sRWxjpTw0xaccuZGheSgH0JQnyADba/yAa4WI5wjsVOeVITthhXJlf66ziw+88US9yODxWNO40FlNripCndnMsm4C2wbP5ciAT/tx5kah2TCR2ADP8uxIP1w4mK7BJ5MiwrM8jIQfvVrNEyPshUn7jqGbel0h+uey6uTnZrvmpoWbN49xkgz+N7ohmsO4AesmLggOQ2yb+eW61L3s40L5Wq5HjvIzkqbDsZDaId4XqbK+Aw9Qyooj8QqwDy+60NQEmnkKNE5KeBWej4TwJ17OJO34AuykjlS3kDZrwujGMaf7DpXMKHjDirbhcqxn505S0gpghexYsplTE/QKJO/5ck73rt3RSBEjYCKuxOOyLdhn0oIYbk0RHrOdMaXdvEXAsuciLO6BeJMRuTDyJuIN6PvnjHt/klgYK/r6laALYWy1S6w1a36SZmDh149YQDU6+zEmRemvs2WsFDtaZnK8RaU5v2hpB4evDIOFTYeo0uXYgHWLW6ZOb2UDMWiiVG/yftzdCfgJYSOWZMRml25cDOXze8oazRir8TTC5f9nI+7ToHNKsJvi0J104LWWm0htrnp7CMOS12zLRGZxzDsF
Hi,
to give the complete definition in a self contained way I would have to include many many files, but here is the fixpoint definition if that helps: https://gist.github.com/mgttlinger/6b37299dac61b07348b4feddc6e1d375
The EnvT it returns is basically (nat -> nat) * failure (list eqn) where failure is a sum where the left and right type are the same. "fail:" and "succ:" are notations for the sum injections.
The free_nominals parameter is a stream (nat -> nat) of fresh "names" in the context the function is called from, which is modified when names are used in recursive calls.
It doesn't involve dependent types (or at least not in an obvious way) but the term that Program generates is packed full of existT and proofs (given that the function generates over 200 obligations) and is 12k lines long...
Cheers,
Merlin
Pierre Courtieu <pierre.courtieu AT gmail.com> schrieb am Mo., 5. März 2018 um 12:52 Uhr:
HiUsually well founded induction (using the same well founded relation than the one used for your function) is the way to go.If your function has dependent types this is indeed not covered by Function. Can you give your definition?Best regardsPierreLe lun. 5 mars 2018 à 10:05, Merlin Göttlinger <megoettlinger AT gmail.com> a écrit :Hi all,I have a complicated Program Fixpoint that gets folded over a list of inputs and involves a state monad (allowing the function to choose fresh variable names during its processing of the input syntax). The initial state for that is calculated from the input list. (The resulting state after the fold is discarded)Now I want to prove that this transformation is actually correct with respect to a notion of equivalence I defined, but I find myself in the situation that induction over the input list doesn't work because the generated IH is not usable (if the input list has one element more, the free variable names also change) and also proving that this Program Fixpoint is correct w.r.t. my equivalence doesn't work by "normal" induction for the same reason.What is the way to go here?I heard about functional induction but Functional Scheme isn't able to process my fixpoint and after computing for a few seconds fails with Error: Cannot define graph(s) for rule_transform_funcI heard about well-founded induction. If that is the way to go, is there a way to reuse that information that Program must have generated in an elegant way?Cheers,Merlin
- [Coq-Club] [coq-club] Best way to prove properties of Program Fixpoint with measure function, Merlin Göttlinger, 03/05/2018
- Re: [Coq-Club] [coq-club] Best way to prove properties of Program Fixpoint with measure function, Pierre Courtieu, 03/05/2018
- Re: [Coq-Club] [coq-club] Best way to prove properties of Program Fixpoint with measure function, Merlin Göttlinger, 03/05/2018
- Re: [Coq-Club] [coq-club] Best way to prove properties of Program Fixpoint with measure function, Joachim Breitner, 03/05/2018
- Re: [Coq-Club] [coq-club] Best way to prove properties of Program Fixpoint with measure function, Merlin Göttlinger, 03/05/2018
- RE: [Coq-Club] [coq-club] Best way to prove properties of Program Fixpoint with measure function, Soegtrop, Michael, 03/05/2018
- Re: [Coq-Club] [coq-club] Best way to prove properties of Program Fixpoint with measure function, Joachim Breitner, 03/05/2018
- Re: [Coq-Club] [coq-club] Best way to prove properties of Program Fixpoint with measure function, Merlin Göttlinger, 03/05/2018
- Re: [Coq-Club] [coq-club] Best way to prove properties of Program Fixpoint with measure function, Merlin Göttlinger, 03/05/2018
- Re: [Coq-Club] [coq-club] Best way to prove properties of Program Fixpoint with measure function, Joachim Breitner, 03/05/2018
- Re: [Coq-Club] [coq-club] Best way to prove properties of Program Fixpoint with measure function, Merlin Göttlinger, 03/05/2018
- Re: [Coq-Club] [coq-club] Best way to prove properties of Program Fixpoint with measure function, Pierre Courtieu, 03/05/2018
Archive powered by MHonArc 2.6.18.