michael/unimath2024
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
unimath2024/tactics_lecture_extended.v

1009 lines
34 KiB
Coq
Raw Normal View History

category theory
2024-08-01 22:56:54 +00:00
(** * Lecture 4: Tactics in UniMath *)
(** based on material prepared by Ralph Matthes *)
(** This is the extended version of a presentation at the
School on Univalent Mathematics 2024 in Cortona, meant for self-study
and for exploring the UniMath library.
*)
(** Compiles with the command
[[
coqc -type-in-type tactics_lecture_extended.v
]]
when Coq is set up according to the instructions for this school and the associated coqc executable
has priority in the path. However, you do not need to compile this file. The option is crucial, and
also your own developments will need the Coq options configured through the installation instructions,
most notably the present one. *)
(** Can be transformed into HTML documentation with the command
[[
coqdoc -utf8 tactics_lecture_extended.v
]]
(If internal links in the generated lecture_tactics_long_version.html are desired,
compilation with coqc is needed.)
*)
(** In Coq, one can define concepts by directly giving well-typed
terms (see Part 2), but one can also be helped in the construction by the
interactive mode.
*)
Require Import UniMath.Foundations.Preamble.
(* Require Import UniMath.CategoryTheory.All. *)
(** ** define a concept interactively: *)
Locate bool. (** a separate definition - [Init.Datatypes.bool] is in the Coq library,
not available for UniMath *)
Definition myfirsttruthvalue: bool.
(** only the identifier and its type given, not the definiens *)
(** This opens the interactive mode.
The #<a href="https://github.com/UniMath/UniMath/tree/master/UniMath/README.md##unimath-coding-style">#UniMath
style guide#</a># asks us to start what follows with [Proof.] in a separate line.
In vanilla Coq, this would be optional (it is anyway a "nop"). *)
Proof.
(** Now we still have to give the term, but we are in interactive mode. *)
(** If you want to see everything in the currently loaded part of the UniMath library
that *involves* booleans, then do *)
Search bool.
(** If you only want to find library elements that *yield* booleans, then try *)
SearchPattern bool.
(** [true] does not take an argument, and it is already a term we can take as definiens. *)
exact true.
(** [exact] is a tactic which takes the term as argument and informs Coq in the proof mode to
finish the current goal with that term. *)
(** We see in the response buffer: "No more subgoals."
Hence, there is nothing more to do, except for leaving the proof mode properly. *)
Defined.
(** [Defined.] instructs Coq to complete the whole interactive construction of a term,
verify it and to associate it with the given identifer, here [myfirsttruthvalue].
This may go wrong for different reasons, including implementation errors of the Coq
system - that will not affect trustworthiness of the library. *)
Search bool.
(** The new definition appears at the beginning of the list. *)
Print myfirsttruthvalue. (** or just point to the identifier and hit the
key combination mentioned in Part 2 *)
(** [myfirsttruthvalue relies on an unsafe universe hierarchy] is output to indicate
that we are using Coq with option [-type-in-type]. *)
(** *** a more compelling example *)
Definition mysecondtruthvalue: bool.
Proof.
Search bool.
apply negb.
(** applies the function [negb] to obtain the required boolean,
thus the system has to ask for its argument *)
exact myfirsttruthvalue.
Defined.
Print mysecondtruthvalue.
(**
[[
mysecondtruthvalue = negb myfirsttruthvalue
: bool
]]
*)
(** the definition is "as is", evaluation can be done subsequently: *)
Eval compute in mysecondtruthvalue.
(**
[[
= false
: bool
]]
*)
(** Again, not much has been gained by the interactive mode. *)
(** Here, we see a copy of the definition from the Coq library: *)
Definition andb (b1 b2: bool) : bool := if b1 then b2 else false.
(** only for illustration purposes - it would be better to define
it according to UniMath style *)
Definition mythirdtruthvalue: bool.
Proof.
Search bool.
apply andb.
(** [apply andb.] applies the function [andb] to obtain the required boolean,
thus the system has to ask for its TWO arguments, one by one. *)
(** This follows the proof pattern of "backward chaining" that tries to
attack goals instead of building up evidence. In the course of action,
more goals can be generated. The proof effort is over when no more
goal remains. *)
(** UniMath coding style asks you to use proof structuring syntax,
while vanilla Coq would allow you to write formally verified
"spaghetti code". *)
(** We tell Coq that we start working on the first subgoal. *)
-
(** only the "focused" subgoal is now on display *)
apply andb.
(** this again spawns two subgoals *)
(** we tell Coq that we start working on the first subgoal *)
+
(** normally, one would not leave the "bullet symbol" isolated in a line *)
exact mysecondtruthvalue.
+ exact myfirsttruthvalue.
(** The response buffer signals:
[[
There are unfocused goals.
]]
ProofGeneral would give more precise instructions as how to proceed.
But we know what we are doing...
*)
- exact true.
Defined.
(** The usual "UniMath bullet order" is -, +, *, --, ++, **, ---, +++, ***,
and so on (all the ones shown are being used).
Coq does not impose any order, so one can start with, e.g., *****,
if need be for the sake of experimenting with a proof.
Reuse of bullets even on one branch is possible by enclosing subproofs
in curly braces {}.
*)
Print mythirdtruthvalue.
Eval compute in mythirdtruthvalue.
(** You only saw the tactics [exact] and [apply] at work, and there was no context. *)
(** ** doing Curry-Howard logic *)
(** Interactive mode is more wide-spread when it comes to carrying out proofs
(the command [Proof.] is reminiscent of that). *)
(** Disclaimer: this section has a logical flavour, but the "connectives"
are not confined to the world of propositional or predicate logic.
In particular, there is no reference to the sort Prop of Coq.
Prop is not used at all in UniMath!
On first reading, it is useful to focus on the logical meaning. *)
Locate "->". (** non-dependent product, can be seen as implication *)
Locate "".
Print empty. (** an inductive type that has no constructor *)
Locate "¬". (** we need to refer to the UniMath library more explicitly *)
Require Import UniMath.Foundations.PartA.
(** Do not write the import statements in the middle of a vernacular file.
Here, it is done to show the order of appearance, but this is only for
reasons of pedagogy.
*)
Locate "¬".
Print neg.
(** Negation is not a native concept; it is reduced to implication,
as is usual in constructive logic. *)
Locate "×".
Print dirprod. (** non-dependent sum, can be seen as conjunction *)
Definition combinatorS (A B C: UU): (A × B -> C) × (A -> B) × A -> C.
Proof.
(** how to infer an implication? *)
intro Hyp123.
set (Hyp1 := pr1 Hyp123).
(** This is already a bit of "forward chaining" which is a fact-building process. *)
set (Hyp23 := pr2 Hyp123).
cbn in Hyp23.
(** [cbn] simplifies a goal, and [cbn in H] does this for hypothesis [H];
note that [simpl] has the same high-level description but should better
be avoided in new developments. *)
set (Hyp2 := pr1 Hyp23).
set (Hyp3 := pr2 Hyp23).
cbn in Hyp3.
apply Hyp1.
apply tpair. (** could be done with [split.] as well *)
- assumption. (** instruct Coq to look into the current context *)
(** this could be done with [exact Hyp3.] as well *)
- apply Hyp2.
assumption.
Defined.
Print combinatorS.
Eval compute in combinatorS.
Local Definition combinatorS_intro_pattern (A B C: UU):
(A × B -> C) × (A -> B) × A -> C.
Proof.
intros [Hyp1 [Hyp2 Hyp3]]. (** deconstruct the hypothesis at the time of introduction;
notice that [×] associates to the right;
[intros] can also introduce multiple hypotheses, see below *)
apply Hyp1.
split.
- assumption.
- apply Hyp2.
assumption.
Defined.
Print combinatorS_intro_pattern.
(** the two definitions are even convertible: *)
Eval compute in combinatorS_intro_pattern.
Local Lemma combinatorS_intro_pattern_is_the_same:
combinatorS = combinatorS_intro_pattern.
Proof.
apply idpath.
Defined.
(** In late 2017, [combinatorS_intro_pattern] would have contained [match] constructs,
but now, the introduction patterns use less overhead when possible. The UniMath
style guide still does not want them to be used with square brackets. *)
(** another style to make life easier: *)
Local Definition combinatorS_destruct (A B C: UU):
(A × B -> C) × (A -> B) × A -> C.
Proof.
intro Hyp123.
destruct Hyp123 as [Hyp1 Hyp23]. (** deconstruct the hypothesis when needed *)
apply Hyp1.
destruct Hyp23 as [Hyp2 Hyp3]. (** deconstruct the hypothesis when needed *)
split.
- assumption.
- apply Hyp2.
assumption.
Defined.
Print combinatorS_destruct.
(** Again, the definition is definitionally equal to the first one: *)
Eval compute in combinatorS_destruct.
Local Lemma combinatorS_destruct_is_the_same: combinatorS = combinatorS_destruct.
Proof.
apply idpath.
Defined.
(** In late 2017, [combinatorS_destruct] would also have contained [match] constructs,
which is why [destruct] is forbidden in the UniMath style guide. Now, this is fine
in our example. *)
(** The (hitherto) preferred idiom: *)
Definition combinatorS_induction (A B C: UU): (A × B -> C) × (A -> B) × A -> C.
Proof.
intro Hyp123.
induction Hyp123 as [Hyp1 Hyp23].
apply Hyp1.
induction Hyp23 as [Hyp2 Hyp3].
split.
- assumption.
- apply Hyp2.
assumption.
Defined.
Print combinatorS_induction.
Eval compute in combinatorS_induction.
(** the comfort for the user does not change the normal form of the constructed proof *)
Definition combinatorS_curried (A B C: UU): (A -> B -> C) -> (A -> B) -> A -> C.
Proof.
(** use [intro] three times or rather [intros] once; reasonable coding style
gives names to all hypotheses that are not already present
in the goal formula, see also the next definition *)
intros H1 H2 H3.
apply H1.
- assumption.
- set (proofofB := H2 H3).
(** set up abbreviations that can make use of the current context;
will be considered as an extra element of the context: *)
assumption.
Defined.
Print combinatorS_curried.
(** We see that [set] gives rise to [let]-expressions that are known
from functional programming languages, in other words: the use of
[set] is not a "macro" facility to ease typing. *)
(** [let]-bindings disappear when computing the normal form of a term: *)
Eval compute in combinatorS_curried.
(** [set] can only be used if the term of the desired type is provided,
but we can also work interactively as follows: *)
Definition combinatorS_curried_with_assert (A B C: UU):
(A -> B -> C) -> (A -> B) -> A -> C.
Proof.
intros H1 H2 H3.
(** we can momentarily forget about our goal and build up knowledge: *)
assert (proofofB : B).
(** the current goal [C] becomes the second sub-goal, and the new current goal is [B] *)
(** It is not wise to handle this situation by "bullets" since many assertions
can appear in a linearly thought argument. It would pretend a tree structure
although it would rather be a comb. The proof of the assertion should
be packaged by enclosing it in curly braces like so: *)
{ apply H2.
assumption.
}
(** Now, [proofofB] is in the context with type [B]. *)
apply H1.
- assumption.
- assumption.
Defined.
(** the wildcard [?] for [intros] *)
Definition combinatorS_curried_variant (A B C: UU):
(A -> B -> C) -> (A -> B) -> forall H7: A, C.
Proof.
intros H1 H2 ?.
(** a question mark instructs Coq to use the corresponding identifier
from the goal formula *)
exact (H1 H7 (H2 H7)).
Defined.
(** the wildcard [_] for [intros] forgets the respective hypothesis *)
Locate "⨿". (** this symbol is typed as \amalg when the recommended extension
packages for VSCode are loaded *)
Print coprod. (** defined in UniMath preamble as inductive type,
can be seen as disjunction *)
Locate "".
Locate "=". (** the identity type of UniMath *)
Print paths.
(** A word of warning for those who read "Coq in a Hurry": [SearchRewrite]
does not find equations w.r.t. this notion, only w.r.t. Coq's built-in
propositional equality. *)
SearchPattern (paths _ _).
(** Among the search results is [pathsinv0r] that has [idpath] in its conclusion. *)
SearchRewrite idpath.
(** No result! *)
(** *** How to decompose formulas *)
(** In "Coq in a Hurry", Yves Bertot gives recipes for decomposing the usual logical
connectives. Crucially, one has to distinguish between decomposition of the goal
or decomposition of a hypothesis in the context.
Here, we do it alike.
*)
(** **** Decomposition of goal formulas:
A1,...,An -> B: tactic [intro] or [intros]
[¬ A]: idem (negation is defined through implication)
Π-type: idem (implication is a special case of product)
[×]: [apply dirprodpair], less specifically [apply tpair] or [split]
Σ-type: [use tpair] or [exists] or [split with], see explanations below
[A ⨿ B]: [apply ii1] or [apply ii2], but this constitutes a choice
of which way to go
[A = B]: [apply idpath], however this only works when the expressions
are convertible
[nat]: [exact 1000], for example (a logical reading is not
useful for this type); beware that UniMath knows only 27 numerals,
[Goal nat. Fail exact 2022.] leads to
[[
The command has indeed failed with message: No interpretation for number "2022".
]]
*)
(** **** Decomposition of formula of hypothesis [H]:
[]: [induction H]
This terminates a goal. (It corresponds to ex falso quodlibet.)
There is naturally no recipe for getting rid of [] in the conclusion.
But [apply fromempty] allows to replace any goal by [].
A1,...,An -> B: [apply H], but the formula has to fit with the goal
[×]: [induction H as [H1 H2]]
As seen above, this introduces names of hypotheses for the two components.
Σ-type: idem, but rather more asymmetric as [induction H as [x H']]
[A ⨿ B]: [induction H as [H1 | H2]]
This introduces names for the hypotheses in the two branches.
[A = B]: [induction H]
The supposedly equal [A] and [B] become the same [A] in the goal.
This is the least intuitive rule for the non-expert in type theory.
[nat]: [induction n as [ | n IH]]
Here, we assume that the hypothesis has the name [n] which
is more idiomatic than [H], and there is no extra name in
the base case, while in the step case, the preceding number
is now given the name [n] and the induction hypothesis is
named [IH].
*)
(** ** Handling unfinished proofs *)
(** In the middle of a proof effort - not in the UniMath library - you can use
[admit] to abandon the current goal. *)
Local Lemma badex1 (A: UU): × (A -> A).
Proof.
split.
- (** seems difficult in the current context *)
admit.
(** we continue with decent proof work: *)
- intro H.
assumption.
Admitted.
(** This is strictly forbidden to commit to UniMath! [admit] allows to pursue the other goals,
while [Admitted.] makes the lemma available for further proofs. A warning is shown that
[badex1] has been assumed as axiom. *)
(** An alternative to interrupt work on a proof: *)
Lemma badex2 (A: UU): × (A -> A).
Proof.
split.
-
Abort.
(** [badex2] is not in the symbol table. *)
(** [Abort.] is a way of documenting a problem with proving a result.
At least, Coq can check the partial proof up to the [Abort.] command. *)
(** ** Working with holes in proofs *)
(** Our previous proofs were particularly clear because the goal formulas
and all hypotheses were fully given by the system.
*)
Print pathscomp0.
(** This is the UniMath proof of transitivity of equality. *)
(** The salient feature of transitivity is that the intermediate
expression cannot be deduced from the equation to be proven. *)
Lemma badex3 (A B C D: UU) : ((A × B) × (C × D)) = (A × (B × C) × D).
(** Notice that the outermost parentheses are needed here. *)
Proof.
Fail apply pathscomp0.
(**
[[
The command has indeed failed with message:
Cannot infer the implicit parameter b of pathscomp0 whose type is
"Type" in environment:
A, B, C, D : UU
]]
[Fail] announces failure and therefore allows to continue with
the interpretation of the vernacular file.
We need to help Coq with the argument [b] to [pathscomp0].
*)
apply (pathscomp0 (b := A × (B × (C × D)))).
- (** is this not just associativity with third argument [C × D]? *)
SearchPattern (_ × _ = _ × _).
(** Nothing for our equation - we can only hope for weak equivalence ≃. *)
Abort.
SearchPattern(_ _).
Print weqcomp.
Print weqdirprodasstor.
Print weqdirprodasstol.
Print weqdirprodf.
Print idweq.
Lemma assocex (A B C D: UU) : ((A × B) × (C × D)) (A × (B × C) × D).
Proof.
Fail apply weqcomp.
eapply weqcomp.
(** [eapply] generates "existential variables" for the expressions
it cannot infer from applying a lemma.
The further proof will narrow on those variables and finally
make them disappear - otherwise, the proof is not considered
completed.
*)
- (** We recall that on this side, only associativity was missing. *)
apply weqdirprodasstor.
- (** The subgoal is now fully given. *)
(** The missing link is associativity, but only on the
right-hand side of the top [×] symbol. *)
apply weqdirprodf.
+ apply idweq.
+ apply weqdirprodasstol.
Defined.
(** Warning: tactic [exact] does not work if there are existential
variables in the goal, but [eexact] can then be tried. *)
Lemma sumex (A: UU) (P Q: A -> UU):
( x: A, P x × Q x) -> ( x: A, P x) × x:A, Q x.
Proof.
(** decompose the implication: *)
intro H.
(** decompose the Σ-type: *)
induction H as [x H'].
(** decompose the pair: *)
induction H' as [H1 H2].
(** decompose the pair in the goal *)
split.
- Fail split.
(**
[[
The command has indeed failed with message:
Unable to find an instance for the variable pr1.
]]
*)
Fail (apply tpair).
(** A simple way out, by providing the first component: *)
split with x. (** [exists x] does the same *)
assumption.
- (** or use [eapply] and create an existential variable: *)
eapply tpair.
Fail assumption. (** the assumption [H2] does not agree with the goal *)
eexact H2.
Defined.
(** Notice that [eapply tpair] is not used in the UniMath library,
since [use tpair] normally comes in handier, see below. *)
(** *** Warning on existential variables *)
(** It may happen that the process of instantiating existential variables
is not completed when all goals have been treated.
*)
(** an example adapted from one by Arnaud Spiwack, ~2007 *)
About unit. (** from the UniMath preamble *)
Local Definition P (x:nat) := unit.
Lemma uninstex: unit.
Proof.
refine ((fun x:P _ => _) _).
(** [refine] is like [exact], but one can leave holes with the wildcard "_".
This tactic should hardly be needed since most uses in UniMath
can be replaced by a use of the "tactic" [use], see further down
on this tactic notation for an Ltac definition.
Still, [refine] can come to rescue in difficult situations,
in particular during proof development. Its simpler variant
[simple refine] is captured by the [use] "tactic".
*)
- exact tt.
- exact tt.
(** Now, Coq presents a subgoal that pops up from the "shelved goals".
Still, no more "-" bullets can be used.
[[ -
Error: Wrong bullet - : No more subgoals.
]]
*)
Show Existentials.
(** a natural number is still being asked for *)
Unshelve.
(** Like this, we can focus on the remaining goal. *)
exact 0.
Defined.
(** one can also name the existential variables in [refine]: *)
Lemma uninstexnamed: unit.
Proof.
refine ((fun x:P ?[n] => _) _). (** give a name to the existential variable *)
- exact tt.
- exact tt.
Show Existentials.
Unshelve.
instantiate (n := 0). (** more symbols to type but better to grasp *)
Defined.
(** ** a bit more on equational reasoning *)
Section homot.
(** A section allows to introduce local variables/parameters
that will be bound outside of the section. *)
Locate "~".
(** printing ~ #~# *)
Print homot. (** this is just pointwise equality *)
Print idfun. (** the identity function *)
Locate "". (** exchanges the arguments of [funcomp] *)
Print funcomp.
(** plain function composition in diagrammatic order, i.e.,
first the first argument, then the second argument;
the second argument may even have a dependent type *)
Context (A B: UU).
(** makes good sense in a section, can be put in curly braces to indicate
they will be implicit arguments for every construction in the section *)
Definition interestingstatement : UU :=
(v w : A B) (v' w' : B A),
w w' ~ idfun B v' v ~ idfun A v' ~ w' v ~ w.
Check (isinjinvmap': interestingstatement).
Lemma ourisinjinvmap': interestingstatement.
Proof.
intros. (** is a nop since the formula structure is not analyzed *)
unfold interestingstatement. (** [unfold] unfolds a definition *)
intros ? ? ? ? homoth1 homoth2 hyp a.
(** the extra element [a] triggers Coq to unfold the formula further;
[unfold interestingstatement] was there only for illustration! *)
(** we want to use transitivity that is expressed by [pathscomp0] and
instruct Coq to take a specific intermediate term *)
Print Ltac intermediate_path. (** not telling because implicit arg. is not shown *)
intermediate_path (w (w' (v a))).
- apply pathsinv0. (** apply symmetry of equality *)
unfold homot in homoth1.
unfold funcomp in homoth1.
unfold idfun in homoth1.
apply homoth1. (** all the [unfold] were only for illustration! *)
-
Print maponpaths.
apply maponpaths.
unfold homot in hyp.
(** we use the equation in [hyp] from right to left, i.e., backwards: *)
rewrite <- hyp.
(** remark: for a forward rewrite, use [rewrite] without directional
argument *)
(** beautify the current goal: *)
change ((v' v) a = idfun A a).
(** just for illustration of [change] that allows to replace the goal
by a convertible expression; also works for hypotheses, e.g.: *)
change (v' ~ w') in hyp.
(** since [hyp] was no longer necessary, we should rather have deleted it: *)
clear hyp.
apply homoth2.
Defined.
Context (v w: A -> B) (v' w': B A).
Eval compute in (ourisinjinvmap' v w v' w').
Opaque ourisinjinvmap'.
Eval compute in (ourisinjinvmap' v w v' w').
(** [Opaque] made the definition opaque in the sense that the identifier
is still in the symbol table, together with its type, but that it does
not evaluate to anything but itself.
If inhabitants of a type are irrelevant (for example if it is known
that there is at most one inhabitant, and if one therefore is not interested
in computing with that inhabitant), then opaqueness is an asset to make
the subsequent proof process lighter.
[Opaque] can be undone with [Transparent]:
*)
Transparent ourisinjinvmap'.
Eval compute in (ourisinjinvmap' v w v' w').
(** If one uses [Compute] in place of [Eval compute in], then [Opaque] has no effect. *)
(** Full and irreversible opaqueness is obtained for a construction
in interactive mode by completing it with [Qed.] in place of [Defined.]
Using [Qed.] is discouraged by the UniMath style guide. In Coq,
most lemmas, theorems, etc. (nearly every assertion in [Prop]) are
made opaque in this way. In UniMath, many lemmas enter subsequent
computation, and one should have good reasons for not closing an
interactive construction with [Defined.]. More than 5kloc of the UniMath
library have [Qed.], so these good reasons do exist and are not rare.
*)
End homot.
Check ourisinjinvmap'.
(** The section parameters [A] and [B] are abstracted away after the end
of the section - only the relevant ones. *)
(** [assert] is a "chameleon" w.r.t. to opaqueness: *)
Definition combinatorS_curried_with_assert2 (A B C: UU):
(A -> B -> C) -> (A -> B) -> A -> C.
Proof.
intros H1 H2 H3.
assert (proofofB : B).
{ apply H2.
assumption.
}
(** [proofofB] is just an identifier and not associated to the
construction we gave. Hence, the proof is opaque for us. *)
apply H1.
- assumption.
- assumption.
Defined.
Print combinatorS_curried_with_assert2.
(** We see that [proofofB] is there with its definition, so it is
transparent.
See much further below for [transparent assert] that is like
[assert], but consistently transparent.
*)
(** ** composing tactics *)
(** Up to now, we "composed" tactics in two ways: we gave them sequentially,
separated by periods, or we introduced a tree structure through the
"bullet" notation. We did not think of these operations as composition
of tactics, in particular since we had to trigger each of them separately
in interactive mode. However, we can also explicitly compose them, like so:
*)
Definition combinatorS_induction_in_one_step (A B C: UU):
(A × B -> C) × (A -> B) × A -> C.
Proof.
intro Hyp123;
induction Hyp123 as [Hyp1 Hyp23];
apply Hyp1;
induction Hyp23 as [Hyp2 Hyp3];
split;
[ assumption
| apply Hyp2;
assumption].
Defined.
(** The sequential composition is written by (infix) semicolon,
and the two branches reated by [split] are treated in the
|-separated list of arguments to the brackets. *)
(** Why would we want to do such compositions? There are at least four good reasons:
(1) We indicate that the intermediate results are irrelevant for someone who
executes the script so as to understand how and why the construction /
the proof works.
(2) The same tactic (expression) can uniformly treat all sub-goals stemming
from the preceding tactic application, as will be shown next.
*)
Definition combinatorS_curried_with_assert_in_one_step (A B C: UU):
(A -> B -> C) -> (A -> B) -> A -> C.
Proof.
intros H1 H2 H3;
assert (proofofB : B) by
( apply H2;
assumption
);
apply H1;
assumption.
Defined.
(** This illustrates the grouping of tactic expressions by parentheses, the variant
[assert by] of [assert] used when only one tactic expression forms the proof of
the assertion, and also point (2): the last line is simpler than the expected line
[[
[assumption | assumption].
]]
*)
(** Why would we want to do such compositions (cont'd)?
(3) We want to capture recurring patterns of construction / proof by tactics into
reusable Ltac definitions, see below.
(4) We want to make use of the [abstract] facility, explained now.
*)
Definition combinatorS_induction_with_abstract (A B C: UU):
(A × B -> C) × (A -> B) × A -> C.
Proof.
intro Hyp123;
induction Hyp123 as [Hyp1 Hyp23];
apply Hyp1;
induction Hyp23 as [Hyp2 Hyp3].
(** Now imagine that the following proof was very complicated but had no computational
relevance, i.e., could also be packed into a lemma whose proof would be finished
by [Qed]. We can encapsulate it into [abstract]: *)
abstract (split;
[ assumption
| apply Hyp2;
assumption]).
Defined.
Print combinatorS_induction_with_abstract.
(** The term features an occurrence of [combinatorS_induction_with_abstract_subproof]
that contains the abstracted part; using the latter name is forbidden by the
UniMath style guide. Note that [abstract] is used hundreds of times in the
UniMath library. *)
(** *** Ltac language for defining tactics *)
(** Disclaimer: Ltac can do more than that, in fact Ltac is the name of the
whole tactic language of Coq. *)
(** Ltac definitions can associate identifiers for tactics with tactic expressions.
We have already used one such identifier: [intermediate_path] in the [Foundations]
package of UniMath. In file [PartA.v], we have the code
[[
Ltac intermediate_path x := apply (pathscomp0 (b := x)).
]]
*)
Print Ltac intermediate_path.
(** does not show the formal argument [x] in the right-hand side.
Remedy (in ProofGeneral but not in VSCode): *)
Set Printing All.
Print Ltac intermediate_path.
Unset Printing All.
(** The problem with these Ltac definitions is that they are barely typed, they
behave rather like LaTeX macros. *)
Local Ltac intermediate_path_wrong x := apply (pathscomp0 (X := x)(b := x)).
(** This definition confounds the type argument [X] and its element [b].
The soundness of Coq is not at stake here, but the errors only appear
at runtime, as we will see below. Normal printing output hides the difference
with the correct tactic definition: *)
Print Ltac intermediate_path_wrong.
Section homot2.
Context (A B : UU).
Lemma ourisinjinvmap'_failed_proof: interestingstatement A B.
Proof.
intros ? ? ? ? homoth1 homoth2 hyp a.
Fail intermediate_path_wrong (w (w' (v a))).
(** The message does not point to the problem that argument [x] appears
a second time in the Ltac definition with a different needed type. *)
Abort.
End homot2.
(** See #<a href="https://github.com/UniMath/UniMath/blob/master/UniMath/PAdics/frac.v##L23">#[https://github.com/UniMath/UniMath/blob/master/UniMath/PAdics/frac.v#L23]#</a>#
for a huge Ltac definition in the UniMath library to appreciate the lack
of type information. *)
(** The UniMath library provides some Ltac definitions for general use: *)
Print Ltac etrans. (** no need to explain - rather an abbreviation *)
Set Printing All.
Print Ltac intermediate_weq. (** problem with VSCode analogous to [intermediate_path] *)
Unset Printing All.
(** for the next tactic *)
Require Import UniMath.MoreFoundations.Tactics.
Set Printing All.
Print Ltac show_id_type.
(** output with ProofGeneral (output with VSCode falls again short of crucial information)
[[
Ltac show_id_type :=
match goal with
| |- @paths ?ID _ _ => set (TYPE := ID); simpl in TYPE
end
]]
Hardly ever present in proofs in the library, but it can be an excellent tool
while trying to prove an equation: it puts the index of the path space
into the context. This index is invisible in the notation with an equals
sign that one normally sees as the goal, and coercions can easily give a wrong
impression about that index. *)
Unset Printing All.
(** **** The most useful Ltac definition of UniMath *)
Print Ltac simple_rapply.
(** It applies the [simple refine] tactic with zero up to fifteen unknown
arguments. *)
(** This tactic must not be used in UniMath since a "tactic notation"
is favoured: [Foundations/Preamble.v] contains the definition
[[
Tactic Notation "use" uconstr(p) := simple_rapply p.
]]
Use of [use]:
*)
Lemma sumex_with_use (A: UU) (P Q: A -> UU):
( x:A, P x × Q x) -> ( x:A, P x) × x:A, Q x.
Proof.
intro H; induction H as [x H']; induction H' as [H1 H2].
split.
- use tpair.
+ assumption.
+ cbn. (** this is often necessary since [use] does as little as possible *)
assumption.
- (** to remind the version where the "witness" is given explicitly: *)
exists x; assumption.
Defined.
(** To conclude: [use tpair] is the right idiom for an interactive
construction of inhabitants of Σ-types. Note that the second
generated sub-goal may need [cbn] to make further tactics
applicable.
If the first component of the inhabitant is already at hand,
then the "exists" tactic yields a leaner proof script.
[use] is not confined to Σ-types. Whenever one would be
inclined to start trying to apply a lemma [H] with a varying
number of underscores, [use H] may be a better option.
*)
(** There is another recommendable tactic notation that is also by
Jason Gross:
[[
Tactic Notation "transparent" "assert"
"(" ident(name) ":" constr(type) ")" :=
simple refine (let name := (_ : type) in _).
]]
*)
Definition combinatorS_curried_with_transparent_assert (A B C: UU):
(A -> B -> C) -> (A -> B) -> A -> C.
Proof.
intros H1 H2 H3.
transparent assert (proofofB : B).
{ apply H2; assumption. } (** There is no [transparent assert by]. *)
(** Now, [proofB] is present with the constructed proof of [B]. *)
Abort.
(** To conclude: [transparent assert] is a replacement for [assert]
if the construction of the assertion is needed in the rest of
the proof.
*)
(** ** a final word, just on searching the library *)
(** [SearchPattern] searches for the given pattern in what the library
gives as *conclusions* of definitions, lemmas, etc., and the current
hypotheses.
[Search] searches in the (full) types of all the library elements (and
the current hypotheses). It may provide too many irrelevant result
for your question. At least, it will also show all the relevant ones.
Anyway, only the imported part of the library is searched. The quick
way for importing the whole UniMath library is
[[
Require Import UniMath.All.
]]
You may test it with
[[
SearchPattern (_ _).
]]
with very numerous results.
*)
(** ** List of tactics that were mentioned *)
(**
[[
exact
apply
intro
set
cbn / cbn in (old but sometimes useful form: simpl / simpl in)
assumption
intros (with pattern, with wild cards)
split / split with / exists
destruct as --- not desirable in UniMath
induction / induction as
admit --- only during proof development
eapply
eexact
refine --- first consider "use" instead
instantiate
unfold / unfold in
intermediate_path (Ltac def.)
rewrite / rewrite <-
change / change in
clear
assert {} / assert by
abstract
etrans (Ltac def.)
intermediate_weq (Ltac def.)
show_id_type (Ltac def.)
simple_rapply (Ltac def., not to be used)
use (Ltac notation)
transparent assert (Ltac notation)
]]
*)
(* End of file *)
Reference in a new issue Copy permalink