coq-club AT inria.fr

Subject: The Coq mailing list

List archive

Re: [Coq-Club] Qed opacity and Coq standard library

From: Fabian Kunze <fabian.kunze AT cs.uni-saarland.de>
To: coq-club AT inria.fr
Subject: Re: [Coq-Club] Qed opacity and Coq standard library
Date: Fri, 23 Apr 2021 10:30:39 +0200
Authentication-results: mail2-smtp-roc.national.inria.fr; spf=None smtp.pra=fabian.kunze AT cs.uni-saarland.de; spf=Pass smtp.mailfrom=fabian.kunze AT cs.uni-saarland.de; spf=None smtp.helo=postmaster AT triton.rz.uni-saarland.de
Ironport-hdrordr: A9a23:Yx98xaPk6MxIWMBcTsSjsMiAIKoaSvp033AH3118ICY6TuW2jMar9c576TbRhCwKUH8t3fCMUZPufVrm+ZR44ZYcMN6ZNWGMhEKTMIpg4YH+qgeLJwTC8IdmuJtIQuxbAN30AUMSt6rH3DU=
Ironport-phdr: A9a23:SoJ11hJp3yEfrVMTatmcuHdhWUAX047cDksu8pMizoh2WeGdxfzKAkXT6L1XgUPTWs2DsrQY0ruQ6fm5EjVaut6oizMrSNR0TRgLiMEbzUQLIfWuLgnFFsPsdDEwB89YVVVorDmROElRH9viNRWJ+iXhpTEdFQ/iOgVrO+/7BpDdj9it1+C15pbffxhEiCCybL9vKBi6txvdutQLjYdtN6o91BXEqWZUdupLwm9lOUidlAvm6Meq+55j/SVQu/Y/+MNFTK73Yac2Q6FGATo/K2w669HluhfFTQuU+3sTSX4WnQZSAwjE9x71QJH8uTbnu+Vn2SmaOcr2Ta0oWTmn8qxmRgPkhDsBOjUk927Zl9FwjLlDoB2/uxN/34DaYIaQNPVkf6Pde84RSW5OU8tVUiBMBJ63YYkSAOobJetWspfzp1UOoxW9CwejCuzgxT1UiXH5xqA6z+csHBva0AA8Ed8DsnLZp8j1OqcIVuC1ybHFwzXZYPxN2Dfy8o7IeQ0kr/GRW7JxcNTewlQoGgPLlFqfso3lMCmT1ugXsGib8uxgVOOxhGM8tw5xuSKjxtoqionIn44V0UrL+j9jwIYxP9K4TlN0bcS5H5ROriyXMZZ9Tcw+TW9yoik61qEGtoChfCgM0JkpyRDSZuKIfYWJ4x/uVOacLzl3in97ZL+ymhW//Va+x+D+VMS531RHoylLnNTCtn0D2RLe5tSIR/Vz/kms1jKC2gbO4e9KJkA0kLDUK58nwrMol5oTt17DHi7sl0nsgq+WbF0o+uep6+T7YrXmu4STO5V1igH5Kqgun82/AfgiPgcQQmeb5OKx36Dg803hWLhGk/M7n6bDvJ3eJMkXvKy0DxVL3osj8xqyDDWr3M4FkXQFLV9JYgyLgofzN1zOJP31C+q0jU62nzdx3f/GO6XsApXTIXjHl7fsZap961RdyAovytBf4YhYCqsAIf7pR0/xst3YAgYiMwOu2ennEtF92ZkYWW2SGKOWLb3dvUeJ5uIpPeaMeJcYtCvzJvUq/fLjiX40lUUfcKWzw5caaGi0HvF8LEWYZXrsjM0BEWAPvgcmQuzlkkaNUT9JaHa0Ra485Sw7CISnDIjdXY2inKeB0D2mHp1QZ2BKE0uMHm3yeIWeX/cDciSSLdJ7njMZS7etU5Uh2g22tA/m17pnKfLZ9TEftZL6zdR6++nTlQwp+jFvFMSc02SNT3lukW8SRj822rp/oU1nxVuZ36h4ma8QKdsG7PRQFww+KJT0zupgCtm0VBiSUM2OTQOIS9+nCDd5bc830dJGN0h0EdSriFbAwiy4DpcejPqWAp1x6avVxXz4Ico7x3uQh/pptEUvXsYabT7uvaV47QWGW9+hu3XcrL6jcOEn5ACI9GqHygKmoFtZTAl2F7/XG20ZZw7NpN3j4krEQ/miBOZ/WiNxjPWaI64PUeXHyE1cTZ/LM8+YfmSw3ny5DAyMz7WAKobnKT119BWYM1ANlkUoxVjDMAE/Aim7pGe2JDd1U0/pYgb3+OBkrHq9Qgk4wlPTB3A=

Hi Jerome,

Note that no amount of evaluation can simplify "True /\ X" to X, as this expression is of type Prop, i.e. a logical proposition and not a computational boolean. "/\" is not a function defined by it's computational rules, but an inductive type whose values can be established by the 'conj' constructor:

''''
Inductive and (A B:Prop) : Prop :=
conj : A -> B -> A /\ B
where "A /\ B" := (and A B) : type_scope.
'''

On the other hand, booleans correspond to what you might have in mind: boolean conjunction "andb true x" will reduce to `x`.

Best,
Fabian
Am 4/21/2021 um 18:21 schrieb Jerome Hugues:

I still end up with terms like

= False /\

       ([] = [] /\

        (Feature (Ident "a_feature") inF eventPort

           (Component (Ident "") null (Ident "") [] [] [] []) [] =

         Feature (Ident "a_feature") inF eventPort

           (Component (Ident "") null (Ident "") [] [] [] []) [] \/ False) \/

        False)

     : Prop

And I believe an evaluation strategy would reduce those basic terms to either True or False without intervention. But I fail to establish one. It works in some cases, but not on other and I am trying to understand the pattern behind those.

Generally speaking, all my definitions are based on equality of some inductive types based on nat or lists of other inductive types. So the use case is rather narrow.

Thanks,

*From: *<coq-club-request AT inria.fr> on behalf of Jean-Christophe Léchenet <jean-christophe.lechenet AT inria.fr>
*Reply-To: *"coq-club AT inria.fr" <coq-club AT inria.fr>
*Date: *Wednesday, April 21, 2021 at 4:26 AM
*To: *"coq-club AT inria.fr" <coq-club AT inria.fr>
*Subject: *Re: [Coq-Club] Qed opacity and Coq standard library

Hi Jerome,

Two blog posts that are relevant to this topic :
- http://gallium.inria.fr/blog/coq-eval/ <http://gallium.inria.fr/blog/coq-eval/>
- https://gmalecha.github.io/reflections/2017/qed-considered-harmful <https://gmalecha.github.io/reflections/2017/qed-considered-harmful>

Not sure if that will help in your case, though.

Best,

Jean-Christophe

Le 20/04/2021 à 15:48, Jerome Hugues a écrit :

Hi,

At some point in my project, I use Defined rather than Qed to have
transparent proofs and use the Compute mechanisms to evaluate some
statements. This works nicely for my own theorems, but I am stuck
when this involves theorems provided by the Coq standard library,
NoDup_dec in my case, but ultimately this might extend to more
situations.

One quick and dirty work-around is to copy/paste the code, change
Qed into Defined and voila! But this is not satisfactory.

I could find some blog posts like this one
https://plv.csail.mit.edu/blog/computing-with-opaque-proofs.html
<https://plv.csail.mit.edu/blog/computing-with-opaque-proofs.html>
by Clément Pit-Claudel on this topic, but again it seems this
imposes some rework.

I understand Qed and Defined are different for a reason, I am just
curious whether there is a systematic way to change Qed into Defined
on a case by case basis, or if we are forced to this type of
modifications.

Is there some suggested readings on this topic?

Thanks

[Coq-Club] Qed opacity and Coq standard library, Jerome Hugues, 04/20/2021
- Re: [Coq-Club] Qed opacity and Coq standard library, Jean-Christophe Léchenet, 04/21/2021
  - Re: [Coq-Club] Qed opacity and Coq standard library, Jerome Hugues, 04/21/2021
    - Re: [Coq-Club] Qed opacity and Coq standard library, Fabian Kunze, 04/23/2021
- Re: [Coq-Club] Qed opacity and Coq standard library, Pierre-Marie Pédrot, 04/21/2021
- Re: [Coq-Club] Qed opacity and Coq standard library, Xavier Leroy, 04/21/2021
  - Re: [Coq-Club] Qed opacity and Coq standard library, Jerome Hugues, 04/23/2021
    - Re: [Coq-Club] Qed opacity and Coq standard library, Pierre Courtieu, 04/23/2021