finished rewriting about to start Leibniz
This commit is contained in:
parent
27b038de35
commit
dd021129f2
1 changed files with 107 additions and 91 deletions
|
@ -56,8 +56,8 @@ but on the left-hand side of the equation the argument has been instantiated to
|
||||||
which requires that `x` and `y` are the same. Hence, for the right-hand side of the equation
|
which requires that `x` and `y` are the same. Hence, for the right-hand side of the equation
|
||||||
we need a term of type `x ≡ x`, and `refl` will do.
|
we need a term of type `x ≡ x`, and `refl` will do.
|
||||||
|
|
||||||
It is instructive to create the definition of `sym` interactively.
|
It is instructive to develop `sym` interactively.
|
||||||
Say we use a variable for the argument on the left, and a hole for the term on the right:
|
To start, we supply a variable for the argument on the left, and a hole for the body on the right:
|
||||||
|
|
||||||
sym : ∀ {ℓ} {A : Set ℓ} {x y : A} → x ≡ y → y ≡ x
|
sym : ∀ {ℓ} {A : Set ℓ} {x y : A} → x ≡ y → y ≡ x
|
||||||
sym r = {! !}
|
sym r = {! !}
|
||||||
|
@ -190,8 +190,8 @@ where `e` is a proof of an equivalence.
|
||||||
|
|
||||||
## Tabular reasoning, another example
|
## Tabular reasoning, another example
|
||||||
|
|
||||||
As a second example of tabular reasoning, we consider the proof that zero is a right identity for
|
As a second example of tabular reasoning, we consider the proof that addition
|
||||||
addition. We first repeat the definitions of naturals and addition.
|
is commutative. We first repeat the definitions of naturals and addition.
|
||||||
We cannot import them because (as noted at the beginning of this chapter)
|
We cannot import them because (as noted at the beginning of this chapter)
|
||||||
it would cause a conflict.
|
it would cause a conflict.
|
||||||
\begin{code}
|
\begin{code}
|
||||||
|
@ -204,22 +204,31 @@ zero + n = n
|
||||||
(suc m) + n = suc (m + n)
|
(suc m) + n = suc (m + n)
|
||||||
\end{code}
|
\end{code}
|
||||||
|
|
||||||
We now repeat the proof that zero is a right identity.
|
We save space we postulate (rather than prove in full) two lemmas,
|
||||||
|
and then repeat the proof of commutativity.
|
||||||
\begin{code}
|
\begin{code}
|
||||||
|
postulate
|
||||||
+-identity : ∀ (m : ℕ) → m + zero ≡ m
|
+-identity : ∀ (m : ℕ) → m + zero ≡ m
|
||||||
+-identity zero =
|
+-suc : ∀ (m n : ℕ) → m + suc n ≡ suc (m + n)
|
||||||
|
|
||||||
|
+-comm : ∀ (m n : ℕ) → m + n ≡ n + m
|
||||||
|
+-comm m zero =
|
||||||
begin
|
begin
|
||||||
zero + zero
|
m + zero
|
||||||
|
≡⟨ +-identity m ⟩
|
||||||
|
m
|
||||||
≡⟨⟩
|
≡⟨⟩
|
||||||
zero
|
zero + m
|
||||||
∎
|
∎
|
||||||
+-identity (suc m) =
|
+-comm m (suc n) =
|
||||||
begin
|
begin
|
||||||
suc m + zero
|
m + suc n
|
||||||
|
≡⟨ +-suc m n ⟩
|
||||||
|
suc (m + n)
|
||||||
|
≡⟨ cong suc (+-comm m n) ⟩
|
||||||
|
suc (n + m)
|
||||||
≡⟨⟩
|
≡⟨⟩
|
||||||
suc (m + zero)
|
suc n + m
|
||||||
≡⟨ cong suc (+-identity m) ⟩
|
|
||||||
suc m
|
|
||||||
∎
|
∎
|
||||||
\end{code}
|
\end{code}
|
||||||
The tabular reasoning here is similar to that in the
|
The tabular reasoning here is similar to that in the
|
||||||
|
@ -231,21 +240,17 @@ to `≡⟨ refl ⟩`.
|
||||||
Agda always treats a term as equivalent to its
|
Agda always treats a term as equivalent to its
|
||||||
simplified term. The reason that one can write
|
simplified term. The reason that one can write
|
||||||
|
|
||||||
begin
|
suc (n + m)
|
||||||
zero + zero
|
|
||||||
≡⟨⟩
|
≡⟨⟩
|
||||||
zero
|
suc n + m
|
||||||
∎
|
|
||||||
|
|
||||||
is because Agda treats `zero + zero` and `zero` as the
|
is because Agda treats both terms as the same.
|
||||||
same thing. This also means that one could instead write
|
This also means that one could instead interchange
|
||||||
the proof in the form
|
the lines and write
|
||||||
|
|
||||||
begin
|
suc n + m
|
||||||
zero
|
|
||||||
≡⟨⟩
|
≡⟨⟩
|
||||||
zero + zero
|
suc (n + m)
|
||||||
∎
|
|
||||||
|
|
||||||
and Agda would not object. Agda only checks that the terms
|
and Agda would not object. Agda only checks that the terms
|
||||||
separated by `≡⟨⟩` are equivalent; it's up to us to write
|
separated by `≡⟨⟩` are equivalent; it's up to us to write
|
||||||
|
@ -259,12 +264,12 @@ data even : ℕ → Set where
|
||||||
ev0 : even zero
|
ev0 : even zero
|
||||||
ev+2 : ∀ {n : ℕ} → even n → even (suc (suc n))
|
ev+2 : ∀ {n : ℕ} → even n → even (suc (suc n))
|
||||||
\end{code}
|
\end{code}
|
||||||
In the previous section, we proved `m + zero ≡ m`.
|
In the previous section, we proved addition is commutative.
|
||||||
Given evidence that `even (m + zero)` holds,
|
Given evidence that `even (m + n)` holds,
|
||||||
we ought also to be able to take that as evidence
|
we ought also to be able to take that as evidence
|
||||||
that `even m` holds.
|
that `even (n + m)` holds.
|
||||||
|
|
||||||
Agda supports special notation to support just this
|
Agda includes special notation to support just this
|
||||||
kind of reasoning. To enable this notation, we use
|
kind of reasoning. To enable this notation, we use
|
||||||
pragmas to tell Agda which types and constructors
|
pragmas to tell Agda which types and constructors
|
||||||
correspond to equivalence and refl.
|
correspond to equivalence and refl.
|
||||||
|
@ -273,79 +278,90 @@ correspond to equivalence and refl.
|
||||||
{-# BUILTIN REFL refl #-}
|
{-# BUILTIN REFL refl #-}
|
||||||
\end{code}
|
\end{code}
|
||||||
|
|
||||||
We can the prove the desired fact by rewriting.
|
We can then prove the desired property as follows.
|
||||||
\begin{code}
|
\begin{code}
|
||||||
even-identity : ∀ (m : ℕ) → even (m + zero) → even m
|
even-comm : ∀ (m n : ℕ) → even (m + n) → even (n + m)
|
||||||
even-identity m ev rewrite +-identity m = ev
|
even-comm m n ev rewrite +-comm m n = ev
|
||||||
\end{code}
|
\end{code}
|
||||||
It is instructive to develop the code interactively.
|
Here `ev` ranges over evidence that `even (m + n)` holds, and we show
|
||||||
|
that it is also provides evidence that `even (n + m)` holds. In
|
||||||
|
general, the keyword `rewrite` is followed by evidence of an
|
||||||
|
equivalence, and that equivalence is used to rewrite the type of the
|
||||||
|
goal and of any variable in scope.
|
||||||
|
|
||||||
|
It is instructive to develop `even-comm` interactively.
|
||||||
|
To start, we supply variables for the arguments on the left, and a hole for the body on the right:
|
||||||
We can also prove the converse.
|
|
||||||
\begin{code}
|
|
||||||
even-identity⁻¹ : ∀ (m : ℕ) → even m → even (m + zero)
|
|
||||||
even-identity⁻¹ m ev rewrite sym (+-identity m) = {!!}
|
|
||||||
\end{code}
|
|
||||||
|
|
||||||
|
|
||||||
\begin{code}
|
|
||||||
postulate
|
|
||||||
+-comm : ∀ (m n : ℕ) → m + n ≡ n + m
|
|
||||||
|
|
||||||
even-comm : ∀ (m n : ℕ) → even (m + n) → even (n + m)
|
even-comm : ∀ (m n : ℕ) → even (m + n) → even (n + m)
|
||||||
even-comm m n ev rewrite sym (+-comm m n) = {!!}
|
even-comm m n ev = {! !}
|
||||||
\end{code}
|
|
||||||
|
If we go into the hole and type `C-C C-,` then Agda reports:
|
||||||
|
|
||||||
|
Goal: even (n + m)
|
||||||
|
————————————————————————————————————————————————————————————
|
||||||
|
ev : even (m + n)
|
||||||
|
n : ℕ
|
||||||
|
m : ℕ
|
||||||
|
|
||||||
|
Now we add the rewrite.
|
||||||
|
|
||||||
|
even-comm : ∀ (m n : ℕ) → even (m + n) → even (n + m)
|
||||||
|
even-comm m n ev rewrite +-comm m n = {! !}
|
||||||
|
|
||||||
|
If we go into the hole again and type `C-C C-,` then Agda now reports:
|
||||||
|
|
||||||
|
Goal: even (n + m)
|
||||||
|
————————————————————————————————————————————————————————————
|
||||||
|
ev : even (n + m)
|
||||||
|
n : ℕ
|
||||||
|
m : ℕ
|
||||||
|
|
||||||
|
Now it is trivial to see that `ev` satisfies the goal, and typing `C-C C-A` in the
|
||||||
|
hole causes it to be filled with `ev`.
|
||||||
|
|
||||||
|
|
||||||
|
## Multiple rewrites
|
||||||
|
|
||||||
Here is a proof of that claim
|
One may perform multiple rewrites, each separated by a vertical bar. For instance,
|
||||||
in Agda.
|
here is a second proof that addition is commutative, relying on rewrites rather
|
||||||
|
than tabular reasoning.
|
||||||
\begin{code}
|
\begin{code}
|
||||||
even-id′ : ∀ (m : ℕ) → even m → even (m + zero)
|
+-comm′ : ∀ (m n : ℕ) → m + n ≡ n + m
|
||||||
even-id′ m ev with m + zero | (+-identity m)
|
+-comm′ zero n rewrite +-identity n = refl
|
||||||
... | .m | refl = ev
|
+-comm′ (suc m) n rewrite +-suc n m | +-comm m n = refl
|
||||||
\end{code}
|
\end{code}
|
||||||
The first clause asserts that `m + zero` and `m` are
|
This is far more compact. Among other things, whereas the previous
|
||||||
identical, and the second clause justifies that assertion
|
proof required `cong suc (+-comm m n)` as the justification to invoke the
|
||||||
with evidence of the appropriate equation. Note the
|
inductive hypothesis, here it is sufficient to rewrite with `+-comm m n`, as
|
||||||
use of the "dot pattern" `.m`. A dot pattern is followed
|
rewriting automatically takes congruence into account. Although proofs
|
||||||
by an expression (it need not be a variable, as it is in
|
with rewriting are shorter, proofs in tabular form make the reasoning
|
||||||
this case) and is made when other information allows one
|
involved easier to follow, and we will stick with the latter when feasible.
|
||||||
to identify the expession in the `with` clause with the
|
|
||||||
given expression. In this case, the identification of
|
|
||||||
`m + zero` and `m` is justified by the subsequent matching
|
|
||||||
of `+-identity m` against `refl`.
|
|
||||||
|
|
||||||
This is a lot of work to prove something straightforward!
|
|
||||||
Because this style of reasoning occurs often, Agda supports
|
|
||||||
a special notation
|
|
||||||
|
|
||||||
|
|
||||||
even-id′ : ∀ (m : ℕ) → even (m + zero) → even m
|
## Rewriting expanded
|
||||||
even-id′ m ev = {!!}
|
|
||||||
|
|
||||||
Goal: even m
|
The `rewrite` notation is in fact shorthand for an appropriate use of `with`
|
||||||
————————————————————————————————————————————————————————————
|
abstraction.
|
||||||
ev : even (m + zero)
|
\begin{code}
|
||||||
m : ℕ
|
even-comm′ : ∀ (m n : ℕ) → even (m + n) → even (n + m)
|
||||||
|
even-comm′ m n ev with m + n | +-comm m n
|
||||||
|
... | .(n + m) | refl = ev
|
||||||
|
\end{code}
|
||||||
|
The first clause asserts that `m + n` and `n + m` are identical, and
|
||||||
|
the second clause justifies that assertion with evidence of the
|
||||||
|
appropriate equivalence. Note the use of the "dot pattern" `.(n +
|
||||||
|
m)`. A dot pattern is followed by an expression and is made when
|
||||||
|
other information allows one to identify the expession in the `with`
|
||||||
|
clause with the expression it matches against. In this case, the
|
||||||
|
identification of `m + n` and `n + m` is justified by the subsequent
|
||||||
|
matching of `+-comm m n` against `refl`. One might think that the
|
||||||
|
first clause is redundant as the information is inherent in the second
|
||||||
|
clause, but in fact Agda is rather picky on this point: omitting the
|
||||||
|
first clause or reversing the order of the clauses will cause Agda to
|
||||||
|
report an error. (Try it and see!)
|
||||||
|
|
||||||
|
|
||||||
even-id′ : ∀ (m : ℕ) → even (m + zero) → even m
|
## Leibniz equality
|
||||||
even-id′ m ev with m + zero | +-identity m
|
|
||||||
... | u | v = {!!}
|
|
||||||
|
|
||||||
Goal: even m
|
|
||||||
————————————————————————————————————————————————————————————
|
|
||||||
ev : even u
|
|
||||||
v : u ≡ m
|
|
||||||
u : ℕ
|
|
||||||
m : ℕ
|
|
||||||
|
|
||||||
|
|
||||||
> Cannot solve variable m of type ℕ with solution m + zero because
|
|
||||||
> the variable occurs in the solution, or in the type one of the
|
|
||||||
> variables in the solution
|
|
||||||
> when checking that the pattern refl has type (m + zero) ≡ m
|
|
||||||
|
|
||||||
|
|
||||||
|
The form of asserting equivalence that we have used is due to Martin Löf,
|
||||||
|
and was introduced in the 1970s.
|
||||||
|
|
Loading…
Reference in a new issue