coq-club AT inria.fr

Subject: The Coq mailing list

List archive

Re: [Coq-Club] Prove the existence of pairwise matched stream

From: Jannis Limperg <jannis AT limperg.de>
To: coq-club AT inria.fr
Subject: Re: [Coq-Club] Prove the existence of pairwise matched stream
Date: Fri, 12 Jul 2019 15:17:11 +0200
Authentication-results: mail3-smtp-sop.national.inria.fr; spf=None smtp.pra=jannis AT limperg.de; spf=Pass smtp.mailfrom=jannis AT limperg.de; spf=Pass smtp.helo=postmaster AT limperg.de
Autocrypt: addr=jannis AT limperg.de; prefer-encrypt=mutual; keydata= xsFNBFJmb9gBEADf829FjAcaY+f8va5UYDj3aEegZYd4tz5HZl0b74KToNRjuSEqm2dUyFmd QYvGL46naVuyR+VML6xrwj7XXOboiivB6/nJqAzQZDYUxWNRqQktJhJI+SDiM2zsDISFWlA0 7Ylln/G0pMnZGg8JFTnJdUmsKG9H0o25SL1NOYzJOfm2CqWfRfPzhL513WXREvz3BhZ0JuzQ vh7dQnhCWr1MGi/1Tclz14+2dpOJZOw1KElapizXGmQBouD//zFGjAdIa0Jti950JEn1oXvL iocrPy4+8X3Dxqeyvv07za3omMBoHJObBI/PHQAT1SuBb2qGcmX4MC01MMOztg9gUDimkedb g6Nl4uxSfw6PTdlnO5VrJ1qo7pbk5lXBiAMUvAavoNphdrx/nW1TMXZyYWQ/aQg5dwEdlfvJ xTNQrah64zduVmSoyaeDq60+RmdxGK09ZDm2Rm3IOS5slrzIzaaAGRwxMSUpXVTsyQ9zR//6 yAP4zXueZM5UdY2eZzybPuJSBbzgq03shIMaXi5xViJteFYIkYyjOmayEPMyjCHMmraH4xDC q8HBZFhw+wcRlqLhExNqcG6AM0ir+2/HTZ6m8x1DhJaXO9y5QZeMG5x1NPXb77Ipu3krnobH kT4lxVpFpGb0UNENkn9r9lE6iEAwXsy0H9mDoK80DrgqOavAdwARAQABzSJKYW5uaXMgTGlt cGVyZyA8amFubmlzQGxpbXBlcmcuZGU+wsF/BBMBAgApAhsDBwsJCAcDAgEGFQgCCQoLBBYC AwECHgECF4AFAle6c3UFCQ66BR0ACgkQRyP5rVs4NbmXzhAAgfVHTVDRRxe7PQLYcg4zJ1Dn OVvgk4Y081lhcoFY08DHW1VIbThoZbyWzUeeWjdhCdjCuqBMYSOqZMCqW+x/PJSZ/OWpUifC rGRatwXcEjWhXN/NTfqsejlxisBsUY5+7iGXPP1BlyFMbMOty3Zh29ysfXvz38VE4stcKEPW 2gp68EFlaZ4PwjajRsJDr4uLpFmyCLifvAxjPafGh789IgZgMSYjeOyO/d1eGPdPdcl9LZCp XyPbGjFqJzjOfTrQdvSyK+3FyVIyvGp/147fZlSVhb5XmzXBJ+g2MUt7L4tQ5Nv7iFg73lA8 O7SjI22HdrlxqLq+4E3Q7m1N3ywvaUnf4x4llg1dPyBP8nHQDchzK0nJzKIjG7wy1L9pHro1 twJiBBf3MoOxu56S0XiIkTYXedBMSx7Ni70JPt8oJpNL5onmwhOxfJyUQvo+wtiE4z6ih5+7 JpQA56cX+3YtPgwGB0V3frugu/hHHbPKGaAj9h8wCa+70oiR0lSGh+Vwo9ujp28F94ZgYe9x F2+T/8FcxgzCsgKSxvei3DPSA6wg5P9nzTTrJPsUsKQCWAHC/GT6w3sNRtTfd5UIMwje6CVN wn4WMhRXzFuNd/AStq3mO9ve1FrDC8Xo7s2IsIdGUbYMFlqXd6ZObaOQOZzq6Xxw1fVz8ys7 NUygmI6LCDHOwU0EUmZv2AEQAPOVhy7syR2gESK0gvSiN7uilnJgtI3+boxg+RJvv5l2QN0G apSwjB9DC77Ph7PWlzq+sVTqoeU92mFnjRxBV6o6ZeT6A0+a0rc8eTcWkFl8FIeI4HzJv4Dh DFpqe2MQqiXQ4ZNkmWeBkP7guN/o8UnMkT/EUJK2m1sDiQXHzj8vTgq9IVSIg1W2LsiE0x59 0ANR/ZTRYtbV/FeJKZCU+pGn3HMzLZxUUYd3L/CKWTlnpq4c7Qp86ieoaOMHbHn57QNz+1ZF jDdOer071DivWDvwkvSB2h7HOlt6OGglLbD72dfb/QyeNqkC60tXm+m6UbKfkM6smrjYSdSD 2qiNG301WEJVxygUjPGeH8edHnoY4q6UMQCy2tvX9V5htTAOVSJBvivzLpcjkjwIR0m2C8lX zl4EZu4FgrOnseR/B4jzDRY4JXZvOR6B8FAxUbprnQKty9dmEIstZbEOrbh8b8HRlnPid6HP Ep0AcO0HMyKKiJKRr0AZlq6k707k5Tklv8m3ufY5cIlop/iMDCkvUkmOM5/RWQhn3S80eM/J Do4uRq69Y6Kvhw1hgsheaX2iu9D6IPuVPabaO4Qy5GG6JgnVqFypavdenLuoh5hG2iVU5GNZ AMrr6qT1VOm8BrOJlnsK5S6RpkaJCcabazpeY6H9fMu+xaf1OnIVzksu+s7fABEBAAHCwWUE GAECAA8CGwwFAle6c4sFCQ66BTMACgkQRyP5rVs4NbktQQ/7BsUQ9ib5DabpYyt3pv6SiRh9 YG9mDRWIBYTjD+Em3EskJmA0w0M4En/kH41zAO5/NNZdn5oRWEsfXYsOmJWDs93PPhkOf3EI GOV15tDh4o8M6/I2QUgr416UvsP47kPAEOJw8BX4kr+yHcclDfueR37u/ofv7hYd3LzHPkCO DCAoeUUPdkVBUBYupFrP9RoaQfSXR0elxLhtol75jKPwIOc+9CnspnuWhACzIdIqj1E8dCE9 VA8IhcrVjrIvDHKN6cd0u0+fwgMoXSlMWK6KrLv8aVFERE5nK9YOYC6BE51Zku+2Wjz6oYUt BfLw9EMdXloFBMhihthwb9Q5wiyrkETySXm9QEx9ivm5txJOBFHk9K10I2kGKm2SV/DITgYS Dbn+hsbRpmlsVmHaOH8cCQK2bLQV2Zt6122FPkI0tdpPZTsprpqfZyGqYmucpXr4DaopBqS4 if9AclvL29efMkRQmd6wB/1aycdf/X1ge2AfyYi/m89k63iBJOT+IKzQWeRbuPndXKG4TKtz bqDlVNvEubuviOhowiCCl4cYXKH1577zPXaQF7qNtpjfVjNzTm9Y5628N338UF/G6moEodEQ Fw3inzuwteQqpAPFWbS7LMTAvTf+O3RdIQgS3eLWCTvGIr5HK7cZv8JLXRgiQakz2sw6CjIY umuuX9gSbYE=
Dkim-filter: OpenDKIM Filter v2.11.0 limperg.de 5E609261
Dkim-filter: OpenDKIM Filter v2.11.0 limperg.de B4E3C261
Ironport-phdr: 9a23:iqTzfRIHloMJok95g9mcpTZWNBhigK39O0sv0rFitYgRLfXxwZ3uMQTl6Ol3ixeRBMOHsqgC1rKd7vGocFdDyK7JiGoFfp1IWk1NouQttCtkPvS4D1bmJuXhdS0wEZcKflZk+3amLRodQ56mNBXdrXKo8DEdBAj0OxZrKeTpAI7SiNm82/yv95HJbAhEmSSxbalyIRmqogncts0bipZ+J6gszRfEvmFGcPlMy2NyIlKTkRf85sOu85Nm7i9dpfEv+dNeXKvjZ6g3QqBWAzogM2Au+c3krgLDQheV5nsdSWoZjBxFCBXY4R7gX5fxtiz6tvdh2CSfIMb7Q6w4VSik4qx2ThLjlSUJOCMj8GzPl8J+kqxbrhKiqRJxzYHbb4OaO+ZxcK7GYdMXRnBMUtpNWyFPAI6xaZYEAeobPeZfqonwv18AogG4BQmqBePv0SJDiHn33a0/y+QuDxvG3AM9FN8JsnTbttP1NKETUeCu16TIyTTDb/ZO2Tjj8ojIfQotruySUr9pd8fa1EchFwTAjlqKqIzlOSuY2fgNs2if7upgTfigi2o9pA1rpDig2Nssh4/UjYwW0lDJ7SV0zJw6KNC4UkJ3fMKoHZpKuy2EKYd6XtsuT39ytyom1LELvJq2czIWxJkixRPSbvKKfoyJ7x/mW+ucLyp0iXJgdb2jnRm/9Uatx+j/W8S7zVpHqi9IncTQunAD1xHe7NWMROFn8Ue7wzmP0hje6uFaLkAwkqrWM5ohwr81lpoLr0vDBCD2lF/rg6CIbkkk++6o5Pr7Yrj+ppKQLYB5hwHkPqgzhsCyAP40PhYQU2SH4ei80afs/Uz9QLVElP02lazZvYjYJcsBoK65BQ5V0p045ha7Djem1cwYkmcdLFJKYh6IkpbmN0nUIP/kFfe/n0iskDBzyv/aOb3hG4zBIWTHkLf8Zrlw8FVcyQo2zdBH/Z1YELABIPTpWk/wrtPUFBE5Mxbni9rgXd56z8YVXX+FKq6fKqLb91GStcw1JOzZRoYTvjfmY9wk4ubjl3BxzV0Ue6+oxrMTaXWgE+5pZUmUNym/yuwdGHsH61JtBNfhj0ePBGYKOySCGpkk7zR+M7qISJ/ZT9n30riA2T+2BJIQam0UUgnRQ0etTJ2NXrI3UAzXIsJllWVeB7ygTpcszx7ouAKokuM2fNqRwTURsNfY7PYw4uTSkR8o8jktVZaZ0mSVQnt72G8FFWY7
Openpgp: preference=signencrypt

Hey Igor,

here's a solution to your puzzle. Hope it helps! For more info, see the
CPDT chapter on coinduction [1]. In general, Coq's coinduction is a bit
annoying, so you may want to consider alternative representations. For
example, streams over T can also be represented as functions [nat -> T].

[1] http://adam.chlipala.net/cpdt/html/Cpdt.Coinductive.html

Cheers,
Jannis

Parameter T: Type.
Parameter R: T -> T -> Prop.

(* [{a' | R a a'}] is like [exists a', R a a'], but the latter only
allows you to extract the witness when you're building something in
Prop. Below, we'll need to build a stream (which lives in Type, not
Prop) using exists_all, so we need to use the 'stronger' existential.*)
Hypothesis exists_all : forall a, {a' | R a a'}.

CoInductive stream : Type :=
| sintro: forall a: T, stream -> stream.

Definition head (s : stream) : T :=
match s with
| sintro x xs => x
end.

Definition tail (s : stream) : stream :=
match s with
| sintro x xs => xs
end.

(* This 'trivial' lemma is a workaround for a limitation of Coq's
coinductive types. See below for a use case. *)
Lemma stream_eta : forall s, s = sintro (head s) (tail s).
Proof.
intro s. destruct s. reflexivity.
Qed.

CoInductive smatch : stream -> stream -> Prop :=
| smatch_intro:
forall a1 a2 s1' s2',
R a1 a2 ->
smatch s1' s2' ->
smatch (sintro a1 s1') (sintro a2 s2').

(* The solution to your original problem is to define the stream and the
proof that it matches separately. This is necessary because while stream
and smatch are coinductive types, [exists s', smatch s s'] is not, and
you can only use corecursion when constructing a coinductive type. *)
CoFixpoint matching_stream (s : stream) : stream :=
sintro (proj1_sig (exists_all (head s))) (matching_stream (tail s)).

Lemma matching_stream_matches : forall s, smatch s (matching_stream s).
Proof.
cofix rec.
intro s.
destruct s as [hd tl].
(* At this point, Coq does not reduce [matching_stream (sintro hd tl)]
(try cbn). This is why we need stream_eta. *)
rewrite (stream_eta (matching_stream (sintro hd tl))).
constructor; cbn.
- exact (proj2_sig (exists_all hd)).
- exact (rec tl).
Qed.

Theorem stream_ex:
forall s, exists s', smatch s s'.
Proof.
intro s. exists (matching_stream s). apply matching_stream_matches.
Defined.

[Coq-Club] Prove the existence of pairwise matched stream, Igor Jirkov, 07/12/2019
- Re: [Coq-Club] Prove the existence of pairwise matched stream, Jannis Limperg, 07/12/2019
- Re: [Coq-Club] Prove the existence of pairwise matched stream, Xavier Leroy, 07/12/2019
  - Re: [Coq-Club] Prove the existence of pairwise matched stream, Christian Doczkal, 07/13/2019
- Re: [Coq-Club] Prove the existence of pairwise matched stream, Maximilian Wuttke, 07/12/2019